DAW/furt
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 3 Packages 1 Wiki Activity Actions
furt/furt-lua
History
michael 901f5eb2d8 feat(auth): implement complete API-key authentication with modular architecture (#47) 
- Add comprehensive API-key authentication system with X-API-Key header validation
- Implement permission-based access control (mail:send, * for admin)
- Add rate-limiting system (60 req/hour per API key, 100 req/hour per IP)
- Refactor monolithic 590-line main.lua into 6 modular components (<200 lines each)
- Add IP-restriction support with CIDR notation (127.0.0.1, 10.0.0.0/8)
- Implement Hugo integration with CORS support for localhost:1313
- Add production-ready configuration with environment variable support
- Create comprehensive testing suite (auth, rate-limiting, stress tests)
- Add production deployment checklist and cleanup scripts

This refactoring transforms the API gateway from a single-file monolith into a
biocodie-compliant modular architecture while adding enterprise-grade security
features. Performance testing shows 79 RPS concurrent throughput with <100ms
latency. Hugo contact form integration tested and working. System is now
production-ready for deployment to walter/aitvaras.

Resolves #47
2025-06-24 22:01:38 +02:00
..
config feat(auth): implement complete API-key authentication with modular architecture (#47) 2025-06-24 22:01:38 +02:00
deployment/openbsd fix(deployment): resolve OpenBSD rc.d service tracking and deployment workflow 2025-06-23 19:44:21 +02:00
scripts feat(auth): implement complete API-key authentication with modular architecture (#47) 2025-06-24 22:01:38 +02:00
src feat(auth): implement complete API-key authentication with modular architecture (#47) 2025-06-24 22:01:38 +02:00
tests feat(furt): implement complete Lua HTTP-Server for digital sovereignty (#63) 2025-06-17 20:40:40 +02:00
.env.production feat(auth): implement complete API-key authentication with modular architecture (#47) 2025-06-24 22:01:38 +02:00
production_checklist.md feat(auth): implement complete API-key authentication with modular architecture (#47) 2025-06-24 22:01:38 +02:00
README.md feat(furt): implement complete Lua HTTP-Server for digital sovereignty (#63) 2025-06-17 20:40:40 +02:00

README.md

Furt Lua HTTP-Server

Pure Lua HTTP-Server für Dragons@Work API-Gateway
Week 1 Implementation - Digital Sovereignty Project

Überblick

Furt ist der erste Schritt zur Migration des API-Gateways von Go auf C+Lua für maximale digitale Souveränität. Diese Implementierung startet mit reinem Lua und bildet die Grundlage für die spätere C+Lua-Hybridarchitektur.

Funktionen

  • HTTP-Server mit lua-socket
  • JSON API Endpoints
  • Request/Response Parsing
  • Basic Routing
  • Mail-Service-Grundgerüst
  • Health-Check
  • Error Handling
  • Automated Tests

Dependencies

Erforderlich:

  • lua 5.4+
  • lua-socket (HTTP-Server)
  • lua-cjson (JSON-Verarbeitung)

Arch Linux:

pacman -S lua lua-socket lua-cjson

Ubuntu:

apt install lua5.4 lua-socket lua-cjson

Projektstruktur

furt-lua/
├── src/
│   └── main.lua              # HTTP-Server (< 200 Zeilen)
├── config/
│   └── server.lua            # Konfiguration 
├── scripts/
│   ├── start.sh              # Server starten
│   └── test_curl.sh          # Manuelle Tests
├── tests/
│   └── test_http.lua         # Automatische Tests
└── README.md

Installation & Start

1. Repository Setup:

mkdir furt-lua
cd furt-lua

# Dateien erstellen (aus Claude-Artefakten)
# main.lua, config/server.lua, scripts/start.sh, etc.

2. Executable machen:

chmod +x scripts/start.sh
chmod +x scripts/test_curl.sh

3. Server starten:

./scripts/start.sh

Server läuft auf: http://127.0.0.1:8080

API-Endpoints

Health Check

GET /health
→ {"status":"healthy","service":"furt-lua","version":"1.0.0"}

Test Endpoint

POST /test
Content-Type: application/json
{"test": "data"}{"message":"Test endpoint working"}

Mail Service

POST /v1/mail/send
Content-Type: application/json
{
  "name": "Test User",
  "email": "test@example.com", 
  "message": "Test message"
}{"success":true,"message":"Mail queued for sending"}

Testing

Automatische Tests:

# Server muss laufen!
lua tests/test_http.lua

Manuelle curl-Tests:

./scripts/test_curl.sh

Quick Test:

curl -X POST http://127.0.0.1:8080/test \
     -H "Content-Type: application/json" \
     -d '{"test":"data"}'

Konfiguration

Mail-SMTP (Environment Variables):

export FURT_MAIL_USERNAME="your_email@dragons-at-work.de"
export FURT_MAIL_PASSWORD="your_password"

Server-Config: config/server.lua

  • Port, Host ändern
  • API-Keys definieren
  • SMTP-Einstellungen

Week 1 Status

Tag 1: HTTP-Server basic functionality
Tag 2: Request/Response parsing
Tag 3: JSON handling, Mail endpoint structure
Tag 4: Routing, Error handling
Tag 5: Testing, Documentation

Success Criteria erreicht:

  • curl -X POST http://localhost:8080/test → HTTP 200 ✓
  • Alle Module < 200 Zeilen ✓
  • JSON Request/Response ✓
  • /v1/mail/send Endpoint ✓

Nächste Schritte (Week 2)

  1. SMTP-Integration - Echte Mail-Versendung
  2. API-Key-Authentication - Security-Layer
  3. Hugo-Integration - POST-based Form-Handling
  4. HTTPS mit lua-ssl

Technologie-Philosophie

  • Lua: PUC-Rio University (echte Unabhängigkeit)
  • Minimale Dependencies: < 5 externe Libraries
  • Modulare Architektur: < 200 Zeilen pro Datei
  • Transparenter Code: Jede Zeile verstehbar
  • Corporate-frei: Keine Google/Microsoft/etc. Dependencies

Teil der Dragons@Work Tech-Souveränitätsstrategie

Development

Code-Stil:

  • Module < 200 Zeilen
  • Funktionen < 50 Zeilen
  • Klare, lesbare Namen
  • Error-Handling für alles

Testing-Pattern:

  • Jede Funktion testbar
  • HTTP-Integration-Tests
  • curl-basierte Verifikation

Week 1 Challenge: COMPLETE
Foundation für souveräne API-Gateway-Architektur gelegt.