olly/mcma-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): public self-service registration (ALLOW_REGISTRATION)
Docker Build & Publish / build (push) Successful in 1m8s
Details
Docker Build & Publish / push (push) Failing after 34s
Details
Docker Build & Publish / Prune old image versions (push) Has been skipped
Details

Browse Source 
Add POST /auth/register: creates a non-superuser then auto-logs in,
returning the same TokenResponse as login. Gated by the new
allow_registration setting (env ALLOW_REGISTRATION, default true);
when disabled it raises PermissionDeniedError (403). Accounts remain
admin-only for superusers.

Tests cover create+login, duplicate (409), short password (422), and
the disabled (403) path.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Senko-san
2026-06-10 14:06:52 +03:00
parent c72d19599a
commit 14c1bc16e0
5 changed files with 83 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/core/config.py
+3
View File
@@ -44,6 +44,9 @@ class Settings(BaseSettings):
jwt_algorithm: str = "HS256"
access_token_ttl_seconds: int = 60 * 15 # 15 min
refresh_token_ttl_seconds: int = 60 * 60 * 24 * 30 # 30 days (offline-first)
# Public self-service sign-up. When disabled, accounts are created
# admin-only (POST /admin/users). Registered users are never superusers.
allow_registration: bool = True
# -- subsonic ---------------------------------------------------------
# Symmetric key (any string) used to encrypt each user's recoverable