Same Authlib-based pattern as v1: SessionMiddleware + core/auth.py (login/callback/logout + require_login dependency), gating "/", /asr/* and /tts/* behind Authentik (application slug "asr-v2", provider pk 14). The websocket route can't use a FastAPI dependency (no Request in its scope) so it's split into its own router and checks websocket.session manually before accept(). v2 has no public domain yet, so the redirect_uri points at the internal 172.30.1.41:18101 address over plain http — hence https_only=False on the session cookie. Client id/secret and the session secret live in /srv/asr/env/asr.env under ASR_V2_-prefixed names (that env file is shared with v1, which already owns the unprefixed OIDC_* names). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
10 lines
153 B
Plaintext
10 lines
153 B
Plaintext
fastapi==0.115.0
|
|
uvicorn[standard]==0.30.6
|
|
python-multipart==0.0.9
|
|
httpx==0.27.2
|
|
websockets>=12.0
|
|
jinja2==3.1.4
|
|
numpy
|
|
authlib==1.3.2
|
|
itsdangerous==2.2.0
|