lucasacchi/mockupAWS
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
cc60ba17ea6325f51f30af295909121698b4da55
mockupAWS/.env.production.example
Luca Sacchi Ricciardi cc60ba17ea
Some checks failed
E2E Tests / Run E2E Tests (push) Has been cancelled
Details
E2E Tests / Visual Regression Tests (push) Has been cancelled
Details
E2E Tests / Smoke Tests (push) Has been cancelled
Details
release: v0.5.0 - Authentication, API Keys & Advanced Features 
Complete v0.5.0 implementation:

Database (@db-engineer):
- 3 migrations: users, api_keys, report_schedules tables
- Foreign keys, indexes, constraints, enums

Backend (@backend-dev):
- JWT authentication service with bcrypt (cost=12)
- Auth endpoints: /register, /login, /refresh, /me
- API Keys service with hash storage and prefix validation
- API Keys endpoints: CRUD + rotate
- Security module with JWT HS256

Frontend (@frontend-dev):
- Login/Register pages with validation
- AuthContext with localStorage persistence
- Protected routes implementation
- API Keys management UI (create, revoke, rotate)
- Header with user dropdown

DevOps (@devops-engineer):
- .env.example and .env.production.example
- docker-compose.scheduler.yml
- scripts/setup-secrets.sh
- INFRASTRUCTURE_SETUP.md

QA (@qa-engineer):
- 85 E2E tests: auth.spec.ts, apikeys.spec.ts, scenarios.spec.ts, regression-v050.spec.ts
- auth-helpers.ts with 20+ utility functions
- Test plans and documentation

Architecture (@spec-architect):
- SECURITY.md with best practices
- SECURITY-CHECKLIST.md pre-deployment
- Updated architecture.md with auth flows
- Updated README.md with v0.5.0 features

Documentation:
- Updated todo.md with v0.5.0 status
- Added docs/README.md index
- Complete setup instructions

Dependencies added:
- bcrypt, python-jose, passlib, email-validator

Tested: JWT auth flow, API keys CRUD, protected routes, 85 E2E tests ready

Closes: v0.5.0 milestone
2026-04-07 19:22:47 +02:00

99 lines
3.7 KiB
Plaintext
Raw Blame History

# MockupAWS Environment Configuration - Production
# =============================================================================
# CRITICAL: This file contains sensitive configuration examples.
# - NEVER commit .env.production to git
# - Use proper secrets management (AWS Secrets Manager, HashiCorp Vault, etc.)
# - Rotate secrets regularly
# =============================================================================
# =============================================================================
# Database
# =============================================================================
# Use strong passwords and SSL connections in production
DATABASE_URL=postgresql+asyncpg://postgres:STRONG_PASSWORD@prod-db-host:5432/mockupaws?ssl=require
# =============================================================================
# Application
# =============================================================================
APP_NAME=mockupAWS
DEBUG=false
API_V1_STR=/api/v1
# =============================================================================
# JWT Authentication
# =============================================================================
# CRITICAL: Generate a strong random secret (min 32 chars)
# Run: openssl rand -hex 32
JWT_SECRET_KEY=REPLACE_WITH_STRONG_RANDOM_SECRET_MIN_32_CHARS
JWT_ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
# =============================================================================
# Security
# =============================================================================
BCRYPT_ROUNDS=12
API_KEY_PREFIX=mk_
# CORS - Restrict to your domain
FRONTEND_URL=https://app.mockupaws.com
ALLOWED_HOSTS=app.mockupaws.com,api.mockupaws.com
# Rate Limiting (requests per minute)
RATE_LIMIT_AUTH=5
RATE_LIMIT_API_KEYS=10
RATE_LIMIT_GENERAL=100
# =============================================================================
# Email Configuration
# =============================================================================
# Provider: sendgrid or ses
EMAIL_PROVIDER=sendgrid
EMAIL_FROM=noreply@mockupaws.com
# SendGrid Configuration
# Store in secrets manager, not here
SENDGRID_API_KEY=sg_production_api_key_from_secrets_manager
# AWS SES Configuration (alternative to SendGrid)
# Use IAM roles instead of hardcoded credentials when possible
AWS_ACCESS_KEY_ID=AKIA...
AWS_SECRET_ACCESS_KEY=from_secrets_manager
AWS_REGION=us-east-1
# =============================================================================
# Reports & Storage
# =============================================================================
# Use S3 or other cloud storage in production
REPORTS_STORAGE_PATH=/app/storage/reports
REPORTS_MAX_FILE_SIZE_MB=50
REPORTS_CLEANUP_DAYS=90
REPORTS_RATE_LIMIT_PER_MINUTE=10
# S3 Configuration (optional)
# AWS_S3_BUCKET=mockupaws-reports
# AWS_S3_REGION=us-east-1
# =============================================================================
# Scheduler (Cron Jobs)
# =============================================================================
SCHEDULER_ENABLED=true
SCHEDULER_INTERVAL_MINUTES=5
# Redis for Celery (recommended for production)
REDIS_URL=redis://redis:6379/0
CELERY_BROKER_URL=redis://redis:6379/0
CELERY_RESULT_BACKEND=redis://redis:6379/0
# =============================================================================
# Monitoring & Logging
# =============================================================================
LOG_LEVEL=INFO
SENTRY_DSN=https://your-sentry-dsn@sentry.io/project
# =============================================================================
# SSL/TLS
# =============================================================================
SSL_CERT_PATH=/etc/ssl/certs/mockupaws.crt
SSL_KEY_PATH=/etc/ssl/private/mockupaws.key
Reference in New Issue View Git Blame Copy Permalink