Files
next-go-blog/docs/CHANGELOG.md
Beyhan Oğur 6d95e27114 first commit
2026-04-26 22:16:43 +03:00

120 lines
3.5 KiB
Markdown

# Changelog
All notable changes to this project will be documented in this file.
## [1.1.0] - 2026-02-04
### Added
-**Redis Integration**: Full Redis caching and session management
- Session storage with Redis
- User data caching
- Token blacklist for logout
- Email verification token cache
- Password reset token cache
-**Cache Service**: New dedicated cache service (`internal/services/cache_service.go`)
- SetUser/GetUser/DeleteUser for user caching
- Session management methods
- Rate limiting support
- Token blacklist operations
- Email verification and password reset token management
-**Rate Limiting**: API rate limiting with Redis backend
- Login rate limiting: 5 attempts per minute
- Registration rate limiting: 3 attempts per 5 minutes
- General API rate limiting: 100 requests per minute
- Graceful degradation when Redis is unavailable
-**CORS Configuration**: Cross-Origin Resource Sharing support
- Configurable allowed origins
- Credentials support
- Multiple HTTP methods allowed
-**Docker Compose**: Complete Docker setup with 3 services
- PostgreSQL 17 Alpine
- Redis 7 Alpine with persistence
- Application service with auto-restart
-**Documentation**:
- README.md with comprehensive project documentation
- SETUP.md with detailed setup instructions
- .env.example template file
- Quick start script (start-with-docker.sh)
### Changed
- 🔄 Updated `main.go` to initialize Redis connection
- 🔄 Updated routes to include rate limiting middlewares
- 🔄 Enhanced docker-compose.yml with Redis service
### Technical Details
- **Redis Client**: go-redis/v9
- **CORS Middleware**: gin-contrib/cors
- **Default CORS Origin**: http://localhost:3000
- **Redis Connection**: Gracefully handles unavailability
## [1.0.0] - Initial Release
### Added
- JWT-based authentication
- OAuth2 integration (Google, GitHub)
- Email verification
- PostgreSQL database with GORM
- Swagger/OpenAPI documentation
- User roles and permissions
- Password hashing with bcrypt
- Protected routes with middleware
- Auto-migration and seeding
### Database Models
- Users table with email verification
- Social accounts for OAuth
- Roles and permissions system
- User-Role relationships
### API Endpoints
- POST /v1/auth/register - User registration
- POST /v1/auth/login - User login
- GET /v1/auth/verify-email - Email verification
- POST /v1/auth/refresh - Token refresh
- GET /v1/auth/:provider - OAuth login
- GET /v1/auth/:provider/callback - OAuth callback
- GET /v1/auth/me - Get current user (protected)
- GET /v1/auth/validate - Validate token (protected)
---
## Future Roadmap
### Planned Features
- [ ] Email service integration (SMTP)
- [ ] Password reset functionality
- [ ] 2FA (Two-Factor Authentication)
- [ ] User profile management
- [ ] Admin dashboard
- [ ] Audit logging
- [ ] Metrics and monitoring (Prometheus)
- [ ] API versioning
- [ ] Webhook support
- [ ] Multi-tenancy support
### Performance Improvements
- [ ] Database query optimization
- [ ] Redis clustering support
- [ ] Connection pooling enhancements
- [ ] Response compression
### Security Enhancements
- [ ] IP whitelisting
- [ ] Advanced rate limiting (per user, per endpoint)
- [ ] Brute force protection
- [ ] Session management dashboard
- [ ] Security headers middleware
- [ ] CSP (Content Security Policy)
---
## Version History
- **v1.1.0** - Redis integration, CORS, Rate limiting, Complete documentation
- **v1.0.0** - Initial release with basic authentication and OAuth