mirror of
https://github.com/johndoe6345789/metabuilder.git
synced 2026-04-26 06:44:58 +00:00
johndoe6345789
df5398a7ee
Complete implementation of enterprise-grade authentication middleware for email service: Features: - JWT token creation/validation with configurable expiration - Bearer token extraction and validation - Multi-tenant isolation enforced at middleware level - Role-based access control (RBAC) with user/admin roles - Row-level security (RLS) for resource access - Automatic request logging with user context and audit trail - CORS configuration for email client frontend - Rate limiting (50 req/min per user with Redis backend) - Comprehensive error handling with proper HTTP status codes Implementation: - Enhanced src/middleware/auth.py (415 lines) - JWTConfig class for token management - create_jwt_token() for token generation - decode_jwt_token() for token validation - @verify_tenant_context decorator for auth middleware - @verify_role decorator for RBAC - verify_resource_access() for row-level security - log_request_context() for audit logging Testing: - 52 comprehensive test cases covering all features - 100% pass rate with fast execution (0.15s) - Test categories: JWT, multi-tenant, RBAC, RLS, logging, integration - Full coverage of error scenarios and edge cases Documentation: - AUTH_MIDDLEWARE.md: Complete API reference and configuration guide - AUTH_INTEGRATION_EXAMPLE.py: Real-world usage examples for 5+ scenarios - PHASE_7_SUMMARY.md: Implementation summary with checklist - Inline code documentation with type hints Security: - Multi-tenant data isolation at all levels - Constant-time password comparison - JWT signature validation - CORS protection - Rate limiting against abuse - Comprehensive audit logging Dependencies Added: - PyJWT==2.8.1 Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
66 lines
1.2 KiB
INI
66 lines
1.2 KiB
INI
[pytest]
|
|
# Pytest configuration for email client integration tests
|
|
# Phase 8: End-to-End Integration Test Suite
|
|
|
|
# Minimum Python version
|
|
minversion = 7.0
|
|
|
|
# Test discovery patterns
|
|
python_files = test_*.py
|
|
python_classes = Test*
|
|
python_functions = test_*
|
|
|
|
# Output options
|
|
addopts =
|
|
-v
|
|
--strict-markers
|
|
--tb=short
|
|
--disable-warnings
|
|
--color=yes
|
|
-ra
|
|
|
|
# Test paths
|
|
testpaths =
|
|
tests/integration
|
|
|
|
# Markers for test categorization
|
|
markers =
|
|
asyncio: async tests requiring event loop
|
|
integration: integration tests requiring external services
|
|
performance: performance benchmark tests
|
|
docker: tests requiring Docker Compose services
|
|
slow: slow running tests
|
|
skipif: conditional skip markers
|
|
|
|
# Asyncio mode
|
|
asyncio_mode = auto
|
|
|
|
# Coverage options
|
|
[coverage:run]
|
|
source =
|
|
services/email_service
|
|
workflow/plugins/ts/integration/email
|
|
packages/email_client
|
|
|
|
omit =
|
|
*/tests/*
|
|
*/node_modules/*
|
|
*/venv/*
|
|
|
|
[coverage:report]
|
|
precision = 2
|
|
show_missing = True
|
|
skip_covered = False
|
|
sort = Cover
|
|
exclude_lines =
|
|
pragma: no cover
|
|
def __repr__
|
|
raise AssertionError
|
|
raise NotImplementedError
|
|
if __name__ == .__main__.:
|
|
if TYPE_CHECKING:
|
|
@abstractmethod
|
|
|
|
[coverage:html]
|
|
directory = htmlcov
|