You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
│ │ │ └── presenter/ # Role and permission routers/schemas
84
102
│ │ ├── user/
85
103
│ │ │ ├── application/ # User commands, queries, handlers
86
104
│ │ │ ├── domain/ # User entity, exceptions, repository port
@@ -99,14 +117,14 @@ The API is currently versioned under `/api/v1`.
99
117
├── poetry.lock # Poetry lock file
100
118
├── alembic.ini # Alembic configuration
101
119
├── Dockerfile # Docker image definition
102
-
└── docker-compose.yml # Local APIand PostgreSQL services
120
+
└── docker-compose.yml # Local API, PostgreSQL, and Redis services
103
121
```
104
122
105
123
## Architecture
106
124
107
125
### Modulith
108
126
109
-
This is a single deployable application with module boundaries inside the codebase. The `user`and `todo` modules are independent feature areas under `src/modules`.
127
+
This is a single deployable application with module boundaries inside the codebase. The `user`, `todo`, and `authorization` modules are independent feature areas under `src/modules`.
110
128
111
129
### Clean Architecture Direction
112
130
@@ -168,7 +186,7 @@ POST /api/v1/auth/login
168
186
Request with Authorization: Bearer <token>
169
187
-> AuthenticationMiddleware validates JWT
170
188
-> request.state.user_id is set
171
-
-> route dependency resolves current user
189
+
-> route dependency checks role permission
172
190
-> todo handler executes use case
173
191
-> TodoRepository port
174
192
-> SQLAlchemyTodoRepository
@@ -188,17 +206,35 @@ Current routes:
188
206
```text
189
207
POST /api/v1/auth/register
190
208
POST /api/v1/auth/login
209
+
POST /api/v1/auth/refresh
191
210
GET /api/v1/auth/me
211
+
POST /api/v1/auth/logout
192
212
POST /api/v1/todos/
193
-
GET /api/v1/todos/
213
+
GET /api/v1/todos/?cursor=<cursor>&limit=10
194
214
PATCH /api/v1/todos/{todo_id}
195
215
DELETE /api/v1/todos/{todo_id}
216
+
POST /api/v1/roles/
217
+
GET /api/v1/roles/?cursor=<cursor>&limit=10
218
+
GET /api/v1/roles/{role_id}
219
+
PATCH /api/v1/roles/{role_id}
220
+
DELETE /api/v1/roles/{role_id}
221
+
POST /api/v1/roles/{role_id}/permissions/{permission_id}
For local development without Docker, point `DATABASE_URL` at your local PostgreSQL host, for example:
@@ -298,6 +357,13 @@ Health check:
298
357
http://localhost:8000/health
299
358
```
300
359
360
+
Operational checks:
361
+
362
+
```text
363
+
http://localhost:8000/live
364
+
http://localhost:8000/ready
365
+
```
366
+
301
367
## Database and Migrations
302
368
303
369
Alembic is configured in:
@@ -394,6 +460,12 @@ Current check set:
394
460
-`ruff check src tests scripts`
395
461
- import check for `src.main`
396
462
463
+
Dependency scanning is available separately:
464
+
465
+
```bash
466
+
make security-scan
467
+
```
468
+
397
469
## Makefile Commands
398
470
399
471
```bash
@@ -403,6 +475,7 @@ make run
403
475
make test
404
476
make lint
405
477
make import-check
478
+
make security-scan
406
479
make check
407
480
make migrate
408
481
make seed
@@ -416,7 +489,9 @@ make clean
416
489
417
490
## Docker Notes
418
491
419
-
Run database and API services:
492
+
Before starting Docker Compose, set non-empty `POSTGRES_PASSWORD`, `REDIS_PASSWORD`, and `SECRET_KEY` in `.env`. Compose intentionally fails fast when database or Redis passwords are missing.
493
+
494
+
Run API, PostgreSQL, and Redis services:
420
495
421
496
```bash
422
497
make db-up
@@ -434,8 +509,6 @@ Follow service logs:
434
509
make db-logs
435
510
```
436
511
437
-
Known Dockerfile note: `Dockerfile` currently references `start.sh`, while the actual script is under `scripts/start.sh`. If you plan to rely on Docker builds, align those paths first.
438
-
439
512
## Development Guide
440
513
441
514
### Adding a New Use Case
@@ -569,5 +642,4 @@ Legend: `Implemented` means code exists in the repository. `Partial` means code
569
642
570
643
-`src/core/lifespan.py` still calls `Base.metadata.create_all`; with Alembic in place, production environments normally rely on migrations instead.
571
644
- The project has a Pydantic v2 deprecation warning for class-based settings config.
572
-
- The Dockerfile start script path needs alignment before relying on Docker builds.
573
645
- The current architecture is clean enough for a learning modulith, but some flows can be made stricter by moving remaining business orchestration out of routers and into application handlers.
0 commit comments