patrick
cead46c1e1
Mitarbeiter scannen einen am Eingang ausgehängten QR-Code mit dem Privat-Handy
(/stamp?t=<token>), melden sich per Personalnummer + PIN an und stempeln ein/aus.
Eigener öffentlicher Endpunkt-Pfad, da der Kiosk-PIN-Login Ed25519-Geräte-
Signaturen verlangt, die ein Privat-Handy nicht hat.
Backend:
- Company.public_stamp_enabled (opt-in, default OFF) + rotierbares
public_stamp_token_hash (SHA-256) + created_at; Migration 0033
- Router /time/public: company/auth/action (slowapi-Limits, AuditLog)
- kiosk_auth_service.login_pin_public() reused PIN-Lockout, keyed auf
(public:company_id, personnel_number)
- public_stamp_session_service: 120s Redis-Kurz-Session
- Admin-Token-Endpunkte in companies.py (GET/rotate/DELETE)
Frontend:
- Public-Route /stamp (PublicStampPage)
- Stempel-PIN-Verwaltung in ProfilePage (reused POST /users/{id}/kiosk-pin)
- QR-Generierung/Druck/Toggle in CompanySettingsPage
Sicherheit: schwächer als Kiosk (keine Geräte-Signatur/Nonce/IP-Whitelist),
bewusster BYOD-Komfort-Tradeoff; Schutz über PIN + Lockout + opt-in.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
39 lines
1.1 KiB
Python
39 lines
1.1 KiB
Python
"""public stamp token + opt-in flag for static QR stamping
|
|
|
|
Revision ID: 0033
|
|
Revises: 0032
|
|
Create Date: 2026-06-02
|
|
"""
|
|
from alembic import op
|
|
import sqlalchemy as sa
|
|
|
|
revision = '0033'
|
|
down_revision = '0032'
|
|
branch_labels = None
|
|
depends_on = None
|
|
|
|
|
|
def upgrade():
|
|
op.add_column(
|
|
'companies',
|
|
sa.Column('public_stamp_enabled', sa.Boolean(), nullable=False, server_default=sa.false()),
|
|
)
|
|
op.add_column(
|
|
'companies',
|
|
sa.Column('public_stamp_token_hash', sa.String(length=64), nullable=True),
|
|
)
|
|
op.add_column(
|
|
'companies',
|
|
sa.Column('public_stamp_token_created_at', sa.DateTime(timezone=True), nullable=True),
|
|
)
|
|
op.create_unique_constraint(
|
|
'uq_companies_public_stamp_token_hash', 'companies', ['public_stamp_token_hash']
|
|
)
|
|
|
|
|
|
def downgrade():
|
|
op.drop_constraint('uq_companies_public_stamp_token_hash', 'companies', type_='unique')
|
|
op.drop_column('companies', 'public_stamp_token_created_at')
|
|
op.drop_column('companies', 'public_stamp_token_hash')
|
|
op.drop_column('companies', 'public_stamp_enabled')
|