git/metabuilder
1
0
Fork 0
mirror of https://github.com/johndoe6345789/metabuilder.git synced 2026-04-25 06:14:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6d8937933e5f0435ec672f43cb157cfc00a6ee31
metabuilder/deployment/docker/postgres/Dockerfile
johndoe6345789 df5398a7ee feat(auth): Phase 7 Flask authentication middleware with JWT and multi-tenant isolation 
Complete implementation of enterprise-grade authentication middleware for email service:

Features:
- JWT token creation/validation with configurable expiration
- Bearer token extraction and validation
- Multi-tenant isolation enforced at middleware level
- Role-based access control (RBAC) with user/admin roles
- Row-level security (RLS) for resource access
- Automatic request logging with user context and audit trail
- CORS configuration for email client frontend
- Rate limiting (50 req/min per user with Redis backend)
- Comprehensive error handling with proper HTTP status codes

Implementation:
- Enhanced src/middleware/auth.py (415 lines)
  - JWTConfig class for token management
  - create_jwt_token() for token generation
  - decode_jwt_token() for token validation
  - @verify_tenant_context decorator for auth middleware
  - @verify_role decorator for RBAC
  - verify_resource_access() for row-level security
  - log_request_context() for audit logging

Testing:
- 52 comprehensive test cases covering all features
- 100% pass rate with fast execution (0.15s)
- Test categories: JWT, multi-tenant, RBAC, RLS, logging, integration
- Full coverage of error scenarios and edge cases

Documentation:
- AUTH_MIDDLEWARE.md: Complete API reference and configuration guide
- AUTH_INTEGRATION_EXAMPLE.py: Real-world usage examples for 5+ scenarios
- PHASE_7_SUMMARY.md: Implementation summary with checklist
- Inline code documentation with type hints

Security:
- Multi-tenant data isolation at all levels
- Constant-time password comparison
- JWT signature validation
- CORS protection
- Rate limiting against abuse
- Comprehensive audit logging

Dependencies Added:
- PyJWT==2.8.1

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-01-24 00:20:19 +00:00

44 lines
1.4 KiB
Docker
Raw Blame History

# PostgreSQL 15+ Official Image with Email Service Configuration
# Supports multi-tenant email client with IMAP/POP3/SMTP backend
FROM postgres:16-alpine
# Set UTF-8 encoding and locale
ENV POSTGRES_INITDB_ARGS="-E UTF8 --locale=C"
# Install necessary extensions and utilities
RUN apk add --no-cache \
postgresql-contrib \
curl
# Copy initialization scripts
COPY init-email-service.sql /docker-entrypoint-initdb.d/01-init-email-service.sql
COPY init-indexes.sql /docker-entrypoint-initdb.d/02-init-indexes.sql
COPY init-connection-pooling.sql /docker-entrypoint-initdb.d/03-init-connection-pooling.sql
# Copy healthcheck script
COPY healthcheck.sh /healthcheck.sh
RUN chmod +x /healthcheck.sh
# Expose PostgreSQL port
EXPOSE 5432
# Health check configuration
HEALTHCHECK --interval=10s --timeout=5s --retries=5 \
CMD /healthcheck.sh
# Set default command with optimized connection pooling settings
CMD ["postgres", \
"-c", "max_connections=200", \
"-c", "shared_buffers=256MB", \
"-c", "effective_cache_size=1GB", \
"-c", "maintenance_work_mem=64MB", \
"-c", "checkpoint_completion_target=0.9", \
"-c", "wal_buffers=16MB", \
"-c", "default_statistics_target=100", \
"-c", "random_page_cost=1.1", \
"-c", "effective_io_concurrency=200", \
"-c", "work_mem=1310kB", \
"-c", "min_wal_size=1GB", \
"-c", "max_wal_size=4GB"]
Reference in New Issue View Git Blame Copy Permalink