From 64be789b13bc7afa305ebcf0f76c4c28a5cf9cfa Mon Sep 17 00:00:00 2001
From: tegwick <bernd.worsch@gmail.com>
Date: Tue, 28 Apr 2026 00:21:03 +0200
Subject: [PATCH] Username/Password fields on analyse repo mask

---
 src/repo_registry/core/service.py    |  9 ++++++++-
 src/repo_registry/web_api/app.py     |  2 ++
 src/repo_registry/web_api/schemas.py |  6 ++++++
 src/repo_registry/web_ui/views.py    | 11 ++++++++++-
 tests/test_web_api.py                |  7 ++++++-
 5 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/repo_registry/core/service.py b/src/repo_registry/core/service.py
index 5c0ab8c..2b4c955 100644
--- a/src/repo_registry/core/service.py
+++ b/src/repo_registry/core/service.py
@@ -120,6 +120,8 @@ class RegistryService:
         repository_id: int,
         *,
         source_path: str | None = None,
+        access_username: str | None = None,
+        access_password: str | None = None,
     ) -> ScanSummary:
         repository = self.store.get_repository(repository_id)
         run = self.store.create_analysis_run(repository_id)
@@ -132,7 +134,12 @@ class RegistryService:
         )
         try:
             if source_path is None:
-                checkout = self.ingestion.resolve(repository.url, branch=repository.branch)
+                checkout = self.ingestion.resolve(
+                    repository.url,
+                    branch=repository.branch,
+                    access_username=access_username,
+                    access_password=access_password,
+                )
                 scan_source = checkout.source_path
             else:
                 scan_source = source_path
diff --git a/src/repo_registry/web_api/app.py b/src/repo_registry/web_api/app.py
index 9a752d2..0908c79 100644
--- a/src/repo_registry/web_api/app.py
+++ b/src/repo_registry/web_api/app.py
@@ -245,6 +245,8 @@ def create_analysis_run(
         summary = service.analyze_repository(
             repository_id,
             source_path=payload.source_path,
+            access_username=payload.access_username,
+            access_password=payload.access_password,
         )
     except NotFoundError as exc:
         raise HTTPException(status_code=404, detail=str(exc)) from exc
diff --git a/src/repo_registry/web_api/schemas.py b/src/repo_registry/web_api/schemas.py
index 6d8e143..03d65c1 100644
--- a/src/repo_registry/web_api/schemas.py
+++ b/src/repo_registry/web_api/schemas.py
@@ -202,12 +202,18 @@ class EvidenceUpdate(BaseModel):
 
 class AnalysisRunCreate(BaseModel):
     source_path: str | None = None
+    access_username: str | None = None
+    access_password: str | None = Field(default=None, repr=False)
 
     model_config = {
         "json_schema_extra": {
             "examples": [
                 {},
                 {"source_path": "/path/to/local/repository"},
+                {
+                    "access_username": "git-user",
+                    "access_password": "access-token",
+                },
             ]
         }
     }
diff --git a/src/repo_registry/web_ui/views.py b/src/repo_registry/web_ui/views.py
index 6449aad..0776007 100644
--- a/src/repo_registry/web_ui/views.py
+++ b/src/repo_registry/web_ui/views.py
@@ -480,7 +480,12 @@ def repository_detail(
         <h2>Run Analysis</h2>
         <form class="stack" method="post" action="/ui/repos/{repository_id}/analysis-runs">
           <label>Override source path <input name="source_path" placeholder="Optional local path"></label>
-          <button type="submit">Analyze</button>
+          <label>Username <input name="access_username" autocomplete="username" placeholder="Optional for private HTTP(S) repos"></label>
+          <label>Password or access token <input name="access_password" type="password" autocomplete="current-password" placeholder="Used for this Git operation only"></label>
+          <div class="actions">
+            <button type="submit">Analyze</button>
+            <span data-pending>Running analysis...</span>
+          </div>
         </form>
         <h2>Analysis Runs</h2>
         <table>
@@ -795,11 +800,15 @@ def delete_evidence_from_form(
 def create_analysis_run_from_form(
     repository_id: int,
     source_path: str = Form(""),
+    access_username: str = Form(""),
+    access_password: str = Form(""),
     service: RegistryService = Depends(get_service),
 ) -> RedirectResponse:
     summary = service.analyze_repository(
         repository_id,
         source_path=source_path or None,
+        access_username=access_username or None,
+        access_password=access_password or None,
     )
     return RedirectResponse(
         f"/ui/repos/{repository_id}/analysis-runs/{summary.analysis_run.id}",
diff --git a/tests/test_web_api.py b/tests/test_web_api.py
index ac1a2d9..322220f 100644
--- a/tests/test_web_api.py
+++ b/tests/test_web_api.py
@@ -1092,6 +1092,7 @@ def test_ui_register_analyze_and_approve_loop(tmp_path):
         detail_response = client.get(repository_path)
         assert detail_response.status_code == 200
         assert "Run Analysis" in detail_response.text
+        assert "Running analysis..." in detail_response.text
         assert "Repository Metadata" in detail_response.text
 
         edit_repository_response = client.post(
@@ -1110,7 +1111,11 @@ def test_ui_register_analyze_and_approve_loop(tmp_path):
 
         run_response = client.post(
             f"{repository_path}/analysis-runs",
-            data={"source_path": ""},
+            data={
+                "source_path": "",
+                "access_username": "",
+                "access_password": "",
+            },
             follow_redirects=False,
         )
         assert run_response.status_code == 303