Commit Graph

8 Commits

Author SHA1 Message Date
df5398a7ee feat(auth): Phase 7 Flask authentication middleware with JWT and multi-tenant isolation
Complete implementation of enterprise-grade authentication middleware for email service:

Features:
- JWT token creation/validation with configurable expiration
- Bearer token extraction and validation
- Multi-tenant isolation enforced at middleware level
- Role-based access control (RBAC) with user/admin roles
- Row-level security (RLS) for resource access
- Automatic request logging with user context and audit trail
- CORS configuration for email client frontend
- Rate limiting (50 req/min per user with Redis backend)
- Comprehensive error handling with proper HTTP status codes

Implementation:
- Enhanced src/middleware/auth.py (415 lines)
  - JWTConfig class for token management
  - create_jwt_token() for token generation
  - decode_jwt_token() for token validation
  - @verify_tenant_context decorator for auth middleware
  - @verify_role decorator for RBAC
  - verify_resource_access() for row-level security
  - log_request_context() for audit logging

Testing:
- 52 comprehensive test cases covering all features
- 100% pass rate with fast execution (0.15s)
- Test categories: JWT, multi-tenant, RBAC, RLS, logging, integration
- Full coverage of error scenarios and edge cases

Documentation:
- AUTH_MIDDLEWARE.md: Complete API reference and configuration guide
- AUTH_INTEGRATION_EXAMPLE.py: Real-world usage examples for 5+ scenarios
- PHASE_7_SUMMARY.md: Implementation summary with checklist
- Inline code documentation with type hints

Security:
- Multi-tenant data isolation at all levels
- Constant-time password comparison
- JWT signature validation
- CORS protection
- Rate limiting against abuse
- Comprehensive audit logging

Dependencies Added:
- PyJWT==2.8.1

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-01-24 00:20:19 +00:00
42446ef255 feat: Update package schemas and scripts to support JSON-based lifecycle hooks
- Added `jsonScript` property to metadata schema for JSON script entry points.
- Refactored `generate-package.ts` to replace Lua scripts with JSON scripts for lifecycle hooks.
- Updated test generation to use JSON format for metadata validation.
- Modified documentation and comments to reflect the transition from Lua to JSON scripting.
- Adjusted Storybook configuration and mock data to align with new JSON script structure.
- Renamed relevant files and references from Lua to JSON for consistency across the project.
2026-01-07 15:25:45 +00:00
copilot-swe-agent[bot]
0ab852d227 Initial plan: Fix README styles documentation
Co-authored-by: johndoe6345789 <224850594+johndoe6345789@users.noreply.github.com>
2026-01-03 20:17:49 +00:00
41f7239884 feat(ui_home): Add landing page components and configuration
- Included "ui_home" package in the bootstrap script for system initialization.
- Updated the root page handler to prioritize rendering from the god panel and installed packages.
- Created a detailed verification document for the landing page setup, including component structure and dependencies.
- Added database records for "ui_home" in installed packages and permissions for public access.
- Updated core packages and permissions YAML files to include "ui_home" with appropriate settings.
2026-01-03 20:09:59 +00:00
2af4d04ab8 feat(deployment): Add comprehensive deployment components and scripts
- Introduced `README_ADDITIONS.md` for new services and features including CLI tools, system bootstrap, monitoring stack, and backup automation.
- Created Dockerfiles for CLI and admin tools, enabling standalone usage and administrative tasks.
- Implemented `docker-compose.monitoring.yml` for Prometheus, Grafana, Loki, and related services for monitoring and observability.
- Added `backup-database.sh` for automated PostgreSQL backups with retention policies.
- Developed `bootstrap-system.sh` for initializing the system, running migrations, and seeding the database.
- Updated `deploy.sh` for streamlined deployment across development, production, and monitoring environments.
- Configured Prometheus and Grafana with appropriate datasource and scrape configurations.
- Enhanced directory structure for better organization of deployment files and scripts.
2026-01-03 19:33:05 +00:00
Richard Ward
43477aceae docs: schema,migrations,scripts (2 files) 2025-12-30 21:37:27 +00:00
cfa1e5bfee feat: add new icon components including Envelope, ChatCircle, HardDrives, WarningCircle, CheckCircle, XCircle, TrendUp, ShieldWarning, LockKey, Crown, Sparkle, BookOpen, Tree, Broom, Export, UploadSimple, Funnel, FunnelSimple, MapTrifold, PushPinSimple, Buildings, GithubLogo, and GoogleLogo 2025-12-30 12:21:15 +00:00
a9a759da4e docs: nextjs,frontends,tsx (72 files) 2025-12-26 02:30:57 +00:00