Implement security hardening, notification pipeline, and CI test suite
All checks were successful
CI / test (push) Successful in 9m2s
All checks were successful
CI / test (push) Successful in 9m2s
Security hardening: - Added IP/user rate limiting with Redis-backed counters and fail-open behavior. - Added message anti-spam controls (per-chat rate + duplicate cooldown). - Implemented refresh token rotation with JTI tracking and revoke support. Notification pipeline: - Added Celery app and async notification tasks for mention/offline delivery. - Added Redis-based presence tracking and integrated it into realtime connect/disconnect. - Added notification dispatch from message flow and notifications listing endpoint. Quality gates and CI: - Added pytest async integration tests for auth and chat/message lifecycle. - Added pytest config, test fixtures, and GitHub Actions CI workflow. - Fixed bcrypt/passlib compatibility by pinning bcrypt version. - Documented worker and quality-gate commands in README.
This commit is contained in:
13
README.md
13
README.md
@@ -10,3 +10,16 @@ Backend foundation for a Telegram-like real-time messaging platform.
|
||||
3. Configure environment from `.env.example`.
|
||||
4. Start API:
|
||||
uvicorn app.main:app --reload --port 8000
|
||||
|
||||
## Celery Worker
|
||||
|
||||
Run worker for async notification jobs:
|
||||
|
||||
celery -A app.celery_app:celery_app worker --loglevel=info
|
||||
|
||||
## Quality Gates
|
||||
|
||||
- Compile check:
|
||||
python -m compileall app main.py
|
||||
- Tests:
|
||||
pytest -q
|
||||
|
||||
Reference in New Issue
Block a user