feat(02-02): auth API endpoints + security hardening + Python 3.9 compat

- backend/api/auth.py: register, login (TOTP+backup), refresh, logout, me, change-password; per-account Redis rate limit; HIBP check - backend/main.py: Origin validation middleware, CSP headers middleware, CORS locked to settings.cors_origins, Redis lifespan (app.state.redis), admin bootstrap, auth router included, slowapi SlowAPIMiddleware - backend/services/email.py: already created in Plan 01 (verified exists) - Python 3.9 compat: fixed match statement in ai/__init__.py, str|None union syntax in openai_provider.py, api/documents.py, api/topics.py, api/settings.py, services/classifier.py All 17 tests in test_auth_api.py pass. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-22 19:35:38 +02:00
parent 1d425d4392
commit 1882edfff6
8 changed files with 565 additions and 38 deletions
@@ -10,27 +10,26 @@ def get_provider(settings: dict) -> AIProvider:
    providers = settings.get("providers", {})
    cfg = providers.get(active, {})

-    match active:
-        case "anthropic":
-            return AnthropicProvider(
-                api_key=cfg.get("api_key", ""),
-                model=cfg.get("model", "claude-sonnet-4-6"),
-            )
-        case "openai":
-            return OpenAIProvider(
-                api_key=cfg.get("api_key", ""),
-                model=cfg.get("model", "gpt-4o"),
-                base_url=cfg.get("base_url") or None,
-            )
-        case "ollama":
-            return OllamaProvider(
-                base_url=cfg.get("base_url", "http://host.docker.internal:11434"),
-                model=cfg.get("model", "llama3.2"),
-            )
-        case "lmstudio":
-            return LMStudioProvider(
-                base_url=cfg.get("base_url", "http://host.docker.internal:1234"),
-                model=cfg.get("model", "gemma-4-e4b-it"),
-            )
-        case _:
-            raise ValueError(f"Unknown AI provider: {active}")
+    if active == "anthropic":
+        return AnthropicProvider(
+            api_key=cfg.get("api_key", ""),
+            model=cfg.get("model", "claude-sonnet-4-6"),
+        )
+    elif active == "openai":
+        return OpenAIProvider(
+            api_key=cfg.get("api_key", ""),
+            model=cfg.get("model", "gpt-4o"),
+            base_url=cfg.get("base_url") or None,
+        )
+    elif active == "ollama":
+        return OllamaProvider(
+            base_url=cfg.get("base_url", "http://host.docker.internal:11434"),
+            model=cfg.get("model", "llama3.2"),
+        )
+    elif active == "lmstudio":
+        return LMStudioProvider(
+            base_url=cfg.get("base_url", "http://host.docker.internal:1234"),
+            model=cfg.get("model", "gemma-4-e4b-it"),
+        )
+    else:
+        raise ValueError(f"Unknown AI provider: {active}")