feat: add logging, marketplace, and admin enhancements

Database & Migrations: - Add application_logs table migration for hybrid cloud logging - Add companies table migration and restructure vendor relationships Logging System: - Implement hybrid logging system (database + file) - Add log_service for centralized log management - Create admin logs page with filtering and viewing capabilities - Add init_log_settings.py script for log configuration - Enhance core logging with database integration Marketplace Integration: - Add marketplace admin page with product management - Create marketplace vendor page with product listings - Implement marketplace.js for both admin and vendor interfaces - Add marketplace integration documentation Admin Enhancements: - Add imports management page and functionality - Create settings page for admin configuration - Add vendor themes management page - Enhance vendor detail and edit pages - Improve code quality dashboard and violation details - Add logs viewing and management - Update icons guide and shared icon system Architecture & Documentation: - Document frontend structure and component architecture - Document models structure and relationships - Add vendor-in-token architecture documentation - Add vendor RBAC (role-based access control) documentation - Document marketplace integration patterns - Update architecture patterns documentation Infrastructure: - Add platform static files structure (css, img, js) - Move architecture_scan.py to proper models location - Update model imports and registrations - Enhance exception handling - Update dependency injection patterns UI/UX: - Improve vendor edit interface - Update admin user interface - Enhance page templates documentation - Add vendor marketplace interface
2025-12-01 21:51:07 +01:00
parent 915734e9b4
commit cc74970223
56 changed files with 8440 additions and 202 deletions
--- a/app/api/v1/vendor/auth.py
+++ b/app/api/v1/vendor/auth.py
@@ -142,28 +142,36 @@ def vendor_login(
        f"for vendor {vendor.vendor_code} as {vendor_role}"
    )

+    # Create vendor-scoped access token with vendor information
+    token_data = auth_service.auth_manager.create_access_token(
+        user=user,
+        vendor_id=vendor.id,
+        vendor_code=vendor.vendor_code,
+        vendor_role=vendor_role,
+    )
+
    # Set HTTP-only cookie for browser navigation
    # CRITICAL: path=/vendor restricts cookie to vendor routes only
    response.set_cookie(
        key="vendor_token",
-        value=login_result["token_data"]["access_token"],
+        value=token_data["access_token"],
        httponly=True,  # JavaScript cannot access (XSS protection)
        secure=should_use_secure_cookies(),  # HTTPS only in production/staging
        samesite="lax",  # CSRF protection
-        max_age=login_result["token_data"]["expires_in"],  # Match JWT expiry
+        max_age=token_data["expires_in"],  # Match JWT expiry
        path="/vendor",  # RESTRICTED TO VENDOR ROUTES ONLY
    )

    logger.debug(
-        f"Set vendor_token cookie with {login_result['token_data']['expires_in']}s expiry "
+        f"Set vendor_token cookie with {token_data['expires_in']}s expiry "
        f"(path=/vendor, httponly=True, secure={should_use_secure_cookies()})"
    )

-    # Return full login response
+    # Return full login response with vendor-scoped token
    return VendorLoginResponse(
-        access_token=login_result["token_data"]["access_token"],
-        token_type=login_result["token_data"]["token_type"],
-        expires_in=login_result["token_data"]["expires_in"],
+        access_token=token_data["access_token"],
+        token_type=token_data["token_type"],
+        expires_in=token_data["expires_in"],
        user={
            "id": user.id,
            "username": user.username,