Move interactive auth routes behind access module manifest #3

Closed
opened 2026-07-06 11:50:18 +02:00 by zemion · 3 comments
Owner

Scope

Move the /api/v1/auth/* interactive authentication/session routes into govoplan-access and register them through the access module manifest.

Acceptance Criteria

  • Access manifest contributes the auth router.
  • Default core server config no longer registers the auth router as a base router.
  • govoplan_core.api.v1.auth remains a compatibility import path.
  • Existing auth smoke behavior remains green.
## Scope Move the `/api/v1/auth/*` interactive authentication/session routes into `govoplan-access` and register them through the access module manifest. ## Acceptance Criteria - Access manifest contributes the auth router. - Default core server config no longer registers the auth router as a base router. - `govoplan_core.api.v1.auth` remains a compatibility import path. - Existing auth smoke behavior remains green.
Author
Owner

Codex State: done

Summary

  • Moved the interactive route implementation into govoplan-access and registered it through the access module manifest.
  • Removed default core base-router registration for auth while keeping as a compatibility import path.

Changed Files

  • src/govoplan_access/backend/api/v1/auth.py
  • src/govoplan_access/backend/manifest.py
  • /mnt/DATA/git/govoplan-core/src/govoplan_core/api/v1/auth.py
  • /mnt/DATA/git/govoplan-core/src/govoplan_core/server/default_config.py
  • /mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md

Verification

  • ./.venv/bin/python -m py_compile auth route and manifest files
  • ./.venv/bin/python scripts/check_dependency_boundaries.py
  • ./.venv/bin/python -m unittest tests.test_module_system
  • ./.venv/bin/python -m unittest tests.test_access_contracts
  • ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_health_schema_and_dev_mailbox_gates
  • ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_tenant_user_group_role_and_api_key_administration
  • ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model
  • ./scripts/check-focused.sh

Next / Blocked

  • Keep issue open until the local multi-repo worktree changes are committed and pushed.
## Codex State: done ### Summary - Moved the interactive route implementation into govoplan-access and registered it through the access module manifest. - Removed default core base-router registration for auth while keeping as a compatibility import path. ### Changed Files - `src/govoplan_access/backend/api/v1/auth.py` - `src/govoplan_access/backend/manifest.py` - `/mnt/DATA/git/govoplan-core/src/govoplan_core/api/v1/auth.py` - `/mnt/DATA/git/govoplan-core/src/govoplan_core/server/default_config.py` - `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md` ### Verification - `./.venv/bin/python -m py_compile auth route and manifest files` - `./.venv/bin/python scripts/check_dependency_boundaries.py` - `./.venv/bin/python -m unittest tests.test_module_system` - `./.venv/bin/python -m unittest tests.test_access_contracts` - `./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_health_schema_and_dev_mailbox_gates` - `./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_tenant_user_group_role_and_api_key_administration` - `./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model` - `./scripts/check-focused.sh` ### Next / Blocked - Keep issue open until the local multi-repo worktree changes are committed and pushed.
Author
Owner

Codex State: note

Summary

  • Correction to previous note: the moved route is /auth, served as /api/v1/auth/* under the core API prefix.
  • Correction to previous note: govoplan_core.api.v1.auth remains the compatibility import path for custom configs.
## Codex State: note ### Summary - Correction to previous note: the moved route is /auth, served as /api/v1/auth/* under the core API prefix. - Correction to previous note: govoplan_core.api.v1.auth remains the compatibility import path for custom configs.
Author
Owner

Codex State: done

Summary

  • The access manifest contributes the interactive auth router, including /api/v1/auth/login, through module startup.
  • Core no longer needs a base auth router; the legacy govoplan_core.api.v1.auth import is a compatibility wrapper to the access router.

Changed Files

  • /mnt/DATA/git/govoplan-core/src/govoplan_core/api/v1/auth.py
  • /mnt/DATA/git/govoplan-core/tests/test_module_system.py

Verification

  • cd /mnt/DATA/git/govoplan-core && ./.venv/bin/python -m unittest tests.test_module_system
  • cd /mnt/DATA/git/govoplan-core && ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_cookie_session_requires_csrf_for_mutations tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model
## Codex State: done ### Summary - The access manifest contributes the interactive auth router, including /api/v1/auth/login, through module startup. - Core no longer needs a base auth router; the legacy govoplan_core.api.v1.auth import is a compatibility wrapper to the access router. ### Changed Files - `/mnt/DATA/git/govoplan-core/src/govoplan_core/api/v1/auth.py` - `/mnt/DATA/git/govoplan-core/tests/test_module_system.py` ### Verification - `cd /mnt/DATA/git/govoplan-core && ./.venv/bin/python -m unittest tests.test_module_system` - `cd /mnt/DATA/git/govoplan-core && ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_cookie_session_requires_csrf_for_mutations tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model`
Sign in to join this conversation.
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: add-ideas/govoplan-access#3
No description provided.