Commit 567858c
Development (#11)
* fix: login response
* feat: add email verification on register
* feat: add import boundary
* refactor: move authentication app to auth
* feat: implement sync commumication
* feat: implement sync commumication
* feat: implement sync commumication
* fix: import path
* refactor: restructure authorization module to follow DDD + Clean Architecture + CQRS
- Move authorization from core to dedicated module with full layer separation
- Create application layer with CQRS pattern (commands, queries, handlers)
- Rename 'presenter' to 'presentation' for consistency
- Organize domain services and infrastructure repositories properly
- Fix directory structure to match standard DDD boundaries
- Update imports and dependencies accordingly
* Add authorization infrastructure with Casbin policy management
- New SQLAlchemy models for authorization including CasbinRuleModel, PermissionModel, AuthorizationResourceModel, RoleModel, RolePermissionModel, and UserHasRoleModel with proper relationships and constraints
- Implementation of SQLAlchemyCasbinPolicyRepository with full CRUD operations for roles, permissions, and policies including cursor-based pagination
- CasbinAuthorizationService integrating with the repository layer and providing dynamic enforcer building for access control decisions
- Infrastructure setup for authorization module with proper domain entities, services, and repository patterns following the application architecture
This commit establishes a comprehensive authorization system backend with database persistence, supporting role-based access control through Casbin policies and efficient data management through SQLAlchemy ORM.
* fix: invalid import path
* docs: update readme
* Title: Refactor authorization infrastructure and update imports
Key features implemented:
- Updated import paths in CasbinAuthorizationService to reflect new core infrastructure location
- Updated import paths in GetRoleQueryHandler to reflect new core infrastructure location
- Updated import paths in dependency injection module to reflect new core infrastructure location
- Updated import paths in permission router to reflect new core infrastructure location
- Updated import paths in role router to reflect new core infrastructure location
- Removed old authorization infrastructure modules and models from src/modules/authorization/infrastructure/
- Streamlined .gitignore file with consolidated ignore patterns
The changes consolidate the authorization infrastructure under the core module and update all relevant imports across the application, removing redundant legacy infrastructure files.
* refactor: move infrastructure to module from core
* Title: Implement Normalized User Domain with DDD Structure and Update Handlers
Key features implemented:
- New docs/NORMALIZED_USER_DOMAIN.md detailing normalized schema design rationale and structure
- New src/modules/user/infrastructure/models/__init__.py aggregating all user domain models
- New src/modules/user/infrastructure/models/user_*_model.py files for normalized user entities (address, contact, profile, security, settings, verification)
- Updated src/modules/authorization/infrastructure/models/*_model.py with indexing optimizations
- Updated src/modules/user/application/auth/login_user/handler.py to reference password_hash correctly
- Updated src/modules/user/application/auth/register_user/handler.py to use password_hash in User.create
- Updated src/modules/user/application/detail_user/handler.py to fetch user with relations via get_by_id_with_relations
- Updated src/modules/user/domain/entities/user.py with normalized entity structure including profile, settings, security
- Updated src/modules/user/domain/repositories/user_repository.py interface for relation handling
- Updated src/modules/user/infrastructure/models/user_model.py to reflect normalized structure and relationships
- Updated src/modules/user/infrastructure/repositories/user_repository.py implementation for normalized data access
The changes implement a fully normalized user domain following DDD principles, separating concerns into distinct bounded contexts while updating application handlers to utilize the new structure. The repository layer now supports fetching related user data efficiently.
* fix: import path
* Refactor authorization models to remove circular imports and update gitignore
- Updated .gitignore with standard Python project exclusions and removed redundant entries
- Modified PermissionModel to remove direct imports and use string references for relationships
- Modified AuthorizationResourceModel to remove direct imports and use string references for relationships
- Modified RolePermissionModel to remove direct imports and use string references for relationships
- Modified UserHasRoleModel to remove direct imports and use string references for relationships
This change eliminates circular import dependencies between authorization models while maintaining all existing functionality and relationships. The gitignore file now follows standard conventions for Python projects.
* update branch
* update branch
* chore: remove all __pycache__
* chore: update gitignore
* chore: update gitignore
* fix: update migration
* docs: design normalized database seed update
* docs: plan normalized database seed update
* chore: ignore local worktrees
* test: cover normalized user seeding
* fix: align user seed with normalized schema
* docs: explain normalized database seeding
* Title: Restore Database Foreign Keys and Normalize User Identifiers
Key features implemented:
- Added comprehensive ORM relationship and foreign key metadata regression tests in test_database_relationships.py
- Restored missing foreign key constraints in authorization models (permission, role_permission, user_has_role) and todo model
- Converted normalized user identifier columns across 7 user models to UUID type with proper foreign key references
- Updated Alembic environment to load complete user model package for accurate metadata reflection
- Created corrective Alembic migration to convert string user IDs to UUID and create all missing foreign key constraints
- Added contract tests for the corrective migration covering both upgrade and downgrade operations
The implementation restores all 13 intended foreign keys while ensuring normalized user identifiers use UUID consistently, enabling successful database seeding without SQLAlchemy mapper errors.
* docs: design foreign key restoration
* docs: plan foreign key restoration
* fix: table data type
* fix: todo owner
* chore: update initial schemas
* fix: update detail /me endpoint
* Implement user account lockout and multi-method 2FA
- Added TwoFactorAuthService supporting TOTP (Google Authenticator) and email-based 2FA with backup codes
- Implemented 2FA setup, verification, disabling, and regeneration commands with corresponding handlers
- Created new API router and request/response schemas for 2FA endpoints
- Updated LoginUserCommandHandler to integrate 2FA verification and temporary token generation
- Enhanced account lockout mechanism to prevent brute force login attempts
- Added dependency injection for new 2FA handlers and integrated with existing auth flow
* feat: 2fa implementation
---------
Co-authored-by: qwen.ai[bot] <qwenlm-intl@service.alibaba.com>1 parent b0910d7 commit 567858c
190 files changed
Lines changed: 6015 additions & 3370 deletions
File tree
- .idea
- inspectionProfiles
- .vscode
- alembic
- versions
- docs
- superpowers
- plans
- specs
- src
- core
- authorization/infrastructure/models
- bootstrap
- config
- database
- postgres
- dependency
- email
- providers
- events
- exceptions
- routers/api
- security
- seed
- modules
- authorization
- application
- create_permission
- create_role
- delete_permission
- delete_role
- get_permission
- get_role
- list_permissions
- list_roles
- update_permission
- update_role
- domain
- entities
- services
- infrastructure
- models
- repositories
- services
- presentation
- routers
- schema
- presenter
- todo
- application
- detail_todo
- list_todo
- domain/repositories
- infrastructure/repositories
- presentation
- routers
- schemas
- user
- application
- auth
- login_user
- logout_user
- refresh_token
- register_user
- two_factor
- detail_user
- events/emails
- domain
- entities
- events/emails
- repositories
- infrastructure
- models
- repositories
- presentation
- routers
- schemas
- templates/emails
- tests
- core
- todo
- user
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
1 | 2 | | |
2 | 3 | | |
| 4 | + | |
3 | 5 | | |
| 6 | + | |
4 | 7 | | |
5 | 8 | | |
6 | 9 | | |
7 | 10 | | |
8 | 11 | | |
| 12 | + | |
9 | 13 | | |
10 | 14 | | |
11 | 15 | | |
12 | 16 | | |
13 | 17 | | |
14 | 18 | | |
| 19 | + | |
15 | 20 | | |
16 | 21 | | |
| 22 | + | |
17 | 23 | | |
18 | 24 | | |
| 25 | + | |
19 | 26 | | |
20 | 27 | | |
| 28 | + | |
21 | 29 | | |
22 | 30 | | |
23 | 31 | | |
24 | 32 | | |
25 | 33 | | |
26 | 34 | | |
| 35 | + | |
27 | 36 | | |
28 | 37 | | |
| 38 | + | |
29 | 39 | | |
30 | 40 | | |
31 | 41 | | |
32 | 42 | | |
| 43 | + | |
33 | 44 | | |
34 | 45 | | |
| 46 | + | |
35 | 47 | | |
36 | 48 | | |
| 49 | + | |
37 | 50 | | |
38 | 51 | | |
39 | 52 | | |
40 | 53 | | |
| 54 | + | |
41 | 55 | | |
42 | 56 | | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
43 | 79 | | |
44 | 80 | | |
45 | 81 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
3 | | - | |
4 | | - | |
5 | | - | |
6 | | - | |
7 | | - | |
| 1 | + | |
8 | 2 | | |
9 | | - | |
10 | | - | |
11 | | - | |
12 | | - | |
13 | | - | |
14 | | - | |
15 | | - | |
16 | | - | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
17 | 7 | | |
18 | | - | |
19 | | - | |
| 8 | + | |
| 9 | + | |
20 | 10 | | |
21 | 11 | | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
0 commit comments