Untone
752e2dcbdc
All checks were successful
Deploy on push / deploy (push) Successful in 2m46s
### 🍪 CRITICAL Cross-Origin Auth - **🔧 SESSION_COOKIE_DOMAIN**: Добавлена поддержка поддоменов `.discours.io` для cross-origin cookies - **🌐 Cross-Origin SSE**: Исправлена работа Server-Sent Events с httpOnly cookies между поддоменами - **🔐 Unified Auth**: Унифицированы настройки cookies для OAuth, login, refresh, logout операций - **📝 MyPy Compliance**: Исправлена типизация `SESSION_COOKIE_SAMESITE` с использованием `cast()` ### 🛠️ Technical Changes - **settings.py**: Добавлен `SESSION_COOKIE_DOMAIN` с типобезопасной настройкой SameSite - **auth/oauth.py**: Обновлены все `set_cookie` вызовы с `domain` параметром - **auth/middleware.py**: Добавлена поддержка `SESSION_COOKIE_DOMAIN` в logout операциях - **resolvers/auth.py**: Унифицированы cookie настройки в login/refresh/logout resolvers - **auth/__init__.py**: Обновлены cookie операции с domain поддержкой ### 📚 Documentation - **docs/auth/sse-httponly-integration.md**: Новая документация по SSE + httpOnly cookies интеграции - **docs/auth/architecture.md**: Обновлены диаграммы для unified httpOnly cookie архитектуры ### 🎯 Impact - ✅ **GraphQL API** (`v3.discours.io`) теперь работает с httpOnly cookies cross-origin - ✅ **SSE сервер** (`connect.discours.io`) работает с теми же cookies - ✅ **Безопасность**: httpOnly cookies защищают от XSS атак - ✅ **UX**: Автоматическая аутентификация без управления токенами в JavaScript
Discours.io Core
🚀 Modern community platform with GraphQL API, RBAC system, and comprehensive testing infrastructure.
🎯 Features
- 🔐 Authentication: JWT + OAuth (Google, GitHub, Facebook)
- 🏘️ Communities: Full community management with roles and permissions
- 🔒 RBAC System: Role-based access control with inheritance
- 🌐 GraphQL API: Modern API with comprehensive schema
- 🧪 Testing: Complete test suite with E2E automation
- 🚀 CI/CD: Automated testing and deployment pipeline
🚀 Quick Start
Prerequisites
- Python 3.11+
- Node.js 18+
- Redis
- uv (Python package manager)
Installation
# Clone repository
git clone <repository-url>
cd core
# Install Python dependencies
uv sync --group dev
# Install Node.js dependencies
cd panel
npm ci
cd ..
# Setup environment
cp .env.example .env
# Edit .env with your configuration
Development
# Start backend server
uv run python dev.py
# Start frontend (in another terminal)
cd panel
npm run dev
🧪 Testing
Run All Tests
uv run pytest tests/ -v
Test Categories
Run only unit tests
uv run pytest tests/ -m "not e2e" -v
Run only integration tests
uv run pytest tests/ -m "integration" -v
Run only e2e tests
uv run pytest tests/ -m "e2e" -v
Run browser tests
uv run pytest tests/ -m "browser" -v
Run API tests
uv run pytest tests/ -m "api" -v
Skip slow tests
uv run pytest tests/ -m "not slow" -v
Run tests with specific markers
uv run pytest tests/ -m "db and not slow" -v
Test Markers
unit- Unit tests (fast)integration- Integration testse2e- End-to-end testsbrowser- Browser automation testsapi- API-based testsdb- Database testsredis- Redis testsauth- Authentication testsslow- Slow tests (can be skipped)
E2E Testing
E2E tests automatically start backend and frontend servers:
- Backend:
http://localhost:8000 - Frontend:
http://localhost:3000
🚀 CI/CD Pipeline
GitHub Actions Workflow
The project includes a comprehensive CI/CD pipeline that:
-
🧪 Testing Phase
- Matrix testing across Python 3.11, 3.12, 3.13
- Unit, integration, and E2E tests
- Code coverage reporting
- Linting and type checking
-
🚀 Deployment Phase
- Staging: Automatic deployment on
devbranch - Production: Automatic deployment on
mainbranch - Dokku integration for seamless deployments
- Staging: Automatic deployment on
Local CI Testing
Test the CI pipeline locally:
# Run local CI simulation
chmod +x scripts/test-ci-local.sh
./scripts/test-ci-local.sh
CI Server Management
The ./ci-server.py script manages servers for CI:
# Start servers in CI mode
CI_MODE=true python3 ./ci-server.py
📊 Project Structure
core/
├── auth/ # Authentication system
├── orm/ # Database models
├── resolvers/ # GraphQL resolvers
├── services/ # Business logic
├── panel/ # Frontend (SolidJS)
├── tests/ # Test suite
├── scripts/ # CI/CD scripts
└── docs/ # Documentation
🔧 Configuration
Environment Variables
DATABASE_URL- Database connection stringREDIS_URL- Redis connection stringJWT_SECRET- JWT signing secretOAUTH_*- OAuth provider credentials
Database
- Development: SQLite (default)
- Production: PostgreSQL
- Testing: In-memory SQLite
📚 Documentation
🤝 Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests for new functionality
- Ensure all tests pass
- Submit a pull request
Development Workflow
# Create feature branch
git checkout -b feature/your-feature
# Make changes and test
uv run pytest tests/ -v
# Commit changes
git commit -m "feat: add your feature"
# Push and create PR
git push origin feature/your-feature
📈 Status
📄 License
This project is licensed under the MIT License - see the LICENSE file for details.