refactor: complete bootstrap of ARNES agent harness framework

- Add complete agent harness structure with 8 roles (leader, triager, architect, implementer, reviewer, security, qa, documenter)
- Implement strict workflow with 9 stages and mandatory gates
- Add comprehensive verification script and runtime status tracking
- Create artifact-based evidence system with contracts and schemas
- Add agent policy matrix with permissions and anti-cheat rules
- Include test suite (44 tests passing) and CI-ready structure
- Add documentation: README, HOWTO, CHECKPOINTS, templates
- Configure model routing policies and token-aware task assignment
- Add BDD/SDD specification guides and feature templates
- Include starter pack for quick project onboarding

All verification checks pass. Framework ready for production use.
This commit is contained in:
rikrdo
2026-05-17 23:25:35 +02:00
parent 622e5df382
commit 3ff9b70e4c
104 changed files with 8534 additions and 187 deletions

View File

@@ -0,0 +1,65 @@
# AuthService Component
## Purpose
Handle user authentication (login/logout) with JWT tokens.
## Public API
### Methods
#### login(email: str, password: str) -> AuthResult
Authenticate user with email and password.
**Parameters:**
- `email`: User email address
- `password`: User password
**Returns:**
- `AuthResult` with access_token, refresh_token, expires_in
**Raises:**
- `InvalidCredentialsError`: Email or password incorrect
- `AccountLockedError`: Account temporarily locked
- `ValidationError`: Invalid input format
#### logout(user_id: str, token_id: str) -> bool
Invalidate a specific session/token.
**Parameters:**
- `user_id`: User ID
- `token_id`: JWT jti (token identifier)
**Returns:** True if successful
#### logout_all(user_id: str) -> int
Invalidate all sessions for a user.
**Parameters:**
- `user_id`: User ID
**Returns:** Number of sessions invalidated
#### refresh(refresh_token: str) -> AuthResult
Get new access token from refresh token.
**Parameters:**
- `refresh_token`: Valid refresh token
**Returns:** New AuthResult with access_token
**Raises:**
- `InvalidTokenError`: Token expired or invalid
---
## Dependencies
- `TokenService`: JWT generation/validation
- `SessionStore`: Track active sessions
- `UserRepository`: Fetch user data
- `PasswordService`: Verify password (from F-003)
## Configuration
```python
LOGIN_RATE_LIMIT = 10 # attempts per window
RATE_LIMIT_WINDOW = 900 # 15 minutes
ACCOUNT_LOCKOUT_DURATION = 1800 # 30 minutes