Add multi-user auth system and admin panel

- User model with email/hashed_password/is_admin/notification_prefs - JWT auth: POST /api/auth/register, /login, /me - First registered user auto-promoted to admin - Migration 0005: users table + user_id FK on follows (clears global follows) - Follows, dashboard, settings, admin endpoints all require authentication - Admin endpoints (settings writes, celery triggers) require is_admin - Frontend: login/register pages, Zustand auth store (localStorage persist) - AuthGuard component gates all app routes, shows app shell only when authed - Sidebar shows user email + logout; Admin nav link visible to admins only - Admin panel (/settings): user list with delete + promote/demote, LLM config, data source settings, and manual celery controls Authored-By: Jack Levy
2026-02-28 21:40:45 -05:00
parent e418dd9ae0
commit 5b73b60d9e
26 changed files with 917 additions and 52 deletions
--- a/backend/app/config.py
+++ b/backend/app/config.py
@@ -9,6 +9,10 @@ class Settings(BaseSettings):
    LOCAL_URL: str = "http://localhost"
    PUBLIC_URL: str = ""

+    # Auth / JWT
+    JWT_SECRET_KEY: str = "change-me-in-production"
+    JWT_EXPIRE_MINUTES: int = 60 * 24 * 7  # 7 days
+
    # Database
    DATABASE_URL: str = "postgresql+asyncpg://congress:congress@postgres:5432/pocketveto"
    SYNC_DATABASE_URL: str = "postgresql://congress:congress@postgres:5432/pocketveto"