Phase 1: Communications Module - Complete

Backend infrastructure: - PostgreSQL models (users, channels, messages, DMs, files, artifacts) - JWT authentication with password hashing - Auth API (register, login, logout, get user) - Channels API (create, list, join, leave) - Messages API with @grimlock mention detection - AI responds automatically when @mentioned - Background task processing for AI responses Database: - SQLAlchemy ORM models - Alembic ready for migrations - PostgreSQL + Redis in docker-compose Features working: - User registration and login - Create/join public channels - Send messages in channels - @grimlock triggers AI response with channel context - Real-time ready (WebSocket next) Next: WebSocket for real-time updates, frontend interface
2026-02-12 21:26:16 +00:00
parent 437336a1e4
commit 9f094b7a5d
10 changed files with 912 additions and 5 deletions
--- a/backend/core/auth.py
+++ b/backend/core/auth.py
@@ -0,0 +1,46 @@
+"""
+Authentication Utilities
+"""
+
+from datetime import datetime, timedelta
+from typing import Optional
+from jose import JWTError, jwt
+from passlib.context import CryptContext
+import os
+
+# Security configuration
+SECRET_KEY = os.getenv("SECRET_KEY", "your-secret-key-change-in-production")
+ALGORITHM = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = 60 * 24 * 7  # 7 days
+
+# Password hashing
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    """Verify a password against a hash"""
+    return pwd_context.verify(plain_password, hashed_password)
+
+def get_password_hash(password: str) -> str:
+    """Hash a password"""
+    return pwd_context.hash(password)
+
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
+    """Create a JWT access token"""
+    to_encode = data.copy()
+    
+    if expires_delta:
+        expire = datetime.utcnow() + expires_delta
+    else:
+        expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    
+    to_encode.update({"exp": expire})
+    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+    return encoded_jwt
+
+def decode_token(token: str) -> Optional[dict]:
+    """Decode and verify a JWT token"""
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        return payload
+    except JWTError:
+        return None