sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9a5b7dd061761fbd104c38c86b4f2843f7488983
orion/docs/development/customer-auth-summary.md
Samir Boulahtit d648c921b7
Some checks failed
CI / ruff (push) Successful in 10s
Details
CI / validate (push) Has been cancelled
Details
CI / dependency-scanning (push) Has been cancelled
Details
CI / docs (push) Has been cancelled
Details
CI / deploy (push) Has been cancelled
Details
CI / pytest (push) Has been cancelled
Details
docs: add consolidated dev URL reference and migrate /shop to /storefront 
- Add Development URL Quick Reference section to url-routing overview
  with all login URLs, entry points, and full examples
- Replace /shop/ path segments with /storefront/ across 50 docs files
- Update file references: shop_pages.py → storefront_pages.py,
  templates/shop/ → templates/storefront/, api/v1/shop/ → api/v1/storefront/
- Preserve domain references (orion.shop) and /store/ staff dashboard paths
- Archive docs left unchanged (historical)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 13:23:44 +01:00

2.6 KiB
Raw Blame History

Customer Authentication - Quick Summary

Date: 2025-11-24 Full Documentation: customer-authentication-implementation.md

What Was Implemented

Customer login, registration, and forgot password pages Customer dashboard with account overview Complete customer authentication system separate from admin/store Multi-access routing support (domain, subdomain, path-based) Secure cookie management with proper path restrictions Theme integration and responsive design Custom logout confirmation modal (Tailwind CSS + Alpine.js)

Key Files

Created

  • app/templates/storefront/account/login.html
  • app/templates/storefront/account/register.html
  • app/templates/storefront/account/forgot-password.html
  • app/templates/storefront/account/dashboard.html

Modified

  • app/api/v1/storefront/auth.py - Dynamic cookie paths
  • app/api/deps.py - Customer authentication dependency
  • app/services/customer_service.py - Direct JWT token creation
  • app/routes/storefront_pages.py - Customer type hints
  • middleware/store_context.py - Harmonized detection methods

Critical Architecture Decision

Customers ≠ Users

  • Users (admin/store): Have role, username, managed by auth_service
  • Customers: Store-scoped, have customer_number, managed by customer_service

JWT tokens have type: "customer" to distinguish them.

Cookie Path Logic

# Domain/Subdomain access
cookie_path = "/storefront"

# Path-based access (/storefront/orion)
cookie_path = f"/storefront/{store_code}"

Authentication Flow

  1. Login → Create JWT with type: "customer"
  2. Set cookie with store-aware path
  3. Dashboard request → Cookie sent (path matches!)
  4. Dependency decodes JWT, validates type, loads Customer
  5. Render dashboard with customer data

Logout Flow

  1. User clicks "Logout" button → Custom Tailwind modal appears
  2. User confirms → API call to /api/v1/storefront/auth/logout
  3. Cookie deleted, localStorage cleared
  4. Success toast shown, redirect to login page

Note: Uses custom modal instead of browser's confirm() for better UX and styling consistency.

Testing URLs

# Path-based access
http://localhost:8000/storefront/orion/account/login
http://localhost:8000/storefront/orion/account/register
http://localhost:8000/storefront/orion/account/dashboard

Next Steps (TODO)

  • Implement password reset functionality
  • Add email verification
  • Build account management pages (orders, profile, addresses)
  • Add refresh tokens for longer sessions
  • Implement rate limiting on auth endpoints
Reference in New Issue View Git Blame Copy Permalink