feat(05-01): add Phase 5 cloud storage packages and config settings
- Add 6 new packages to requirements.txt: cryptography>=41.0.0, google-auth-oauthlib>=1.3.1, google-api-python-client>=2.196.0, msal>=1.36.0, webdavclient3>=3.14.7, cachetools>=5.3.0 - Add 8 new Settings fields to config.py: cloud_creds_key, google_client_id/secret, onedrive_client_id/secret/tenant_id, backend_url (frontend_url already present from Phase 2) - Append cloud storage section to .env.example
This commit is contained in:
curo1305
@@ -49,3 +49,23 @@ SMTP_FROM=noreply@docuvault.local
|
|||||||
# Comma-separated list of allowed origins. Default: http://localhost:5173
|
# Comma-separated list of allowed origins. Default: http://localhost:5173
|
||||||
# Example for production: https://app.docuvault.example.com
|
# Example for production: https://app.docuvault.example.com
|
||||||
CORS_ORIGINS=http://localhost:5173
|
CORS_ORIGINS=http://localhost:5173
|
||||||
|
|
||||||
|
# ── Cloud Storage Backends (Phase 5) ─────────────────────────────────────────
|
||||||
|
# Master key for HKDF per-user cloud credential encryption.
|
||||||
|
# Must be at least 32 bytes. Generate with:
|
||||||
|
# python3 -c "import secrets; print(secrets.token_urlsafe(32))"
|
||||||
|
CLOUD_CREDS_KEY=CHANGEME-32-bytes-padded!!
|
||||||
|
|
||||||
|
# Google Drive OAuth 2.0 — create credentials at https://console.cloud.google.com/
|
||||||
|
GOOGLE_CLIENT_ID=
|
||||||
|
GOOGLE_CLIENT_SECRET=
|
||||||
|
|
||||||
|
# Microsoft OneDrive OAuth 2.0 — create app at https://portal.azure.com/
|
||||||
|
ONEDRIVE_CLIENT_ID=
|
||||||
|
ONEDRIVE_CLIENT_SECRET=
|
||||||
|
# "common" for personal + org accounts; or your tenant UUID for org-only
|
||||||
|
ONEDRIVE_TENANT_ID=common
|
||||||
|
|
||||||
|
# Backend and frontend URLs — used to construct OAuth callback/redirect URLs
|
||||||
|
BACKEND_URL=http://localhost:8000
|
||||||
|
FRONTEND_URL=http://localhost:5173
|
||||||
|
|||||||
@@ -56,5 +56,19 @@ class Settings(BaseSettings):
|
|||||||
default_ai_provider: str = "ollama" # DEFAULT_AI_PROVIDER env var
|
default_ai_provider: str = "ollama" # DEFAULT_AI_PROVIDER env var
|
||||||
default_ai_model: str = "llama3.2" # DEFAULT_AI_MODEL env var
|
default_ai_model: str = "llama3.2" # DEFAULT_AI_MODEL env var
|
||||||
|
|
||||||
|
# Cloud Storage (Phase 5)
|
||||||
|
# master key for HKDF per-user credential encryption — must be overridden in production
|
||||||
|
cloud_creds_key: str = "CHANGEME-32-bytes-padded!!"
|
||||||
|
google_client_id: str = ""
|
||||||
|
google_client_secret: str = ""
|
||||||
|
onedrive_client_id: str = ""
|
||||||
|
onedrive_client_secret: str = ""
|
||||||
|
# "common" works for both personal and org accounts
|
||||||
|
onedrive_tenant_id: str = "common"
|
||||||
|
# used to construct OAuth callback URLs (e.g. {backend_url}/api/cloud/google/callback)
|
||||||
|
backend_url: str = "http://localhost:8000"
|
||||||
|
# used to construct OAuth success/error redirect to Vue app (per Phase 5 B4 fix)
|
||||||
|
# Note: frontend_url already declared above for Phase 2 (password reset links) — shared field
|
||||||
|
|
||||||
|
|
||||||
settings = Settings()
|
settings = Settings()
|
||||||
|
|||||||
@@ -24,3 +24,11 @@ PyJWT>=2.8.0
|
|||||||
pwdlib[argon2]>=0.2.1
|
pwdlib[argon2]>=0.2.1
|
||||||
pyotp>=2.9.0
|
pyotp>=2.9.0
|
||||||
slowapi>=0.1.9
|
slowapi>=0.1.9
|
||||||
|
|
||||||
|
# Cloud Storage Backends (Phase 5)
|
||||||
|
cryptography>=41.0.0
|
||||||
|
google-auth-oauthlib>=1.3.1
|
||||||
|
google-api-python-client>=2.196.0
|
||||||
|
msal>=1.36.0
|
||||||
|
webdavclient3>=3.14.7
|
||||||
|
cachetools>=5.3.0
|
||||||
|
|||||||
Reference in New Issue
Block a user