Skip to content

v0.0.2

Latest
Latest

Choose a tag to compare

View all tags
@fiqrikm18 fiqrikm18 released this 22 Jun 15:29
v0.0.2
567858c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Release Notes

🚀 New Features

Authentication & User Management

  • Added email verification during user registration.

  • Fixed login response structure for better API consistency.

  • Implemented account lockout protection to prevent brute-force attacks.

  • Added multi-factor authentication (2FA) support:

    • TOTP (Google Authenticator)
    • Email-based verification
    • Backup codes

  • Added 2FA management endpoints:

    • Setup
    • Verification
    • Disable
    • Backup code regeneration

Authorization & Access Control

  • Introduced a complete Role-Based Access Control (RBAC) system powered by Casbin.

  • Added authorization infrastructure with database persistence:

    • Roles
    • Permissions
    • Resources
    • Casbin policies
    • User-role assignments

  • Implemented dynamic authorization enforcement through Casbin integration.

  • Added cursor-based pagination support for authorization resources.

  • Introduced import boundary enforcement to strengthen module isolation.

Inter-Module Communication

  • Implemented synchronous communication mechanism between modules.

🏗 Architecture Improvements

Authorization Module Refactoring

  • Moved authorization from core into a dedicated bounded context.

  • Reorganized authorization module following:

    • Domain-Driven Design (DDD)
    • Clean Architecture
    • CQRS pattern

  • Added:

    • Commands
    • Queries
    • Handlers
    • Domain services
    • Infrastructure repositories

  • Renamed presenter layer to presentation for naming consistency.

  • Improved module boundaries and dependency management.

Infrastructure Reorganization

  • Consolidated and later restructured authorization infrastructure placement.
  • Updated all affected import paths and dependency registrations.
  • Removed obsolete legacy authorization infrastructure code.

User Domain Normalization

  • Redesigned user domain into a normalized schema.

  • Split user data into dedicated models:

    • User Profile
    • User Security
    • User Settings
    • User Verification
    • User Contact
    • User Address

  • Updated repositories and handlers to support relational loading.

  • Improved domain entity design for better separation of concerns.

🗄 Database Improvements

Foreign Key Restoration

  • Restored missing foreign key constraints across:

    • Authorization module
    • Todo module
    • User-related tables

  • Added migration and regression tests to prevent schema drift.

UUID Standardization

  • Converted normalized user identifiers to UUID across all related tables.
  • Updated migrations and repository implementations accordingly.

Performance Optimizations

  • Added indexing improvements for authorization-related models.
  • Improved relational loading for user detail retrieval.

🔧 Fixes

Authentication

  • Fixed login response payload.

  • Fixed password hash handling during:

    • Registration
    • Authentication

  • Fixed /me detail endpoint data loading.

Authorization

  • Fixed multiple invalid import paths after module restructuring.
  • Resolved circular import issues within authorization models by using SQLAlchemy string-based relationship references.

Database

  • Fixed migration inconsistencies.
  • Fixed table data type mismatches.
  • Fixed Todo owner relationship mapping.
  • Updated initial schema definitions.

General

  • Fixed various import path issues throughout the codebase.
  • Removed stale __pycache__ files.

🧪 Testing

  • Added database relationship regression tests.
  • Added migration contract tests for upgrade and downgrade validation.
  • Added coverage for normalized user database seeding.
  • Validated foreign key metadata and ORM relationships.

📚 Documentation

  • Updated project README.
  • Added normalized user domain documentation.
  • Added normalized database seeding documentation and implementation plans.
  • Added foreign key restoration design and planning documents.

🧹 Maintenance

  • Updated .gitignore with standardized Python project exclusions.
  • Added support for ignoring local worktrees.
  • Cleaned up redundant ignore rules.
  • Performed branch synchronization and maintenance updates.

Summary

This release delivers a major architectural evolution of the platform by introducing a fully modular Authorization system with Casbin-powered RBAC, a normalized User domain, enhanced security through Email Verification and Multi-Factor Authentication, restored database integrity via foreign key enforcement, and a cleaner DDD + Clean Architecture + CQRS implementation across the codebase.

Assets 2
Loading