Commit Graph

7 Commits

Author SHA1 Message Date
4062ccf4e3 Merge pull request #8 from mattintech/feature/entra-id
Add Entra ID authentication with optional no-auth mode
2025-10-20 20:09:07 -04:00
2b471ef09f Add optional no-auth mode for simplified local testing
This update introduces an AUTH_MODE configuration that allows developers
to easily test the application locally without requiring Entra ID setup.

Changes:
- Add AUTH_MODE environment variable (entra/none) to .env.example and config
- Update auth decorators to support both authentication modes
- Create role selection page for no-auth mode (admin/user choice)
- Modify auth routes to conditionally use MSAL only in Entra ID mode
- Update UserModel to support mock test users with string IDs
- Add visual indicator in navbar when running in no-auth mode

Benefits:
- Zero Azure AD configuration needed for local development
- Quick testing of role-based features (admin vs user)
- Existing Entra ID functionality remains unchanged
- Simple toggle via environment variable

To use no-auth mode, set AUTH_MODE=none in .env file.
For production, use AUTH_MODE=entra (default).
2025-10-20 20:03:46 -04:00
141d9dfc65 Merge pull request #6 from mattintech/feature/entra-id
Add Entra ID Authentication with Role-Based Access Control
2025-10-20 19:39:36 -04:00
795068c015 Add Entra ID authentication with role-based access control
Implement Microsoft Entra ID (Azure AD) authentication with user and admin roles.

Features:
- OAuth 2.0 authentication flow using MSAL
- User and admin role-based access control
- Tenant ownership and access management
- Server-side session storage
- Protected routes with authentication decorators

Authentication:
- Users authenticate via Microsoft organizational accounts
- Admin role automatically assigned to DEFAULT_ADMIN_EMAIL
- User profiles synced from Microsoft Graph API

Access Control:
- Admins: Full access to all tenants and server settings
- Users: Can create and manage their own tenants only
- Tenant association: Auto-created when user adds products
- API endpoints remain open for AR application access

Database Changes:
- New users table with email, azure_oid, name, and role
- New user_tenants table for many-to-many tenant ownership
- Case-insensitive admin email comparison

Configuration:
- Environment-based config via .env file
- Azure AD credentials (client ID, secret, tenant ID)
- Configurable redirect URI and admin email
- Updated to Flask 2.2.5 for compatibility
2025-10-20 19:37:52 -04:00
0ef9020d3b Fix tenant deletion page not found error and improve delete confirmation
- Fixed incorrect route path from /tenant/{id}/delete to /{id}/delete
- Replaced browser confirm() dialog with Bootstrap modal for better UX
- Added styled confirmation modal with warning message
- Modal displays tenant name and ID before deletion
2025-10-20 18:26:49 -04:00
0888edaec5 Modernize tenant selection page with improved UX
- Replace list view with responsive card grid layout for better scalability
- Add real-time search functionality to filter tenants by name or ID
- Move settings to fixed gear icon in top-right corner
- Add new tenant button (plus icon) next to settings gear
- Implement modal dialog for creating new tenants
- Add hover effects and animations to tenant cards
- Improve mobile responsiveness
- Display tenant info more compactly (name, ID, username, date, AR URL)
- Add "no results" message for empty search results

The new layout handles 50+ tenants efficiently with better visual organization and easier navigation.
2025-10-20 18:16:45 -04:00
f97808c7b3 Refactor application to MVC architecture with Flask blueprints
Major architectural refactoring to improve code organization, maintainability, and scalability:

- Implement MVC pattern with clear separation of concerns
- Organize code into blueprints for different functional areas (main, tenant, admin, api)
- Create models layer to encapsulate all database operations
- Create services layer for business logic (auth, product, barcode)
- Implement application factory pattern for better testability
- Add environment-based configuration management
- Remove old monolithic app.py and consolidate routes

New structure:
- app/models/ - Database operations (Tenant, Product, ARField, Settings)
- app/services/ - Business logic (Auth, Product, Barcode services)
- app/blueprints/ - Controllers organized by function
- app/config.py - Environment configurations
- run.py - Application entry point

All routes remain backward compatible. No changes to API or templates functionality.
2025-10-20 18:11:16 -04:00