phil/StarPunk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Change auth blueprint prefix from /admin to /auth (v0.9.2)

Browse Source 
The auth routes were registered under /admin/* but the IndieAuth
redirect_uri was configured as /auth/callback, causing 404 errors
when providers redirected back after authentication.

- Change auth blueprint url_prefix from "/admin" to "/auth"
- Update test expectations for new auth route paths
- Add ADR-022 documenting the architectural decision

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Phil Skentelbery
2025-11-22 18:22:08 -07:00
parent 78165ad3be
commit 44a97e4ffa
8 changed files with 308 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/test_routes_dev_auth.py
View File

@@ -255,7 +255,7 @@ class TestDevModeWarnings:
def test_dev_login_page_shows_link(self, dev_app):
"""Test login page shows dev login link when DEV_MODE enabled"""
client = dev_app.test_client()
response = client.get("/admin/login")
response = client.get("/auth/login")
assert response.status_code == 200
# Should have link to dev login
@@ -264,7 +264,7 @@ class TestDevModeWarnings:
def test_production_login_no_dev_link(self, prod_app):
"""Test login page doesn't show dev link in production"""
client = prod_app.test_client()
response = client.get("/admin/login")
response = client.get("/auth/login")
assert response.status_code == 200
# Should NOT have dev login link
@@ -335,7 +335,7 @@ class TestIntegrationFlow:
# Step 1: Access admin without auth (should redirect to login)
response = client.get("/admin/", follow_redirects=False)
assert response.status_code == 302
assert "/admin/login" in response.location
assert "/auth/login" in response.location
# Step 2: Use dev login
response = client.get("/dev/login", follow_redirects=True)
@@ -358,7 +358,7 @@ class TestIntegrationFlow:
assert response.status_code == 200
# Step 5: Logout
response = client.post("/admin/logout", follow_redirects=True)
response = client.post("/auth/logout", follow_redirects=True)
assert response.status_code == 200
# Step 6: Verify can't access admin anymore