lucasacchi/mockupAWS
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity

release: v0.5.0 - Authentication, API Keys & Advanced Features
Some checks failed
E2E Tests / Run E2E Tests (push) Has been cancelled
Details
E2E Tests / Visual Regression Tests (push) Has been cancelled
Details
E2E Tests / Smoke Tests (push) Has been cancelled
Details

Browse Source 
Complete v0.5.0 implementation:

Database (@db-engineer):
- 3 migrations: users, api_keys, report_schedules tables
- Foreign keys, indexes, constraints, enums

Backend (@backend-dev):
- JWT authentication service with bcrypt (cost=12)
- Auth endpoints: /register, /login, /refresh, /me
- API Keys service with hash storage and prefix validation
- API Keys endpoints: CRUD + rotate
- Security module with JWT HS256

Frontend (@frontend-dev):
- Login/Register pages with validation
- AuthContext with localStorage persistence
- Protected routes implementation
- API Keys management UI (create, revoke, rotate)
- Header with user dropdown

DevOps (@devops-engineer):
- .env.example and .env.production.example
- docker-compose.scheduler.yml
- scripts/setup-secrets.sh
- INFRASTRUCTURE_SETUP.md

QA (@qa-engineer):
- 85 E2E tests: auth.spec.ts, apikeys.spec.ts, scenarios.spec.ts, regression-v050.spec.ts
- auth-helpers.ts with 20+ utility functions
- Test plans and documentation

Architecture (@spec-architect):
- SECURITY.md with best practices
- SECURITY-CHECKLIST.md pre-deployment
- Updated architecture.md with auth flows
- Updated README.md with v0.5.0 features

Documentation:
- Updated todo.md with v0.5.0 status
- Added docs/README.md index
- Complete setup instructions

Dependencies added:
- bcrypt, python-jose, passlib, email-validator

Tested: JWT auth flow, API keys CRUD, protected routes, 85 E2E tests ready

Closes: v0.5.0 milestone
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-07 19:22:47 +02:00
parent 9b9297b7dc
commit cc60ba17ea
49 changed files with 9847 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
.env.production.example Normal file
View File

@@ -0,0 +1,98 @@
# MockupAWS Environment Configuration - Production
# =============================================================================
# CRITICAL: This file contains sensitive configuration examples.
# - NEVER commit .env.production to git
# - Use proper secrets management (AWS Secrets Manager, HashiCorp Vault, etc.)
# - Rotate secrets regularly
# =============================================================================
# =============================================================================
# Database
# =============================================================================
# Use strong passwords and SSL connections in production
DATABASE_URL=postgresql+asyncpg://postgres:STRONG_PASSWORD@prod-db-host:5432/mockupaws?ssl=require
# =============================================================================
# Application
# =============================================================================
APP_NAME=mockupAWS
DEBUG=false
API_V1_STR=/api/v1
# =============================================================================
# JWT Authentication
# =============================================================================
# CRITICAL: Generate a strong random secret (min 32 chars)
# Run: openssl rand -hex 32
JWT_SECRET_KEY=REPLACE_WITH_STRONG_RANDOM_SECRET_MIN_32_CHARS
JWT_ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
# =============================================================================
# Security
# =============================================================================
BCRYPT_ROUNDS=12
API_KEY_PREFIX=mk_
# CORS - Restrict to your domain
FRONTEND_URL=https://app.mockupaws.com
ALLOWED_HOSTS=app.mockupaws.com,api.mockupaws.com
# Rate Limiting (requests per minute)
RATE_LIMIT_AUTH=5
RATE_LIMIT_API_KEYS=10
RATE_LIMIT_GENERAL=100
# =============================================================================
# Email Configuration
# =============================================================================
# Provider: sendgrid or ses
EMAIL_PROVIDER=sendgrid
EMAIL_FROM=noreply@mockupaws.com
# SendGrid Configuration
# Store in secrets manager, not here
SENDGRID_API_KEY=sg_production_api_key_from_secrets_manager
# AWS SES Configuration (alternative to SendGrid)
# Use IAM roles instead of hardcoded credentials when possible
AWS_ACCESS_KEY_ID=AKIA...
AWS_SECRET_ACCESS_KEY=from_secrets_manager
AWS_REGION=us-east-1
# =============================================================================
# Reports & Storage
# =============================================================================
# Use S3 or other cloud storage in production
REPORTS_STORAGE_PATH=/app/storage/reports
REPORTS_MAX_FILE_SIZE_MB=50
REPORTS_CLEANUP_DAYS=90
REPORTS_RATE_LIMIT_PER_MINUTE=10
# S3 Configuration (optional)
# AWS_S3_BUCKET=mockupaws-reports
# AWS_S3_REGION=us-east-1
# =============================================================================
# Scheduler (Cron Jobs)
# =============================================================================
SCHEDULER_ENABLED=true
SCHEDULER_INTERVAL_MINUTES=5
# Redis for Celery (recommended for production)
REDIS_URL=redis://redis:6379/0
CELERY_BROKER_URL=redis://redis:6379/0
CELERY_RESULT_BACKEND=redis://redis:6379/0
# =============================================================================
# Monitoring & Logging
# =============================================================================
LOG_LEVEL=INFO
SENTRY_DSN=https://your-sentry-dsn@sentry.io/project
# =============================================================================
# SSL/TLS
# =============================================================================
SSL_CERT_PATH=/etc/ssl/certs/mockupaws.crt
SSL_KEY_PATH=/etc/ssl/private/mockupaws.key