Add NAVI_AUTH_ENABLED switch for optional auth

Fork: 0

root / navi-1

Browse code Add NAVI_AUTH_ENABLED switch for optional auth - Add navi_auth_enabled setting (default true) to navi/config.py and .env.example - When disabled, treat every request as anonymous admin user (id='anonymous') - Create/update fixed anonymous navi_users row on startup - Bypass OAuth/cookie/API-token resolution in navi/auth/deps.py - Update /auth/status to return {enabled, configured} - Log security warning on startup when auth is disabled - Update webclient: skip fetchMe/login screen, show Local mode footer, expose /admin link, warn in API keys panel - Rebuild webclient production bundle - Add unit and integration tests for no-auth mode - Update docs: auth.md, config.md, api.md, api_tokens.md, sessions.md, websocket.md, mechanics.md, index.md Co-Authored-By: Claude <noreply@anthropic.com> feature/navi-code master
1 parent dbb26b4 commit 4923a2bddc367fb5c89a282ef3601f119ad4a790 Eugene Sukhodolskiy authored 2 days ago

Browse code

- Add navi_auth_enabled setting (default true) to navi/config.py and .env.example
- When disabled, treat every request as anonymous admin user (id='anonymous')
- Create/update fixed anonymous navi_users row on startup
- Bypass OAuth/cookie/API-token resolution in navi/auth/deps.py
- Update /auth/status to return {enabled, configured}
- Log security warning on startup when auth is disabled
- Update webclient: skip fetchMe/login screen, show Local mode footer,
  expose /admin link, warn in API keys panel
- Rebuild webclient production bundle
- Add unit and integration tests for no-auth mode
- Update docs: auth.md, config.md, api.md, api_tokens.md, sessions.md,
  websocket.md, mechanics.md, index.md

Co-Authored-By: Claude <noreply@anthropic.com>

feature/navi-code master

1 parent dbb26b4 commit 4923a2bddc367fb5c89a282ef3601f119ad4a790

Eugene Sukhodolskiy authored 2 days ago

Patch

Unified Split

Showing 25 changed files

Ignore Space Show notes View .env.example

Ignore Space Show notes View docs/api.md

Ignore Space Show notes View docs/api_tokens.md

Ignore Space Show notes View docs/auth.md

Ignore Space Show notes View docs/config.md

Ignore Space Show notes View docs/index.md

Ignore Space Show notes View docs/mechanics.md

Ignore Space Show notes View docs/sessions.md

Ignore Space Show notes View docs/websocket.md

Ignore Space Show notes View navi/api/routes/auth.py

Ignore Space Show notes View navi/auth/_ddl.py

Ignore Space Show notes View navi/auth/deps.py

Ignore Space Show notes View navi/config.py

Ignore Space Show notes View navi/main.py

Ignore Space Show notes View tests/integration/test_auth_disabled.py 0 → 100644

Ignore Space Show notes View tests/unit/auth/test_deps.py

Show notes View webclient/dist/assets/index-B-XArGgJ.js 100644 → 0
Not supported

Show notes View webclient/dist/assets/index-B9MKY33g.css 100644 → 0

Ignore Space Show notes View webclient/dist/assets/index-Bgnk3REC.css 0 → 100644

Ignore Space Show notes View webclient/dist/assets/index-DzAywTTN.js 0 → 100644
Not supported

Ignore Space Show notes View webclient/dist/index.html

Ignore Space Show notes View webclient/src/App.vue

Ignore Space Show notes View webclient/src/components/settings/ApiKeysPanel.vue

Ignore Space Show notes View webclient/src/components/sidebar/AppSidebar.vue

Ignore Space Show notes View webclient/src/stores/auth.js

Show line notes below