paul
35d70a7746
- Added a new API endpoint for managing ReconConfigs at /api/configs, including GET, POST, PUT, and a test URL feature. - Implemented a new configuration editor UI at /configs for creating and editing ReconConfigs. - Introduced a new configs list page at /configs to display existing configurations with options to edit. - Updated base HTML template to include a link to the new configs page. - Created stub configuration and authentication models for workspace development. - Added a stub configuration module to handle database configuration without a real database.
Recon Ranger (FastAPI)
Local development instructions for running the API on your machine.
Prerequisites
- Python 3.13+
- Optional:
uv(recommended becauseuv.lockis included)
Azure Entra ID Setup
The dashboard at / requires login via Azure Entra ID. Assuming you have a tenant ID, follow these steps:
1. Create an App Registration
- Go to Azure Portal → Microsoft Entra ID → App registrations
- Click + New registration
- Fill in:
- Name:
Recon Ranger - Supported account types:
Accounts in this organizational directory only
- Name:
- Click Register
2. Configure Redirect URI
- In your app registration, go to Authentication (left sidebar)
- Click + Add a platform
- Select Web
- Under Redirect URIs, add:
http://127.0.0.1:8000/auth/callback - Check Access tokens and ID tokens under Implicit grant and hybrid flows
- Click Configure
3. Create a Client Secret
- Go to Certificates & secrets (left sidebar)
- Click + New client secret
- Set Expires to
24 months - Click Add
- Copy the Value (you won't see it again!) — this is your
AZURE_CLIENT_SECRET
4. Collect Your Credentials
From your app registration Overview page, copy:
- Directory (tenant) ID →
AZURE_TENANT_ID - Application (client) ID →
AZURE_CLIENT_ID - Client secret value from step 3 →
AZURE_CLIENT_SECRET
5. Generate SESSION_SECRET_KEY
Generate a random 32-byte secret for session encryption:
python -c "import secrets; print(secrets.token_urlsafe(32))"
Copy the output — this is your SESSION_SECRET_KEY.
6. Configure Local .env File
- Create a local
.envfile from the template:
cp .env.example .env
- Fill in your credentials:
SESSION_SECRET_KEY="<output-from-python-command>"
AZURE_TENANT_ID="<your-tenant-id>"
AZURE_CLIENT_ID="<your-client-id>"
AZURE_CLIENT_SECRET="<your-client-secret>"
AZURE_OAUTH_VERIFY_SSL="true"
The app automatically loads .env on startup.
Corporate Firewall / SSL Interception
If /login fails with SSL:CERTIFICATE_VERIFY_FAILED behind a corporate proxy/firewall, prefer trusting your corporate CA:
AZURE_OAUTH_CA_BUNDLE="/path/to/corporate-root-ca.pem"
For local dev only, you can temporarily disable verification:
AZURE_OAUTH_VERIFY_SSL="false"
Run Locally (Using uv)
- Create a virtual environment:
uv venv
- Activate the virtual environment:
source .venv/bin/activate
- Install dependencies from lockfile:
uv sync
- Start the FastAPI app with reload:
uv run uvicorn app.main:app --reload
Endpoints
- API docs: http://127.0.0.1:8000/api/docs
- OpenAPI schema: http://127.0.0.1:8000/openapi.json