No description
2902c9cc82
- login_user clears any pre-login session state before stamping user_id/pw_changed_at/admin so a fixated cookie value cannot smuggle data past the login boundary - logout_user now session.clear()s instead of only popping user_id, removing leftover pw_changed_at/admin markers - CSRF token comparison uses hmac.compare_digest - load_current_user rejects sessions where the stamped admin flag no longer matches the user row, preventing a demoted admin from retaining elevated access until next password change (backward-compatible: sessions issued pre-upgrade lack the marker and pass through until next login) |
||
|---|---|---|
| deploy | ||
| docs/superpowers | ||
| examples/script-overlays | ||
| l4d2host | ||
| l4d2web | ||
| .envrc | ||
| .gitignore | ||
| AGENTS.md | ||
| README.md | ||
left4me
left4me is a local L4D2 server management platform with two planned components:
l4d2host+l4d2ctl(host library + CLI)l4d2-web-app(Flask web app for users, blueprints, servers, jobs, and logs)
Status
Implementation plans remain the source of truth for architecture and task sequencing:
docs/superpowers/plans/2026-04-22-l4d2-host-lib-v1.mddocs/superpowers/plans/2026-04-23-l4d2-web-app-v1.md
Locked v1 Decisions
- Naming is strictly
l4d2(notl4d). - Host library and web app are separate components.
- Host CLI write commands are fixed to:
installinitialize <name> -f <spec.yaml>start <name>stop <name>delete <name>
- Host CLI read commands are available for the web/host boundary:
status <name> --jsonlogs <name> --lines <n> --follow/--no-follow
- The web app calls host operations through
l4d2ctl, not directl4d2hostimports. - Deployment uses
/var/lib/left4mefor runtime state,/opt/left4mefor repository contents and the virtualenv,/etc/left4mefor environment files, and global units under/usr/local/lib/systemd/system. - Overlay handling is directory-based; the web app populates each overlay (workshop downloads, managed-global refresh).
- No lock manager, no rollback, no preflight checks in host library.
- CLI propagates subprocess failures via stderr and return code.
deleteon missing instance is no-op success.- Blueprint model (web app):
- user-private in v1
- servers are live-linked to blueprint
- no per-server overrides
- delete blueprint blocked when linked servers exist
- blueprint changes apply on next action
- server can reassign blueprint anytime
Planned Repository Layout
l4d2host/l4d2web/deploy/docs/superpowers/plans/
Deployment
See deploy/README.md for the Linux test deployment contract, including the runtime user, target filesystem layout, systemd units, privileged helpers, sudoers rules, admin bootstrap, and overlay reference rules.
Local development
This repo uses direnv to auto-activate a Python 3.13 venv on cd (matching the Debian Trixie production target). With direnv installed and hooked into your shell:
direnv allowonce per fresh checkout (and after any.envrcchange).cdout and back in —.direnv/python-3.13/is created and put onPATH.pip install -e ./l4d2host -e ./l4d2webto install both packages editable.pip install pytestto run the test suites (pytest tests/inside either subproject).
Tech Stack (planned)
- Python 3.12+
- Typer, PyYAML, pytest
- Flask, SQLAlchemy, Alembic
- HTMX (vendored locally), custom CSS, SSE
- systemd units, kernel overlayfs (mounted via the
left4me-overlayprivileged helper), steamcmd
Recommended Implementation Order
- Implement
l4d2hostplan first. - Implement
l4d2webplan second. - Keep tests green task-by-task (TDD flow from plans).
- Keep commits small and aligned with plan tasks.
Contributing Notes
- Follow plan task order unless explicitly re-planned.
- Keep contracts above unchanged unless the user asks to change them.
- Update plan docs when scope or behavior changes.