member/member-platform

Files

History

Chris 7cdf2b5a51 refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

..

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

.env

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

.env.development

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

.env.example

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

.env.production.example

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

pyproject.toml

feat: add authentik admin user sync endpoint

2026-03-29 23:08:52 +08:00

README.md

refactor(keycloak): remove authentik naming and switch to keycloak-only paths

2026-04-01 02:01:41 +08:00

README.md

memberapi.ose.tw backend

Quick start

cd backend
python -m venv .venv
source .venv/bin/activate
pip install -e .
cp .env.example .env
./scripts/start_dev.sh

Keycloak env

Required:
- KEYCLOAK_BASE_URL
- KEYCLOAK_REALM
- KEYCLOAK_CLIENT_ID
- KEYCLOAK_CLIENT_SECRET
- KEYCLOAK_ADMIN_CLIENT_ID
- KEYCLOAK_ADMIN_CLIENT_SECRET
Optional:
- KEYCLOAK_ADMIN_REALM (default = KEYCLOAK_REALM)
- KEYCLOAK_ISSUER
- KEYCLOAK_JWKS_URL
- KEYCLOAK_TOKEN_ENDPOINT
- KEYCLOAK_USERINFO_ENDPOINT
- KEYCLOAK_AUDIENCE
- KEYCLOAK_VERIFY_TLS

Main APIs

GET /healthz
GET /auth/oidc/url
POST /auth/oidc/exchange
GET /me (Bearer token required)
GET /me/permissions/snapshot (Bearer token required)
POST /internal/users/upsert-by-sub
GET /internal/permissions/{user_sub}/snapshot
POST /internal/idp/users/ensure