sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad3306c39478bfe204b80a67245d64e2b2d89900
orion/docs/development/customer-auth-summary.md
Samir Boulahtit 3c7af0ccdf refactor: standardize markdown file naming to kebab-case convention 
Renamed all documentation files to follow kebab-case naming standard:
- UPPERCASE files → lowercase (e.g., RBAC.md → rbac.md)
- snake_case files → kebab-case (e.g., icons_guide.md → icons-guide.md)
- SCREAMING_SNAKE_CASE → kebab-case (e.g., DATABASE_SETUP_GUIDE.md → database-setup-guide.md)

Files renamed (15 total):
API Documentation:
  - api/RBAC.md → api/rbac.md

Architecture:
  - architecture/API_CONSOLIDATION_PROPOSAL.md → api-consolidation-proposal.md
  - architecture/API_MIGRATION_STATUS.md → api-migration-status.md

Development:
  - development/AUTH_DEPENDENCIES_GUIDE.md → auth-dependencies-guide.md
  - development/CUSTOMER_AUTHENTICATION_IMPLEMENTATION.md → customer-authentication-implementation.md
  - development/CUSTOMER_AUTH_SUMMARY.md → customer-auth-summary.md
  - development/icons_guide.md → icons-guide.md

Database Seeder:
  - database-seeder/DATABASE_INIT_GUIDE.md → database-init-guide.md
  - database-seeder/DATABASE_QUICK_REFERENCE_GUIDE.md → database-quick-reference-guide.md
  - database-seeder/DATABASE_SEEDER_DOCUMENTATION.md → database-seeder-documentation.md
  - database-seeder/MAKEFILE_DATABASE_SEEDER.md → makefile-database-seeder.md

Error Rendering:
  - error-rendering/ERROR_RENDERING_DEVELOPER_DOCUMENTATION.md → error-rendering-developer-documentation.md
  - error-rendering/HTML_ERROR_RENDERING_FLOW_DIAGRAM.md → html-error-rendering-flow-diagram.md

Getting Started:
  - getting-started/DATABASE_QUICK_REFERENCE.md → database-quick-reference.md
  - getting-started/DATABASE_SETUP_GUIDE.md → database-setup-guide.md

Updates:
- Updated all references in mkdocs.yml
- Updated all cross-references in markdown files
- Verified mkdocs builds without warnings or errors

Standard: Use kebab-case (lowercase-with-hyphens) for all markdown files

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-28 07:58:33 +01:00

83 lines
2.6 KiB
Markdown
Raw Blame History

# Customer Authentication - Quick Summary
**Date**: 2025-11-24
**Full Documentation**: [customer-authentication-implementation.md](customer-authentication-implementation.md)
## What Was Implemented
✅ Customer login, registration, and forgot password pages
✅ Customer dashboard with account overview
✅ Complete customer authentication system separate from admin/vendor
✅ Multi-access routing support (domain, subdomain, path-based)
✅ Secure cookie management with proper path restrictions
✅ Theme integration and responsive design
✅ Custom logout confirmation modal (Tailwind CSS + Alpine.js)
## Key Files
### Created
- `app/templates/shop/account/login.html`
- `app/templates/shop/account/register.html`
- `app/templates/shop/account/forgot-password.html`
- `app/templates/shop/account/dashboard.html`
### Modified
- `app/api/v1/shop/auth.py` - Dynamic cookie paths
- `app/api/deps.py` - Customer authentication dependency
- `app/services/customer_service.py` - Direct JWT token creation
- `app/routes/shop_pages.py` - Customer type hints
- `middleware/vendor_context.py` - Harmonized detection methods
## Critical Architecture Decision
**Customers ≠ Users**
- **Users** (admin/vendor): Have `role`, `username`, managed by `auth_service`
- **Customers**: Vendor-scoped, have `customer_number`, managed by `customer_service`
JWT tokens have `type: "customer"` to distinguish them.
## Cookie Path Logic
```python
# Domain/Subdomain access
cookie_path = "/shop"
# Path-based access (/vendors/wizamart/shop)
cookie_path = f"/vendors/{vendor_code}/shop"
```
## Authentication Flow
1. Login → Create JWT with `type: "customer"`
2. Set cookie with vendor-aware path
3. Dashboard request → Cookie sent (path matches!)
4. Dependency decodes JWT, validates type, loads Customer
5. Render dashboard with customer data
## Logout Flow
1. User clicks "Logout" button → Custom Tailwind modal appears
2. User confirms → API call to `/api/v1/shop/auth/logout`
3. Cookie deleted, localStorage cleared
4. Success toast shown, redirect to login page
**Note**: Uses custom modal instead of browser's `confirm()` for better UX and styling consistency.
## Testing URLs
```
# Path-based access
http://localhost:8000/vendors/wizamart/shop/account/login
http://localhost:8000/vendors/wizamart/shop/account/register
http://localhost:8000/vendors/wizamart/shop/account/dashboard
```
## Next Steps (TODO)
- [ ] Implement password reset functionality
- [ ] Add email verification
- [ ] Build account management pages (orders, profile, addresses)
- [ ] Add refresh tokens for longer sessions
- [ ] Implement rate limiting on auth endpoints
Reference in New Issue View Git Blame Copy Permalink