This NomadNet cloud node provides a hierarchical forum system with user authentication and administrative tools. The system operates on three layers: Micron frontend pages, Python backend modules, and msgpack data storage.
- Hierarchy: Boards → Threads → Posts
- Backend:
storage/forum.pyhandles all data operations (create/read/update threads and posts) - Frontend: Micron pages render dynamic content and forms
- Storage: msgpack format in
storage/forum_data
storage/pages/forum_index.mu- Main forum page listing all boardsstorage/pages/board.mu- Board page showing threads, handles board_id parameterstorage/pages/thread.mu- Thread page showing posts, handles board_id and thread_id parametersstorage/pages/create_thread.mu- Processes new thread creation from form datastorage/pages/add_post.mu- Processes reply creation from form data
Users navigate via links with embedded parameters (board_id, thread_id). Form submissions pass data to handler pages which call forum.py functions to modify storage.
- Backend:
storage/users.py(account management),storage/sessions.py(session lifecycle) - Frontend: Authentication pages integrate with forum pages
- Security: pbkdf2_hmac password hashing (100k iterations, unique salts), UUID4 session tokens
- Session Management: 1-hour expiration, URL-based token propagation
storage/users.py- User registration, password verification, account storagestorage/sessions.py- Session creation, validation, automatic cleanupstorage/pages/register.mu- User registration form and processingstorage/pages/login.mu- Login form, session creation, redirect handlingstorage/pages/logout.mu- Session invalidation and cleanup
- Guest Mode: Auto-generated guest#### usernames, no registration required
- Authenticated Mode: Persistent usernames, session-based identity
Session tokens append to all forum page URLs as |session=TOKEN parameter. Each forum page checks for session token, validates it, and includes it in all outbound links to maintain authentication state.
Command-line interface (admin_tool.py) for system management:
- Forum Management: List boards, view/delete threads and posts, search by author, pin/unpin threads
- User Management: List users, view details, delete accounts, reset passwords
- Session Management: View active sessions, force logout, clear all sessions
- Interactive navigation with numbered selections
- Confirmation prompts for destructive operations
- Real-time data display with color-coded output
- Automatic session cleanup integration
storage/forum.py- Forum data operations, thread/post managementstorage/users.py- User account management, password hashingstorage/sessions.py- Session lifecycle management, token validationstorage/messageboard.py- Legacy message board (backward compatibility)
storage/pages/forum_index.mu- Forum homepagestorage/pages/board.mu- Board view (dynamic, takes board_id)storage/pages/thread.mu- Thread view (dynamic, takes board_id + thread_id)storage/pages/create_thread.mu- Thread creation handlerstorage/pages/add_post.mu- Post creation handlerstorage/pages/register.mu- User registrationstorage/pages/login.mu- User loginstorage/pages/logout.mu- User logout
admin_tool.py- Interactive command-line admin interfaceinit_forum.py- Forum system initializationtest_auth_backend.py- Authentication system test suite
All data stored in msgpack binary format for efficiency and type preservation.
storage/users- User accounts (password hashes, salts, creation timestamps)storage/sessions- Active user sessions (tokens, expiration times, usernames)storage/forum_data- Forum content (boards, threads, posts in hierarchical structure)
Forum pages check for session tokens, validate them, and resolve usernames. Logged-in users see "Logged in as [username] | Logout" while guests see "Login | Register". Session tokens automatically append to all navigation links.
Users can browse and post without registration. Guest usernames generate as guest#### with random 4-digit numbers. New guest names generate on each page load, providing temporary identity for post attribution.
- User visits forum page with optional session token in URL
- Page validates session token (if present) via sessions.py
- Username resolved (authenticated user or guest####)
- Content rendered with appropriate authentication UI
- All links include session token to maintain state
- Form submissions process data via backend modules and redirect with session maintained