Implement security hardening, notification pipeline, and CI test suite
All checks were successful
CI / test (push) Successful in 9m2s
All checks were successful
CI / test (push) Successful in 9m2s
Security hardening: - Added IP/user rate limiting with Redis-backed counters and fail-open behavior. - Added message anti-spam controls (per-chat rate + duplicate cooldown). - Implemented refresh token rotation with JTI tracking and revoke support. Notification pipeline: - Added Celery app and async notification tasks for mention/offline delivery. - Added Redis-based presence tracking and integrated it into realtime connect/disconnect. - Added notification dispatch from message flow and notifications listing endpoint. Quality gates and CI: - Added pytest async integration tests for auth and chat/message lifecycle. - Added pytest config, test fixtures, and GitHub Actions CI workflow. - Fixed bcrypt/passlib compatibility by pinning bcrypt version. - Documented worker and quality-gate commands in README.
This commit is contained in:
@@ -6,6 +6,7 @@ pydantic==2.11.7
|
||||
pydantic-settings==2.10.1
|
||||
python-jose[cryptography]==3.5.0
|
||||
passlib[bcrypt]==1.7.4
|
||||
bcrypt==4.0.1
|
||||
email-validator==2.2.0
|
||||
python-multipart==0.0.20
|
||||
redis==6.4.0
|
||||
@@ -13,3 +14,7 @@ celery==5.5.3
|
||||
boto3==1.40.31
|
||||
aiosmtplib==4.0.2
|
||||
alembic==1.16.5
|
||||
pytest==8.4.2
|
||||
pytest-asyncio==1.2.0
|
||||
httpx==0.28.1
|
||||
aiosqlite==0.21.0
|
||||
|
||||
Reference in New Issue
Block a user