phil/StarPunk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3222620cee138d5d788a8ad56338e209b1b18c1e
StarPunk/docs/design/v1.0.0/2025-11-22-auth-route-prefix-fix.md
Phil Skentelbery f10d0679da feat(tags): Add database schema and tags module (v1.3.0 Phase 1) 
Implements tag/category system backend following microformats2 p-category specification.

Database changes:
- Migration 008: Add tags and note_tags tables
- Normalized tag storage (case-insensitive lookup, display name preserved)
- Indexes for performance

New module:
- starpunk/tags.py: Tag management functions
  - normalize_tag: Normalize tag strings
  - get_or_create_tag: Get or create tag records
  - add_tags_to_note: Associate tags with notes (replaces existing)
  - get_note_tags: Retrieve note tags (alphabetically ordered)
  - get_tag_by_name: Lookup tag by normalized name
  - get_notes_by_tag: Get all notes with specific tag
  - parse_tag_input: Parse comma-separated tag input

Model updates:
- Note.tags property (lazy-loaded, prefer pre-loading in routes)
- Note.to_dict() add include_tags parameter

CRUD updates:
- create_note() accepts tags parameter
- update_note() accepts tags parameter (None = no change, [] = remove all)

Micropub integration:
- Pass tags to create_note() (tags already extracted by extract_tags())
- Return tags in q=source response

Per design doc: docs/design/v1.3.0/microformats-tags-design.md

Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-10 11:24:23 -07:00

3.3 KiB
Raw Blame History

Auth Route Prefix Fix Implementation Report

Date: 2025-11-22 Version: 0.9.2 ADR: ADR-022-auth-route-prefix-fix.md

Summary

Fixed IndieAuth callback 404 error by changing the auth blueprint URL prefix from /admin to /auth.

Problem

The auth blueprint in starpunk/routes/auth.py had its URL prefix set to /admin:

bp = Blueprint("auth", __name__, url_prefix="/admin")

However, the redirect_uri sent to IndieAuth providers used /auth/callback:

redirect_uri=https://example.com/auth/callback

This mismatch caused IndieLogin.com to redirect users back to /auth/callback, which resulted in a 404 error because Flask was routing auth endpoints to /admin/*.

Solution

Changed the auth blueprint URL prefix from /admin to /auth:

bp = Blueprint("auth", __name__, url_prefix="/auth")

This aligns the blueprint prefix with the redirect_uri being sent to IndieAuth providers.

Files Modified

  1. starpunk/routes/auth.py (line 30)

    • Changed: url_prefix="/admin" -> url_prefix="/auth"

  2. tests/test_routes_admin.py

    • Updated test assertion from /admin/login to /auth/login

  3. tests/test_routes_dev_auth.py

    • Updated all references from /admin/login to /auth/login
    • Updated /admin/logout to /auth/logout

  4. tests/test_templates.py

    • Updated all references from /admin/login to /auth/login

  5. starpunk/__init__.py

    • Version bumped from 0.9.1 to 0.9.2

  6. CHANGELOG.md

    • Added 0.9.2 release notes

Route Changes

Before (incorrect)

  • /admin/login - Login form
  • /admin/callback - OAuth callback (never reached due to 404)
  • /admin/logout - Logout endpoint

After (correct)

  • /auth/login - Login form
  • /auth/callback - OAuth callback (matches redirect_uri)
  • /auth/logout - Logout endpoint

Unchanged

  • /admin/ - Admin dashboard (remains unchanged)
  • /admin/new - Create note form
  • /admin/edit/<id> - Edit note form
  • /admin/delete/<id> - Delete note

Testing

Ran full test suite with uv run pytest:

  • Before fix: 28 failed, 486 passed
  • After fix: 28 failed, 486 passed

The failure count is identical because:

  1. The fix itself does not introduce new failures
  2. Tests were updated to expect the new /auth/* URL patterns
  3. Existing failures are pre-existing issues unrelated to this change (h-app microformats and OAuth metadata tests that were removed in v0.8.0)

Verification

To verify the fix is working:

  1. Start the application: uv run flask --app app.py run
  2. Navigate to /auth/login
  3. Enter your IndieAuth URL and submit
  4. After authenticating with IndieLogin.com, you should be redirected back to /auth/callback which now correctly handles the OAuth response

Related Documentation

  • ADR-022: /home/phil/Projects/starpunk/docs/decisions/ADR-022-auth-route-prefix-fix.md
  • Versioning Strategy: /home/phil/Projects/starpunk/docs/standards/versioning-strategy.md
  • Git Branching Strategy: /home/phil/Projects/starpunk/docs/standards/git-branching-strategy.md

Notes

  • This is a bug fix (PATCH version increment per SemVer)
  • No breaking changes to existing functionality
  • Admin dashboard routes remain at /admin/* as before
  • Only authentication routes moved to /auth/*
Reference in New Issue View Git Blame Copy Permalink