nanobot-auth-service
Standalone phone/password auth service for nanobot web chat.
Features
POST /auth/register(phone + password + verification code; returns pending)POST /auth/loginGET /auth/me(Bearer token)GET /auth/register/status/{request_id}GET /admin/requests(admin key required)POST /admin/requests/{id}/approve(admin key required)POST /admin/requests/{id}/reject(admin key required)- SQLite persistence
- JWT access tokens
Quick Start
cd nanobot-auth-service
pip install -e .
cp .env.example .env
source .env
uvicorn app.main:app --host ${AUTH_HOST:-0.0.0.0} --port ${AUTH_PORT:-9100}
Env Vars
AUTH_DB_PATH: sqlite file pathAUTH_JWT_SECRET: JWT signing secretAUTH_TOKEN_TTL_HOURS: access token ttlAUTH_CORS_ORIGINS: comma-separated origins or*AUTH_VERIFICATION_CODES: comma-separated whitelist (empty means no whitelist check)AUTH_ADMIN_KEY: required by admin endpointsAUTH_HOST: bind host (run command)AUTH_PORT: bind port (run command)
API Contract
POST /auth/register
{
"phone": "13800000000",
"password": "secret123",
"verification_code": "code-a"
}
Response:
{
"ok": true,
"status": "pending",
"request_id": 1,
"message": "pending review"
}
Manual approval flow (operator terminal):
cd nanobot-auth-service
python app/manual_review.py
The script lists pending requests and asks for each item:
- input
y=> approve and create user - input
r=> reject with reason - any other input => skip
POST /auth/login has the same request/response shape.
GET /auth/me
Header:
Authorization: Bearer <token>
Response:
{
"ok": true,
"user": {"id": 1, "phone": "13800000000"}
}