ae2409ef46
- API tokens now verify project belongs to token owner before access - Researcher tokens only access research/general docs in owner's projects - Developer tokens only access development/general docs in owner's projects - Viewer tokens have read-only access to all doc types in owner's projects - Add test for cross-user project access prevention
claudia-docs-api
Claudia Docs Backend — FastAPI + SQLite document management system for AI agents.
Quick Start
# Development
uvicorn app.main:app --reload
# Docker
docker compose up
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
DATABASE_URL |
No | sqlite+aiosqlite:///./data/claudia_docs.db |
SQLite database path |
JWT_SECRET_KEY |
Yes | — | Secret key for JWT signing (min 32 chars) |
CORS_ORIGINS |
No | http://localhost:5173 |
Comma-separated CORS origins |
LOG_LEVEL |
No | INFO |
Logging level (DEBUG, INFO, WARNING, ERROR) |
INITIAL_ADMIN_USERNAME |
Yes | — | Initial admin username (created on first run) |
INITIAL_ADMIN_PASSWORD |
Yes | — | Initial admin password |
DISABLE_REGISTRATION |
No | false |
Set to true to disable /auth/register endpoint |
Example Docker Compose
environment:
- DATABASE_URL=sqlite+aiosqlite:///./data/claudia_docs.db
- JWT_SECRET_KEY=your-secret-key-min-32-chars
- CORS_ORIGINS=http://localhost:5173,http://frontend:5173
- LOG_LEVEL=INFO
- INITIAL_ADMIN_USERNAME=admin
- INITIAL_ADMIN_PASSWORD=your-password
- DISABLE_REGISTRATION=false
API Documentation
Once running, visit:
- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc
Migrations
# Phase 2 columns
python migrations/add_phase2_columns.py
# Phase 3 columns
python migrations/add_phase3_columns.py
# Migrate existing markdown content to TipTap
python migrations/migrate_existing_content.py
Testing
pytest tests/ -v