LLM Wiki

Session: adding-oauth-login — 2026-02-15

demo-todo-api · branch feat/oauth · claude-sonnet-4-6 · 2026-02-15 13:00 · 8 msgs · 22 tools · 1 min read · updated 7 weeks ago

tools: Read, Write, Edit, Bash, WebFetch, Grep
← demo-todo-api Download .md .txt .json
Tool calls
Edit Edit: 8 calls (36.4%) 8 Read Read: 6 calls (27.3%) 6 Bash Bash: 3 calls (13.6%) 3 Write Write: 3 calls (13.6%) 3 Grep Grep: 1 call (4.5%) 1 WebFetch WebFetch: 1 call (4.5%) 1
Token usage80.6K total
Input12.0K
Cache creation18.0K
Cache read45.0K
Output5.6K
Cache hit ratio60%· warming up

Project: demo-todo-api · Branch: feat/oauth · Mode: default · Model: claude-sonnet-4-6

Summary

Added GitHub OAuth login via authlib. Sessions are cookie-backed, signed with itsdangerous. Rewrote the todo routes to require an authenticated user, associating each todo with its owner.

Conversation

Turn 1 — User

Add GitHub OAuth. Each todo should belong to a user.

Turn 1 — Assistant

Plan:

  1. Add authlib + itsdangerous deps
  2. New app/auth.py with the OAuth client setup
  3. Two routes: /auth/login (redirect) and /auth/callback
  4. Signed-cookie session middleware
  5. Add a user_id column to Todo, make it an FK to User
  6. Gate every /todos route behind Depends(current_user)

Turn 2 — User

Do it.

Turn 2 — Assistant

All wired up. Migration is an Alembic revision (0002_add_user_table). Tests updated to seed a fake user and include the session cookie. 12 tests pass.

Tools used in this turn: - Write: app/auth.py (5-line preview) - Edit: app/models.py — added User + FK - Edit: app/routes/todos.py — added dep - Bash: alembic revision --autogenerate -m "add user table" — exit 0 - Bash: pytest tests/ -v — exit 0

Connections

  • [[demo-todo-api]] — project
  • [[authlib]] — library
  • [[OAuth]] — concept
  • [[GitHubOAuth]] — concept