feat(core): add Supabase client, Clerk auth, and HTTP client with typed deps [AYG-67]#2209
Closed
amostt wants to merge 5 commits intofastapi:masterfrom
Closed
Conversation
Rename default branch from master to main across all CI workflows, documentation, and PRD. Also adds comprehensive project documentation generated by the initialise skill (CLAUDE.md, docs/ structure). 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com>
#1) * feat(core): rewrite config, error handlers, and shared models [AYG-65] - Replace PostgreSQL/SMTP settings with Supabase+Clerk env vars - Add frozen Settings with production secret and CORS guards - Create unified error response shape with global exception handlers - Add shared Pydantic models: ErrorResponse, ValidationErrorResponse, PaginatedResponse, Principal Fixes AYG-65 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> * fix(core): untrack .env and guard conftest for migration [AYG-65] - Remove .env from git tracking and add to .gitignore (SEC-001) - Guard integration test conftest.py imports with try/except so unit tests run without --noconftest during the migration (FUNC-002) Related to AYG-65 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> * fix(tests): harden test isolation for template usage [AYG-65] - Catch all exceptions (including ValidationError) in conftest guard so pytest doesn't crash when env vars are unset in a fresh template clone - Explicitly delenv missing vars in test_missing_required_var_raises so the test is deterministic regardless of the caller's shell environment Related to AYG-65 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> * docs(project): update documentation before merge [skip ci] Updated documentation based on AYG-65 code changes: - setup.md: replaced PostgreSQL/SMTP/JWT env vars with Supabase/Clerk - deployment/environments.md: updated all env tables and GitHub Secrets - architecture/overview.md: added error handling framework, shared models, Clerk auth - architecture/decisions/: new ADRs for error handling and models package - api/overview.md: Clerk auth, standard error shape, paginated response pattern - api/endpoints/login.md: deprecated (Clerk migration) - api/endpoints/users.md + items.md: updated auth and error response docs - data/models.md: new Shared Pydantic Models section - testing/test-registry.md: +36 unit tests, closed config coverage gap Related to AYG-65 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> --------- Co-authored-by: Aygentic <noreply@aygentic.com>
…YG-66] (#2) * feat(core): add structured logging and request pipeline middleware [AYG-66] Add structlog-based structured logging (JSON/console modes) and request pipeline middleware providing UUID v4 request IDs, correlation ID propagation, security headers on all responses (including CORS preflight), and status-based log levels (info/warning/error for 2xx/4xx/5xx). - Create backend/app/core/logging.py: structlog configuration with JSON renderer (production) and ConsoleRenderer (local dev), base fields (timestamp, level, event, service, version, environment), contextvars integration for request-scoped fields - Create backend/app/core/middleware.py: RequestPipelineMiddleware with request_id generation, X-Correlation-ID propagation, 6 security headers (X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy, HSTS production-only), X-Request-ID on every response including error and exception paths - Wire into main.py with documented middleware ordering (outermost wraps CORSMiddleware so preflight OPTIONS get headers too) - 32 new unit tests (6 logging + 26 middleware) covering CORS preflight header behavior, X-Request-ID on 4xx/5xx/exception paths, and negative tests proving Authorization/Cookie values never logged Fixes AYG-66 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> * docs(core): update architecture, test registry, and deployment docs for AYG-66 [skip ci] Updated documentation based on structured logging and request pipeline middleware implementation. Related to AYG-66 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com> --------- Co-authored-by: Aygentic <noreply@aygentic.com>
…ed deps [AYG-67] Implement the three core infrastructure dependencies for the microservice template: - Supabase client: factory function + FastAPI dependency from app.state - Clerk JWT auth: validate Bearer tokens, extract Principal with roles, map error reasons to structured error codes (AUTH_MISSING_TOKEN, AUTH_EXPIRED_TOKEN, AUTH_INVALID_TOKEN) - HTTP client wrapper: async httpx with retry on 502/503/504, exponential backoff, circuit breaker (5 failures/60s window), X-Request-ID/X-Correlation-ID header propagation from structlog - Typed FastAPI dependencies: SupabaseDep, PrincipalDep, HttpClientDep, RequestIdDep via Annotated[T, Depends()] - Lifespan context manager: init Supabase + HttpClient at startup, close httpx pool on shutdown - Added session_id field to Principal model 44 new unit tests (113 total), all passing. Fixes AYG-67 🤖 Generated by Aygentic Co-Authored-By: Aygentic <noreply@aygentic.com>
Author
|
Opened against wrong repo by mistake — closing. |
amostt
deleted the
amos/ayg-67-38-supabase-client-clerk-auth-http-client
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
create_supabase_client) and FastAPI dependency (get_supabase) fromapp.stateget_current_principal) with structured error codes:AUTH_MISSING_TOKEN,AUTH_EXPIRED_TOKEN,AUTH_INVALID_TOKENX-Request-ID/X-Correlation-IDheader propagationSupabaseDep,PrincipalDep,HttpClientDep,RequestIdDepsession_idfield toPrincipalmodelChanges
backend/app/core/supabase.pybackend/app/core/auth.pybackend/app/core/http_client.pybackend/tests/unit/test_supabase.pybackend/tests/unit/test_auth.pybackend/tests/unit/test_http_client.pybackend/app/api/deps.pybackend/app/main.pybackend/app/models/auth.pysession_id: strto Principalbackend/pyproject.tomlsupabase>=2.0.0,clerk-backend-api>=1.0.0backend/tests/unit/test_models.pyReview Summary
Test Plan
Fixes AYG-67
🤖 Generated with Claude Code by Aygentic