6bbb24e633
- Reorganize project into monorepo structure - backend/app/ - New FastAPI backend (modular with src/) - backend/legacy/ - Legacy database modules (relational & vector) - frontend/ - React text editor application - Add launcher.py for easy full-stack startup - Complete documentation in README.md - Quick start guide - API endpoints reference - Development setup - Troubleshooting - Refactor main.py to 35 lines (app configuration only) - Update .gitignore for full-stack project - Add CHANGELOG.md with version history (v0.1.0-v0.1.1) Structure is now clean and ready for team collaboration.
3.2 KiB
3.2 KiB
Changelog
[0.1.1] - 2026-04-09
Changed
- Reorganized project structure: moved all modules to
src/folder - Refactored endpoints into separate router modules:
src/routers/init.py- System initialization endpointsrc/routers/login.py- Authentication endpointsrc/routers/status.py- Status check endpoint
- Reduced
main.pyfrom 100+ lines to 35 lines (only app configuration) - Updated all internal imports to use relative imports within
src/
Project Structure
archivium-backend/
├── main.py # Entry point (35 lines)
├── src/
│ ├── __init__.py
│ ├── config.py # Configuration
│ ├── models.py # Database models
│ ├── schemas.py # Request/response schemas
│ ├── database.py # Database setup
│ ├── security.py # Password hashing
│ └── routers/
│ ├── __init__.py
│ ├── init.py # POST /api/init
│ ├── login.py # POST /api/login
│ └── status.py # GET /api/status
├── pyproject.toml
├── requirements.txt
└── README.md
[0.1.0] - 2026-04-09
Changed
- Removed excessive Polish comments and restructured code for readability
- Refactored monolithic
main.pyinto modular structure:config.py- Environment configuration and CORS settingsmodels.py- SQLAlchemy ORM modelsschemas.py- Pydantic request/response schemas with validationdatabase.py- Database initialization and session managementsecurity.py- Password hashing and recovery key generationmain.py- FastAPI application and endpoint handlers
- Added official Python docstrings for public functions and classes only
- Improved project metadata with description and version in FastAPI app
Security Improvements
- Restricted CORS to explicit allowed origins instead of wildcard ("*")
- Limited allowed HTTP methods to POST and GET only
- Restricted allowed headers to Content-Type only
- Added password validation (minimum 8 characters, maximum 128)
- Improved error handling with try-except for password verification
- Database operations now properly managed with dependency injection
Added
pyproject.tomlfor modern Python package management (compatible with uv)requirements.txtfor traditional pip/env management- Proper dependency pinning with specific versions
- Database initialization on startup event
- Dependency injection for database sessions via
Depends(get_db) - Recovery key generation moved to dedicated security module
- Startup lifecycle event to ensure schema creation
Dependencies
- fastapi>=0.104.0
- uvicorn[standard]>=0.24.0
- pydantic>=2.5.0
- sqlalchemy>=2.0.0
- passlib[argon2]>=1.7.4
Notes
- SQLite remains in use for development (no encryption at rest)
- For production deployment, consider:
- Using PostgreSQL or equivalent encrypted database
- Setting ENVIRONMENT=production env var
- Configuring CORS_ORIGINS for specific domains
- Enabling HTTPS/SSL
- Implementing rate limiting
- Adding request logging and monitoring