aws integration
-
AWS Integration:
-
Full AWS credential management with secure storage in Supabase Vault.
-
API endpoints for credential setup, update, status check, and deletion.
-
Comprehensive validation of AWS SES and SNS permissions:
-
SES:
SendEmail,SendRawEmail,GetTemplate,CreateTemplate,UpdateTemplate,DeleteTemplate,ListTemplates. -
SNS:
Subscribe,Publish,SetTopicAttributes.
-
-
Detailed permission status reporting in API responses.
-
-
Supabase Vault Integration:
-
Secure storage of AWS credentials using Postgres Vault extension.
-
Authenticated encryption for AWS credentials at rest.
-
Database model for tracking Vault-stored secrets.
-
-
AWS credentials are stored with authenticated encryption in Supabase Vault, not in application database.
-
AWS credential validation happens immediately to ensure permissions are sufficient.
-
AWS IAM best practice implemented by only storing and using the minimum required permissions.
git init
-
Core Authentication API:
-
User registration (
/api/v1/auth/register) with email and password. -
Secure password hashing.
-
User login (
/api/v1/auth/login) returning JWT. -
JWT generation and validation.
-
Protected endpoint (
/api/v1/auth/me) to retrieve authenticated user's details. -
Pydantic models for request/response validation.
-
SQLAlchemy models for database interaction.
-
Database setup with PostgreSQL.
-
Alembic for database migrations.
-
FastAPI application setup with basic routing.
-
Core dependencies added to
pyproject.toml.
-
-
Security Enhancements:
- Rate limiting implemented for
/api/v1/auth/register(5/minute) and/api/v1/auth/login(10/minute) endpoints to prevent brute-force and DoS attacks.
- Rate limiting implemented for
-
Implemented rate limiting on authentication endpoints.
-
Password hashing.
-
JWTs for session management.