benya/Messenger
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
446 Commits 1 Branch 0 Tags
main
Commit Graph

6 Commits

Author SHA1 Message Date
Codex
e44e8d1355 infra: wire firebase credentials into docker backend and worker
Some checks failed
Android CI / android (push) Has been cancelled
Details
Android Release / release (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
2026-03-09 23:19:06 +03:00
Codex
74b086b9c8 backend: add push token API and FCM delivery pipeline 2026-03-09 23:12:19 +03:00
benya
ffd63018d6 fix: make media uploads work behind docker
All checks were successful
CI / test (push) Successful in 26s
Details 
- add S3_PUBLIC_ENDPOINT_URL for browser-reachable presigned urls

- support both public/internal file url validation

- configure MinIO bucket CORS in minio-init

- update env examples and docs
 2026-03-07 22:52:05 +03:00
benya
ab65a8b768 Implement real SMTP delivery and transactional email auth flow
All checks were successful
CI / test (push) Successful in 21s
Details 
Email delivery:

- Replaced logging-only email sender with aiosmtplib SMTP implementation.

- Added provider mode switch via EMAIL_PROVIDER (log/smtp).

- Added TLS/SSL and timeout controls for SMTP transport.

Auth registration flow:

- Made register/resend/reset email flows transactional with rollback on delivery failure.

- Return 503 when verification/reset email cannot be delivered.

Configuration:

- Extended settings and env templates for EMAIL_PROVIDER, SMTP_USE_SSL, SMTP_TIMEOUT_SECONDS.

- Updated docker-compose environment mapping for new SMTP variables.
 2026-03-07 22:24:22 +03:00
benya
85631b566a Implement security hardening, notification pipeline, and CI test suite
All checks were successful
CI / test (push) Successful in 9m2s
Details 
Security hardening:

- Added IP/user rate limiting with Redis-backed counters and fail-open behavior.

- Added message anti-spam controls (per-chat rate + duplicate cooldown).

- Implemented refresh token rotation with JTI tracking and revoke support.

Notification pipeline:

- Added Celery app and async notification tasks for mention/offline delivery.

- Added Redis-based presence tracking and integrated it into realtime connect/disconnect.

- Added notification dispatch from message flow and notifications listing endpoint.

Quality gates and CI:

- Added pytest async integration tests for auth and chat/message lifecycle.

- Added pytest config, test fixtures, and GitHub Actions CI workflow.

- Fixed bcrypt/passlib compatibility by pinning bcrypt version.

- Documented worker and quality-gate commands in README.
 2026-03-07 21:46:30 +03:00
benya
a879ba7b50 first commit 2026-03-07 21:31:38 +03:00