toolz/goplt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d1d0b170cef9ad7e4c16ed7e21638e88b382bf0d
goplt/docs/content/stories/epic2/README.md
0x1d d1d0b170ce fix: improve logging and error visibility, move Story 1.7 to Epic 2 
Fixes:
- Added database connection logging with masked DSN
- Added migration progress logging
- Added HTTP server startup logging with address
- Fixed database provider to accept logger parameter
- Improved error visibility throughout initialization

Documentation:
- Moved Story 1.7 (Service Client Interfaces) to Epic 2 as Story 2.7
- Updated Epic 1 and Epic 2 READMEs
- Updated COMPLETE_TASK_LIST.md
- Updated story metadata (ID, Epic, Dependencies)

These changes will help diagnose startup issues and provide better visibility into what the application is doing.
2025-11-05 19:39:25 +01:00

3.3 KiB
Raw Blame History

Epic 2: Authentication & Authorization

Overview

Implement complete JWT-based authentication system, build comprehensive identity management with user lifecycle, create role-based access control (RBAC) system, implement authorization middleware and permission checks, add comprehensive audit logging for security compliance, and provide database seeding for initial setup. All core services (Auth, Identity, Authz, Audit) are independent microservices that expose gRPC servers and register with the service registry.

Stories

2.1 JWT Authentication System

  • Story: 2.1 - JWT Authentication
  • Goal: Implement a complete JWT-based authentication system with access tokens, refresh tokens, and secure token management.
  • Deliverables: Authentication interfaces, JWT implementation, authentication middleware, login/refresh endpoints

2.2 Identity Management System

  • Story: 2.2 - Identity Management
  • Goal: Build a complete user identity management system with registration, email verification, password management, and user CRUD operations.
  • Deliverables: Identity interfaces, user repository, user service, user management API endpoints

2.3 Role-Based Access Control (RBAC) System

  • Story: 2.3 - RBAC System
  • Goal: Implement a complete RBAC system with permissions, role management, and authorization middleware.
  • Deliverables: Permission system, permission resolver, authorization system, authorization middleware

2.4 Role Management API

  • Story: 2.4 - Role Management
  • Goal: Provide complete API for managing roles, assigning permissions to roles, and assigning roles to users.
  • Deliverables: Role repository, role management API endpoints, authorization and validation

2.5 Audit Logging System

  • Story: 2.5 - Audit Logging
  • Goal: Implement comprehensive audit logging that records all security-sensitive actions for compliance and security monitoring.
  • Deliverables: Audit interface, audit implementation, audit middleware, audit log query API

2.6 Database Seeding and Initialization

  • Story: 2.6 - Database Seeding
  • Goal: Provide database seeding functionality to create initial admin user, default roles, and core permissions.
  • Deliverables: Seed script, seed command, integration with application startup

2.7 Service Client Interfaces

  • Story: 2.7 - Service Client Interfaces (moved from Epic 1)
  • Goal: Create service client interfaces for all core services to enable microservices communication.
  • Deliverables: Service client interfaces, service factory, configuration

Deliverables Checklist

  • JWT authentication with access/refresh tokens
  • User CRUD with email verification
  • Role and permission management
  • Authorization middleware
  • Audit logging for all actions
  • Seed script for initial data

Acceptance Criteria

  • User can register and login
  • JWT tokens are validated on protected routes
  • Users without permission get 403
  • All actions are logged in audit table
  • Admin can create roles and assign permissions
  • Integration test: user without permission cannot access protected resource