Security Module

GitHub OAuth authentication with secure token storage and organization member sync.

Quick Start

from src.shared_services.security.unified_auth_manager import unified_auth_manager

# Check login status
if unified_auth_manager.is_logged_in():
    user_info = unified_auth_manager.get_user_info()
    print(f"Logged in as: {user_info['username']}")

# Show OAuth login (synchronous)
success, username, error = unified_auth_manager.show_oauth_login_sync()

# Get OAuth token for API calls
token = unified_auth_manager.get_oauth_token()

# Logout
unified_auth_manager.logout()

Architecture

security/
  login_manager.py         - Re-export of unified_auth_manager (import alias)
  unified_auth_manager.py  - Main auth manager (singleton)
  encryption_utils.py      - Fernet encryption helpers
  r2_key_manager.py        - R2 cloud credentials manager
  zip_key_loader.py        - Local encrypted ZIP key loader
  oauth/
    auth_thread.py         - GitHub Device Flow thread
    authentication_manager.py - Token validation, org membership
    token_manager.py       - Secure token storage (.enc file)
    login_window.py        - Qt login dialog
    config.py              - OAuth config utilities
  sync/
    organization_members_manager.py - Org member avatar sync

Files

File	Purpose
unified_auth_manager.py	Singleton auth manager, main entry point
token_manager.py	Encrypted token storage with Fernet
auth_thread.py	Background thread for Device Flow
authentication_manager.py	Token validation, org membership checks
login_window.py	Qt-based OAuth login dialog
organization_members_manager.py	Download org member avatars

Features

• GitHub OAuth Device Flow authentication
• Fernet-encrypted token storage
• Organization membership validation
• Automatic avatar caching
• Daily member sync (configurable)
• R2 cloud credentials fetching