sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0389294b1a800dec483bb656616763899ef1248b
orion/docs/development/customer-auth-summary.md
Samir Boulahtit e9253fbd84 refactor: rename Wizamart to Orion across entire codebase 
Replace all ~1,086 occurrences of Wizamart/wizamart/WIZAMART/WizaMart
with Orion/orion/ORION across 184 files. This includes database
identifiers, email addresses, domain references, R2 bucket names,
DNS prefixes, encryption salt, Celery app name, config defaults,
Docker configs, CI configs, documentation, seed data, and templates.

Renames homepage-wizamart.html template to homepage-orion.html.
Fixes duplicate file_pattern key in api.yaml architecture rule.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-14 16:46:56 +01:00

2.6 KiB
Raw Blame History

Customer Authentication - Quick Summary

Date: 2025-11-24 Full Documentation: customer-authentication-implementation.md

What Was Implemented

Customer login, registration, and forgot password pages Customer dashboard with account overview Complete customer authentication system separate from admin/store Multi-access routing support (domain, subdomain, path-based) Secure cookie management with proper path restrictions Theme integration and responsive design Custom logout confirmation modal (Tailwind CSS + Alpine.js)

Key Files

Created

  • app/templates/shop/account/login.html
  • app/templates/shop/account/register.html
  • app/templates/shop/account/forgot-password.html
  • app/templates/shop/account/dashboard.html

Modified

  • app/api/v1/shop/auth.py - Dynamic cookie paths
  • app/api/deps.py - Customer authentication dependency
  • app/services/customer_service.py - Direct JWT token creation
  • app/routes/shop_pages.py - Customer type hints
  • middleware/store_context.py - Harmonized detection methods

Critical Architecture Decision

Customers ≠ Users

  • Users (admin/store): Have role, username, managed by auth_service
  • Customers: Store-scoped, have customer_number, managed by customer_service

JWT tokens have type: "customer" to distinguish them.

Cookie Path Logic

# Domain/Subdomain access
cookie_path = "/shop"

# Path-based access (/stores/orion/shop)
cookie_path = f"/stores/{store_code}/shop"

Authentication Flow

  1. Login → Create JWT with type: "customer"
  2. Set cookie with store-aware path
  3. Dashboard request → Cookie sent (path matches!)
  4. Dependency decodes JWT, validates type, loads Customer
  5. Render dashboard with customer data

Logout Flow

  1. User clicks "Logout" button → Custom Tailwind modal appears
  2. User confirms → API call to /api/v1/shop/auth/logout
  3. Cookie deleted, localStorage cleared
  4. Success toast shown, redirect to login page

Note: Uses custom modal instead of browser's confirm() for better UX and styling consistency.

Testing URLs

# Path-based access
http://localhost:8000/stores/orion/shop/account/login
http://localhost:8000/stores/orion/shop/account/register
http://localhost:8000/stores/orion/shop/account/dashboard

Next Steps (TODO)

  • Implement password reset functionality
  • Add email verification
  • Build account management pages (orders, profile, addresses)
  • Add refresh tokens for longer sessions
  • Implement rate limiting on auth endpoints
Reference in New Issue View Git Blame Copy Permalink