API Reference
This page brings together the project modules that make up the public backend surface. Start with the short narratives for an overview of each component and then dive into the autogenerated member listings for the complete API.
Working With This Reference
Prefer the summaries for intent and integration tips, then jump to the generated API listings when you need argument details.
Environment variables called out below match the defaults baked into the codebase; override them per deployment via the usual
.envor container settings.All modules follow FastAPI best practices and integrate cleanly with the application factory shown later. Import paths in examples assume you are running from inside the backend package root.
Application Lifecycle and HTTP Surface
app_factory
Creates the FastAPI application, wires every router, and enforces the Config UI login flow. Highlights:
Session cookies are signed (HMAC) and paired with CSRF tokens; defaults are safe for HTTPS deployments and configurable for local testing.
Rate limiting uses an in-process counter for the Config UI.
Static assets for the Config UI are served from
assets/, keeping the backend self-contained for local runs.
A minimal entry point is:
from fastapi import FastAPI
from app_factory import create_app
app: FastAPI = create_app()
Variable |
Purpose |
Default |
|---|---|---|
|
HMAC key for Config UI sessions/CSRF (falls back to |
|
|
Session lifetime in minutes for the Config UI. |
|
|
Plaintext Config UI password, hashed on startup. |
unset |
|
Toggle the |
|
|
Sliding window and lock thresholds for login throttling. |
see module defaults |
lifespan
Declares the async lifespan handler used by FastAPI to stage supporting services during startup and shutdown. It:
Initialises the in-memory pubsub backend through
pubsub.init_pubsub().Ensures the widget registry is ready — creating indexes and optionally pre-warming bundles.
Starts configured producer tasks from
endpoint_config.get_stream_funcs()and cancels them cleanly when the server stops.
Authentication and Session Management
auth
Handles OAuth2-style login for API clients. Important aspects:
Local users are stored in-memory with bcrypt hashes; MSAL users are auto-provisioned without stored passwords and always carry the
SKAOgroup.Access tokens are JSON Web Tokens (HS256) carrying role/group claims. The module guards endpoints via FastAPI dependencies to enforce authentication.
Token TTL is intentionally short by default to keep local testing snappy; set
TOKEN_TTL_MINUTESto lengthen sessions in real deployments.
Variable |
Purpose |
Default |
|---|---|---|
|
Lifetime for every issued access token. |
|
|
Symmetric signing key shared with the Config UI session code. |
|
- exception auth.HTTPException(status_code, detail=None, headers=None)[source]
Bases:
HTTPExceptionAn HTTP exception you can raise in your own code to show errors to the client.
This is for client errors, invalid authentication, invalid data, etc. Not for server errors in your code.
Read more about it in the [FastAPI docs for Handling Errors](https://fastapi.tiangolo.com/tutorial/handling-errors/).
## Example
```python from fastapi import FastAPI, HTTPException
app = FastAPI()
items = {“foo”: “The Foo Wrestlers”}
@app.get(“/items/{item_id}”) async def read_item(item_id: str):
- if item_id not in items:
raise HTTPException(status_code=404, detail=”Item not found”)
return {“item”: items[item_id]}
- Parameters:
status_code (Annotated[int, Doc('\n HTTP status code to send to the client.\n\n Read more about it in the\n [FastAPI docs for Handling Errors](https://fastapi.tiangolo.com/tutorial/handling-errors/#use-httpexception)\n ')])
detail (Annotated[Any, Doc('\n Any data to be sent to the client in the `detail` key of the JSON\n response.\n\n Read more about it in the\n [FastAPI docs for Handling Errors](https://fastapi.tiangolo.com/tutorial/handling-errors/#use-httpexception)\n ')])
headers (Annotated[Mapping[str, str] | None, Doc('\n Any headers to send to the client in the response.\n\n Read more about it in the\n [FastAPI docs for Handling Errors](https://fastapi.tiangolo.com/tutorial/handling-errors/#add-custom-headers)\n\n ')])
- Return type:
None
- class auth.Token(*, access_token, token_type='bearer', expires_in)[source]
Bases:
BaseModel- model_config: ClassVar[ConfigDict] = {}
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class auth.User(*, username, full_name=None, role='Viewer', role_level=1, groups=<factory>)[source]
Bases:
BaseModel- model_config: ClassVar[ConfigDict] = {}
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class auth.MsalPayload(*, id_token)[source]
Bases:
BaseModel- Parameters:
id_token (str)
- model_config: ClassVar[ConfigDict] = {}
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- async auth.get_current_user(request, token=Depends(dependency=<fastapi.security.oauth2.OAuth2PasswordBearer object>, use_cache=True, scope=None), query_token=Query(None))[source]
Shared dependency - accepts header / query / cookie.
- async auth.login(response, form=Depends(dependency=None, use_cache=True, scope=None))[source]
- Parameters:
response (Response)
form (OAuth2PasswordRequestForm)
- Return type:
- async auth.msal_login(payload, response)[source]
The frontend calls this route after MSAL acquires an ID-token.
We trust any token MSAL gives us for local dev - no signature check. Add proper validation later (see suggestions below).
We decode the token, map claims → username/full_name, provision a local user if necessary, then hand out a normal taranta_jwt + cookie.
- Parameters:
payload (MsalPayload)
response (Response)
- Return type:
- async auth.read_me(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None))[source]
- Parameters:
current (User)
- async auth.validate_token(request, token=Depends(dependency=<fastapi.security.oauth2.OAuth2PasswordBearer object>, use_cache=True, scope=None), query_token=Query(None))[source]
Quick session check - handy from tools like curl or the browser:
GET /auth/validate?token=<access_token>
or GET with Authorization: Bearer … or GET with the cookie already set
Configuration Management
config_editor
Exposes the Config UI endpoints to read, validate, diff, and activate stored
endpoint configuration documents. Every mutating route enforces the trio of a
valid Config UI session, CSRF token, and same-origin request to defend against
browser threats. Payloads are validated through utils.validation before they
are persisted or activated.
- async config_editor.get_config(version=Query(None))[source]
Return the requested version (or active) plus a varsResolved field.
- Parameters:
version (str | None)
- async config_editor.get_versions()[source]
List all saved versions, the active version, the currently loaded version, and whether the loader runs in recovery mode.
- async config_editor.activate_version(version)[source]
Activate an existing version.
- Parameters:
version (str)
- async config_editor.delete_version(version)[source]
Permanently delete a non-active version from the store.
- Parameters:
version (str)
- async config_editor.save_config(payload)[source]
Validate and save a new version to MongoDB, returning the diff against the previous active version, and trigger a graceful reload when activate is true.
- Request shape (both supported):
Back-compat: raw endpoints.json object (auto-bumps patch & activates)
- New: {
“config”: <endpoints.json>, “version”: “1.2.4”, # optional, defaults to auto-bump patch “activate”: true, # optional, defaults to true “message”: “why” # optional
}
- async config_editor.diff_payload(payload=Body(PydanticUndefined))[source]
- Compute a unified diff between two payloads:
base: requested version (when provided) or the active version
new : the submitted payload (raw endpoints JSON)
- Request body accepts either:
{ “config”: <json>, “baseVersion”: “1.2.3” } # preferred <json> # legacy shape (no baseVersion)
Returns: { ok: true, diff: “<unified diff>” }
- async config_editor.diff_versions(frm=Query(None), to=Query(None))[source]
Compute a unified diff between two SAVED versions.
- Query params:
?from=1.2.3&to=1.2.4
If ‘to’ is omitted, compares against the active version. If ‘from’ is omitted, compares active (old) with ‘to’ (new).
Returns: { ok: true, diff: “<unified diff>” }
config_store
Wraps MongoDB collections that persist versioned endpoint configuration state.
The helpers here are intentionally blocking because they run in worker threads
under FastAPI. Use them to save new versions, promote a version to “active”,
read history, or bootstrap the database from endpoint_config/endpoints.json.
Variable |
Purpose |
Default |
|---|---|---|
|
Connection string for MongoDB (shared with other stores). |
|
|
Database name that houses configuration and preferences. |
|
|
Collection storing each saved endpoint configuration. |
|
|
Stores current/last-known-good version metadata. |
|
- config_store.get_active_version()[source]
Return the currently active version stored in state (or None).
- Return type:
str | None
- config_store.get_last_good_version()[source]
Return the last-known-good version (if any).
- Return type:
str | None
- config_store.set_last_good_version(version)[source]
Persist last-known-good version (best-effort).
- Parameters:
version (str)
- Return type:
None
- config_store.health_check()[source]
Lightweight connectivity check. Raises on failure so callers can differentiate config-not-found from Mongo-unreachable cases.
- Return type:
None
- config_store.save_new_version(config, *, version, activate, message=None)[source]
Insert a new version document. When version is None, bump the patch from the active version (or the latest, or 1.0.0 if none exist).
preferences_store
Provides the async MongoDB-backed persistence for user-specific UI preferences. It is intentionally lightweight — fetch and update helpers are all you need for widgets arranging their own state.
Storage is routed through the same
MONGO_URI/MONGO_DBas the config store; override the collection withMONGO_COLLECTION(defaults topreferences).fetch_preferencesalso assembles ashared_workspace_libraryfrom every user’s publishedshared_workspace_grants, attaching the latest owner workspace snapshot and variables so shared dashboards stay in sync without a manual export. Persistedshared_workspace_librarydata is ignored and rebuilt on every fetch to avoid stale shared copies.update_preferencesnow applies partial JSON patches on top of the stored document instead of replacing the entire config. This keeps workspace saves small and prevents unrelated settings from being lost when only one field changes.Role and group picklists for the share dialog come from the
/auth/roleshelper endpoint, which returns the canonicalAdmin/Viewervalues plus any extras present in the in-memory user store.
Messaging and Streaming
pubsub
Offers an in-process publish/subscribe helper layer. Use init_pubsub() during
startup, then:
Call
publish()orrun_producer()to push JSON serialised messages to channels.Consume updates through
subscribe()which yields decoded JSON payloads.Messages stay in-process so application behaviour remains deterministic.
- async pubsub.init_pubsub()[source]
Create an in-memory pubsub backend. This is process-local only.
- Return type:
None
- async pubsub.run_producer(channel, producer, poll_interval=1.0)[source]
Continuously feed a producer into the in-memory pubsub backend.
async-generator functions - every yielded item is published.
coroutine functions - called every poll_interval s, their returned value is published.
Widgets Registry
widgets_registry
Manages the lifecycle of embeddable UI widget bundles. Capabilities include:
Downloading, integrity-checking, and caching widget bundles from approved CDNs or artefact repositories.
Enforcing organisation-scoped npm package naming to prevent arbitrary third party code execution.
Maintaining an LRU in-memory cache plus MongoDB metadata so frequently-used bundles stay warm even across restarts.
Providing startup helpers (
ensure_ready) and graceful shutdown of the sharedaiohttpclient session.
Variable |
Purpose |
Default |
|---|---|---|
|
MongoDB collection tracking widget bundle metadata. |
|
|
Filesystem cache for extracted bundles. |
|
|
Comma-separated whitelist of hosts allowed for downloads. |
|
|
Scoped npm packages permitted for install. |
|
|
Whether to pre-fetch allowed bundles during startup. |
|