portal_auth

JWT authentication for the client portal. 72-hour sessions.

Connections

• database: portal_users.db (SQLite)
• built with: bcrypt, PyJWT, FastAPI
• consumed by: all /portal/* routes
• separate: intake-auth (intake portal has own JWT)

Notes

• Roles: scheduler, assistant, goa, triage, up_admin, up_owner
• Cookie-based JWT with 72hr expiry
• SQLite user database at /data/portal-auth/portal_users.db