Better API security, key rotation, delete endpoints, refactoring to a better to understand format, performance optimization, cahcing, better tracing, better logging.

2026-02-04 05:22:02 +00:00 · 2025-02-15 12:44:40 +01:00
parent e20f21bc8b
commit 40ab25987c
40 changed files with 2253 additions and 289 deletions
--- a/migrations/20250128160043_create_roles_table.sql
+++ b/migrations/20250128160043_create_roles_table.sql
@@ -1,10 +1,11 @@
 -- Create the roles table
 CREATE TABLE IF NOT EXISTS roles (
-    id SERIAL PRIMARY KEY,
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    level INT NOT NULL,
    role VARCHAR(255) NOT NULL,
    name VARCHAR(255) NOT NULL,
    description VARCHAR(255),
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE,  -- Default to the current date
    CONSTRAINT unique_role UNIQUE (role)  -- Add a unique constraint to the 'role' column
 );

--- a/migrations/20250128160044_create_tiers_table.sql
+++ b/migrations/20250128160044_create_tiers_table.sql
@@ -0,0 +1,22 @@
+-- Create the tiers table
+CREATE TABLE IF NOT EXISTS tiers (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    level INT NOT NULL,
+    name VARCHAR(255) NOT NULL,
+    description VARCHAR(255),
+    requests_per_day INT NOT NULL,
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE,  -- Default to the current date
+    CONSTRAINT unique_name UNIQUE (name)  -- Add a unique constraint to the 'role' column
+);
+
+INSERT INTO tiers (level, name, description, requests_per_day)
+VALUES (1, 'Low', 'Lowest amount of requests.', 1000)
+ON CONFLICT (name) DO NOTHING;  -- Prevent duplicate insertions if role already exists
+
+INSERT INTO tiers (level, name, description, requests_per_day)
+VALUES (2, 'Medium', 'Medium amount of requests.',  5000)
+ON CONFLICT (name) DO NOTHING;  -- Prevent duplicate insertions if role already exists
+
+INSERT INTO tiers (level, name, description, requests_per_day)
+VALUES (3, 'Max', 'Max amount of requests.',  10000)
+ON CONFLICT (name) DO NOTHING;  -- Prevent duplicate insertions if role already exists
--- a/migrations/20250128160119_create_users_table.sql
+++ b/migrations/20250128160119_create_users_table.sql
@@ -1,21 +1,24 @@
 CREATE TABLE users (
-    id SERIAL PRIMARY KEY,
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    username VARCHAR(255) NOT NULL UNIQUE,
    email VARCHAR(255) NOT NULL UNIQUE,
    password_hash VARCHAR(255) NOT NULL,
    totp_secret VARCHAR(255),
-    role_id INT NOT NULL DEFAULT 1 REFERENCES roles(id),  -- Default role_id is set to 1
+    role_level INT NOT NULL DEFAULT 1,  -- Default role_id is set to 1
+    tier_level INT NOT NULL DEFAULT 1,  -- Default role_id is set to 1
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE,  -- Default to the current date
+    disabled BOOLEAN NOT NULL DEFAULT FALSE,  -- Default to false
    CONSTRAINT unique_username UNIQUE (username)  -- Ensure that username is unique
 );

 -- Insert the example 'user' into the users table with a conflict check for username
-INSERT INTO users (username, email, password_hash, role_id)
+INSERT INTO users (username, email, password_hash, role_level)
 VALUES 
    ('user', 'user@test.com', '$argon2i$v=19$m=16,t=2,p=1$ZE1qUWd0U21vUUlIM0ltaQ$dowBmjU4oHtoPd355dXypQ', 1)
-ON CONFLICT (username) DO NOTHING;  -- Prevent duplicate insertions if username already exists
+ON CONFLICT (username) DO NOTHING;

 -- Insert the example 'admin' into the users table with a conflict check for username
-INSERT INTO users (username, email, password_hash, role_id)
+INSERT INTO users (username, email, password_hash, role_level)
 VALUES 
    ('admin', 'admin@test.com', '$argon2i$v=19$m=16,t=2,p=1$ZE1qUWd0U21vUUlIM0ltaQ$dowBmjU4oHtoPd355dXypQ', 2)
-ON CONFLICT (username) DO NOTHING;  -- Prevent duplicate insertions if username already exists
+ON CONFLICT (username) DO NOTHING;
--- a/migrations/20250128160153_create_apikeys_table.sql
+++ b/migrations/20250128160153_create_apikeys_table.sql
@@ -0,0 +1,12 @@
+CREATE TABLE apikeys (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    key_hash VARCHAR(255) NOT NULL,
+    user_id UUID NOT NULL REFERENCES users(id),
+    description VARCHAR(255),
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE,  -- Default to the current date
+    expiration_date DATE,
+    disabled BOOLEAN NOT NULL DEFAULT FALSE,  -- Default to false
+    access_read BOOLEAN NOT NULL DEFAULT TRUE,  -- Default to 
+    access_modify BOOLEAN NOT NULL DEFAULT FALSE,  -- Default to false
+    CONSTRAINT unique_key_hash UNIQUE (key_hash)  -- Add a unique constraint to the 'key_hash' column
+);
--- a/migrations/20250128160203_create_usage_table.sql
+++ b/migrations/20250128160203_create_usage_table.sql
@@ -0,0 +1,6 @@
+CREATE TABLE usage (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    endpoint VARCHAR(255) NOT NULL,
+    user_id UUID NOT NULL REFERENCES users(id),
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE  -- Default to the current date
+);
--- a/migrations/20250128160204_create_todos_table.sql
+++ b/migrations/20250128160204_create_todos_table.sql
@@ -1,6 +1,9 @@
 CREATE TABLE todos (
-    id SERIAL PRIMARY KEY,                -- Auto-incrementing primary key
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),     -- Auto-incrementing primary key
    task TEXT NOT NULL,                   -- Task description, cannot be null
    description TEXT,                     -- Optional detailed description
-    user_id INT NOT NULL REFERENCES users(id)  -- Foreign key to link to users table
+    user_id UUID NOT NULL REFERENCES users(id),  -- Foreign key to link to users table
+    creation_date DATE NOT NULL DEFAULT CURRENT_DATE,  -- Default to the current date
+    completion_date DATE,                 -- Date the task was completed
+    completed BOOLEAN DEFAULT FALSE       -- Default to false
 );