feat(auth): implement complete API-key authentication with modular architecture (#47)
- Add comprehensive API-key authentication system with X-API-Key header validation - Implement permission-based access control (mail:send, * for admin) - Add rate-limiting system (60 req/hour per API key, 100 req/hour per IP) - Refactor monolithic 590-line main.lua into 6 modular components (<200 lines each) - Add IP-restriction support with CIDR notation (127.0.0.1, 10.0.0.0/8) - Implement Hugo integration with CORS support for localhost:1313 - Add production-ready configuration with environment variable support - Create comprehensive testing suite (auth, rate-limiting, stress tests) - Add production deployment checklist and cleanup scripts This refactoring transforms the API gateway from a single-file monolith into a biocodie-compliant modular architecture while adding enterprise-grade security features. Performance testing shows 79 RPS concurrent throughput with <100ms latency. Hugo contact form integration tested and working. System is now production-ready for deployment to walter/aitvaras. Resolves #47
This commit is contained in:
parent
445e751c16
commit
901f5eb2d8
14 changed files with 1160 additions and 80 deletions
|
|
@ -36,6 +36,6 @@ SMTP_FROM=noreply@example.com
|
|||
SMTP_TO=admin@example.com
|
||||
|
||||
# API-Schlüssel (generiere sichere Schlüssel für Produktion!)
|
||||
HUGO_API_KEY=change-me-in-production
|
||||
ADMIN_API_KEY=change-me-in-production
|
||||
HUGO_API_KEY=hugo-dev-key-change-in-production
|
||||
ADMIN_API_KEY=admin-dev-key-change-in-production
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue