Phil Skentelbery
0cca8169ce
## Phase 4: Web Interface Implementation Implemented complete web interface with public and admin routes, templates, CSS, and development authentication. ### Core Features **Public Routes**: - Homepage with recent published notes - Note permalinks with microformats2 - Server-side rendering (Jinja2) **Admin Routes**: - Login via IndieLogin - Dashboard with note management - Create, edit, delete notes - Protected with @require_auth decorator **Development Authentication**: - Dev login bypass for local testing (DEV_MODE only) - Security safeguards per ADR-011 - Returns 404 when disabled **Templates & Frontend**: - Base layouts (public + admin) - 8 HTML templates with microformats2 - Custom responsive CSS (114 lines) - Error pages (404, 500) ### Bugfixes (v0.5.1 → v0.5.2) 1. **Cookie collision fix (v0.5.1)**: - Renamed auth cookie from "session" to "starpunk_session" - Fixed redirect loop between dev login and admin dashboard - Flask's session cookie no longer conflicts with auth 2. **HTTP 404 error handling (v0.5.1)**: - Update route now returns 404 for nonexistent notes - Delete route now returns 404 for nonexistent notes - Follows ADR-012 HTTP Error Handling Policy - Pattern consistency across all admin routes 3. **Note model enhancement (v0.5.2)**: - Exposed deleted_at field from database schema - Enables soft deletion verification in tests - Follows ADR-013 transparency principle ### Architecture **New ADRs**: - ADR-011: Development Authentication Mechanism - ADR-012: HTTP Error Handling Policy - ADR-013: Expose deleted_at Field in Note Model **Standards Compliance**: - Uses uv for Python environment - Black formatted, Flake8 clean - Follows git branching strategy - Version incremented per versioning strategy ### Test Results - 405/406 tests passing (99.75%) - 87% code coverage - All security tests passing - Manual testing confirmed working ### Documentation - Complete implementation reports in docs/reports/ - Architecture reviews in docs/reviews/ - Design documents in docs/design/ - CHANGELOG updated for v0.5.2 ### Files Changed **New Modules**: - starpunk/dev_auth.py - starpunk/routes/ (public, admin, auth, dev_auth) **Templates**: 10 files (base, pages, admin, errors) **Static**: CSS and optional JavaScript **Tests**: 4 test files for routes and templates **Docs**: 20+ architectural and implementation documents 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
58 lines
1.2 KiB
Python
58 lines
1.2 KiB
Python
"""
|
|
Public routes for StarPunk
|
|
|
|
Handles public-facing pages including homepage and note permalinks.
|
|
No authentication required for these routes.
|
|
"""
|
|
|
|
from flask import Blueprint, abort, render_template
|
|
|
|
from starpunk.notes import list_notes, get_note
|
|
|
|
# Create blueprint
|
|
bp = Blueprint("public", __name__)
|
|
|
|
|
|
@bp.route("/")
|
|
def index():
|
|
"""
|
|
Homepage displaying recent published notes
|
|
|
|
Returns:
|
|
Rendered homepage template with note list
|
|
|
|
Template: templates/index.html
|
|
Microformats: h-feed containing h-entry items
|
|
"""
|
|
# Get recent published notes (limit 20)
|
|
notes = list_notes(published_only=True, limit=20)
|
|
|
|
return render_template("index.html", notes=notes)
|
|
|
|
|
|
@bp.route("/note/<slug>")
|
|
def note(slug: str):
|
|
"""
|
|
Individual note permalink page
|
|
|
|
Args:
|
|
slug: URL-safe note identifier
|
|
|
|
Returns:
|
|
Rendered note template with full content
|
|
|
|
Raises:
|
|
404: If note not found or not published
|
|
|
|
Template: templates/note.html
|
|
Microformats: h-entry
|
|
"""
|
|
# Get note by slug
|
|
note_obj = get_note(slug=slug)
|
|
|
|
# Return 404 if note doesn't exist or isn't published
|
|
if not note_obj or not note_obj.published:
|
|
abort(404)
|
|
|
|
return render_template("note.html", note=note_obj)
|