120 lines
3.5 KiB
Markdown
120 lines
3.5 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
## [1.1.0] - 2026-02-04
|
|
|
|
### Added
|
|
- ✅ **Redis Integration**: Full Redis caching and session management
|
|
- Session storage with Redis
|
|
- User data caching
|
|
- Token blacklist for logout
|
|
- Email verification token cache
|
|
- Password reset token cache
|
|
|
|
- ✅ **Cache Service**: New dedicated cache service (`internal/services/cache_service.go`)
|
|
- SetUser/GetUser/DeleteUser for user caching
|
|
- Session management methods
|
|
- Rate limiting support
|
|
- Token blacklist operations
|
|
- Email verification and password reset token management
|
|
|
|
- ✅ **Rate Limiting**: API rate limiting with Redis backend
|
|
- Login rate limiting: 5 attempts per minute
|
|
- Registration rate limiting: 3 attempts per 5 minutes
|
|
- General API rate limiting: 100 requests per minute
|
|
- Graceful degradation when Redis is unavailable
|
|
|
|
- ✅ **CORS Configuration**: Cross-Origin Resource Sharing support
|
|
- Configurable allowed origins
|
|
- Credentials support
|
|
- Multiple HTTP methods allowed
|
|
|
|
- ✅ **Docker Compose**: Complete Docker setup with 3 services
|
|
- PostgreSQL 17 Alpine
|
|
- Redis 7 Alpine with persistence
|
|
- Application service with auto-restart
|
|
|
|
- ✅ **Documentation**:
|
|
- README.md with comprehensive project documentation
|
|
- SETUP.md with detailed setup instructions
|
|
- .env.example template file
|
|
- Quick start script (start-with-docker.sh)
|
|
|
|
### Changed
|
|
- 🔄 Updated `main.go` to initialize Redis connection
|
|
- 🔄 Updated routes to include rate limiting middlewares
|
|
- 🔄 Enhanced docker-compose.yml with Redis service
|
|
|
|
### Technical Details
|
|
- **Redis Client**: go-redis/v9
|
|
- **CORS Middleware**: gin-contrib/cors
|
|
- **Default CORS Origin**: http://localhost:3000
|
|
- **Redis Connection**: Gracefully handles unavailability
|
|
|
|
## [1.0.0] - Initial Release
|
|
|
|
### Added
|
|
- JWT-based authentication
|
|
- OAuth2 integration (Google, GitHub)
|
|
- Email verification
|
|
- PostgreSQL database with GORM
|
|
- Swagger/OpenAPI documentation
|
|
- User roles and permissions
|
|
- Password hashing with bcrypt
|
|
- Protected routes with middleware
|
|
- Auto-migration and seeding
|
|
|
|
### Database Models
|
|
- Users table with email verification
|
|
- Social accounts for OAuth
|
|
- Roles and permissions system
|
|
- User-Role relationships
|
|
|
|
### API Endpoints
|
|
- POST /v1/auth/register - User registration
|
|
- POST /v1/auth/login - User login
|
|
- GET /v1/auth/verify-email - Email verification
|
|
- POST /v1/auth/refresh - Token refresh
|
|
- GET /v1/auth/:provider - OAuth login
|
|
- GET /v1/auth/:provider/callback - OAuth callback
|
|
- GET /v1/auth/me - Get current user (protected)
|
|
- GET /v1/auth/validate - Validate token (protected)
|
|
|
|
---
|
|
|
|
## Future Roadmap
|
|
|
|
### Planned Features
|
|
- [ ] Email service integration (SMTP)
|
|
- [ ] Password reset functionality
|
|
- [ ] 2FA (Two-Factor Authentication)
|
|
- [ ] User profile management
|
|
- [ ] Admin dashboard
|
|
- [ ] Audit logging
|
|
- [ ] Metrics and monitoring (Prometheus)
|
|
- [ ] API versioning
|
|
- [ ] Webhook support
|
|
- [ ] Multi-tenancy support
|
|
|
|
### Performance Improvements
|
|
- [ ] Database query optimization
|
|
- [ ] Redis clustering support
|
|
- [ ] Connection pooling enhancements
|
|
- [ ] Response compression
|
|
|
|
### Security Enhancements
|
|
- [ ] IP whitelisting
|
|
- [ ] Advanced rate limiting (per user, per endpoint)
|
|
- [ ] Brute force protection
|
|
- [ ] Session management dashboard
|
|
- [ ] Security headers middleware
|
|
- [ ] CSP (Content Security Policy)
|
|
|
|
---
|
|
|
|
## Version History
|
|
|
|
- **v1.1.0** - Redis integration, CORS, Rate limiting, Complete documentation
|
|
- **v1.0.0** - Initial release with basic authentication and OAuth
|