member/member-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): use group-only admin access and remove admin api-key flow from frontend/admin routes

Browse Source
This commit is contained in:
Chris
2026-03-30 21:39:43 +08:00
parent 15eee2fc9a
commit e1a6bbd844
11 changed files with 6 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/app/core/config.py
View File

@@ -30,8 +30,6 @@ class Settings(BaseSettings):
public_frontend_origins: Annotated[list[str], NoDecode] = ["https://member.ose.tw"]
internal_shared_secret: str = ""
admin_allowlist_emails: Annotated[list[str], NoDecode] = []
admin_allowlist_subs: Annotated[list[str], NoDecode] = []
admin_required_groups: Annotated[list[str], NoDecode] = []
@field_validator("public_frontend_origins", mode="before")
@@ -43,7 +41,7 @@ class Settings(BaseSettings):
return []
return [origin.strip() for origin in value.split(",") if origin.strip()]
@field_validator("admin_allowlist_emails", "admin_allowlist_subs", "admin_required_groups", mode="before")
@field_validator("admin_required_groups", mode="before")
@classmethod
def parse_csv(cls, value: str | list[str]) -> list[str]:
if isinstance(value, list):