diff --git a/navi/api/routes/auth.py b/navi/api/routes/auth.py index 25a87b9..d06ad5a 100644 --- a/navi/api/routes/auth.py +++ b/navi/api/routes/auth.py @@ -29,7 +29,7 @@ def _auth_configured() -> bool: - return bool(settings.gnexus_auth_client_id and settings.gnexus_auth_client_secret) + return bool(settings.gnauth_client_id and settings.gnauth_client_secret) @router.get("/login") @@ -81,8 +81,8 @@ role = "user" permissions: list[str] = [] for access in auth_user.client_access_list: - if access.client_id == settings.gnexus_auth_client_id: - if settings.gnexus_auth_admin_role_slug in (access.role_ids or []): + if access.client_id == settings.gnauth_client_id: + if settings.gnauth_admin_role_slug in (access.role_ids or []): role = "admin" permissions = list(access.permission_ids or []) break diff --git a/navi/api/routes/webhooks.py b/navi/api/routes/webhooks.py index e1fee03..2a52297 100644 --- a/navi/api/routes/webhooks.py +++ b/navi/api/routes/webhooks.py @@ -22,7 +22,7 @@ - client.roles_changed / client.permissions_changed → update user role/permissions """ from navi.config import settings - if not settings.gnexus_auth_client_id or not settings.gnexus_auth_client_secret: + if not settings.gnauth_client_id or not settings.gnauth_client_secret: raise HTTPException(status_code=503, detail="OAuth is not configured") raw_body = await request.body() diff --git a/navi/auth/client.py b/navi/auth/client.py index 3a9d403..8019625 100644 --- a/navi/auth/client.py +++ b/navi/auth/client.py @@ -37,9 +37,9 @@ """Build a GAuthClient with the given redirect_uri and shared stores.""" state_store, pkce_store = _ensure_stores() config = GAuthConfig( - base_url=settings.gnexus_auth_base_url, - client_id=settings.gnexus_auth_client_id, - client_secret=settings.gnexus_auth_client_secret, + base_url=settings.gnauth_base_url, + client_id=settings.gnauth_client_id, + client_secret=settings.gnauth_client_secret, redirect_uri=redirect_uri, ) return GAuthClient( @@ -68,5 +68,5 @@ if redirect_uri is not None: return _make_client(redirect_uri) if _default_gauth_client is None: - _default_gauth_client = _make_client(settings.gnexus_auth_redirect_uri) + _default_gauth_client = _make_client(settings.gnauth_redirect_uri) return _default_gauth_client diff --git a/navi/auth/deps.py b/navi/auth/deps.py index 4b05412..3e42c85 100644 --- a/navi/auth/deps.py +++ b/navi/auth/deps.py @@ -26,7 +26,7 @@ return conn.state.user # Auth not configured — treat as anonymous - if not settings.gnexus_auth_client_id or not settings.gnexus_auth_client_secret: + if not settings.gnauth_client_id or not settings.gnauth_client_secret: return None cookie_name = settings.navi_auth_cookie_name @@ -84,8 +84,8 @@ role = "user" permissions: list[str] = [] for access in auth_user.client_access_list: - if access.client_id == settings.gnexus_auth_client_id: - if settings.gnexus_auth_admin_role_slug in (access.role_ids or []): + if access.client_id == settings.gnauth_client_id: + if settings.gnauth_admin_role_slug in (access.role_ids or []): role = "admin" permissions = list(access.permission_ids or []) break diff --git a/navi/config.py b/navi/config.py index c69bcc9..673803b 100644 --- a/navi/config.py +++ b/navi/config.py @@ -71,12 +71,12 @@ gmail_app_password: str = "" # gnexus-auth OAuth integration - gnexus_auth_base_url: str = "http://gnexus-auth.local" - gnexus_auth_client_id: str = "" - gnexus_auth_client_secret: str = "" - gnexus_auth_redirect_uri: str = "http://localhost:8000/auth/callback" - gnexus_auth_admin_role_slug: str = "navi_admin" - gnexus_auth_user_role_slug: str = "navi_user" + gnauth_base_url: str = "http://gnexus-auth.local" + gnauth_client_id: str = "" + gnauth_client_secret: str = "" + gnauth_redirect_uri: str = "http://localhost:8000/auth/callback" + gnauth_admin_role_slug: str = "navi_admin" + gnauth_user_role_slug: str = "navi_user" # Auth session cookie encryption (Fernet key, 32-byte base64) navi_auth_encryption_key: str = ""