feat: build core API, fraud engine, notifier, and frontend
Phase 1 — Core API (Go): - Events, guests, tokens, RSVPs CRUD on PostgreSQL via pgx/v5 - HMAC-signed per-guest tokens with format validation - Health endpoint with DB ping, slog JSON logging, graceful shutdown Phase 2 — NATS + Fraud Engine: - NATS JetStream pub/sub with explicit-ack consumers - Python/FastAPI fraud engine with heuristic risk scoring (fingerprint mismatch, IP change, missing signals, repeated access) - gRPC sync scoring with 250ms fail-open timeout - Per-guest baseline tracking; risk bands low/medium/high/block Phase 3 — Notifications + Frontend: - Notification worker scaffolding (Twilio/SES stubs, retry/backoff) - Nuxt 3 frontend with Tailwind dark theme + brand green - Live monitor via WebSocket with auto-reconnect - Activity history endpoint backfills monitor with RSVPs + scored access checks (including blocked attempts) UX polish: - Marketing-friendly landing page (hero mockup, how-it-works, features, use cases, testimonials, FAQ, final CTA) - Animated layered card mockups on landing + new-event page - Plus-ones stepper, RSVP status badges, filter buttons - Friendly access-check labels (Verified/Review/Suspicious/Blocked) - Dashboard hydration fix via ClientOnly wrapper Infrastructure: - docker-compose for full local dev (postgres, nats, api, fraud-engine, notifier, frontend) - Multi-stage Dockerfiles, non-root UID 1000 - Integration tests with testcontainers-go Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Kwaku Danso
@@ -0,0 +1,44 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type EventStatus string
|
||||
|
||||
const (
|
||||
EventStatusDraft EventStatus = "draft"
|
||||
EventStatusPublished EventStatus = "published"
|
||||
EventStatusClosed EventStatus = "closed"
|
||||
EventStatusArchived EventStatus = "archived"
|
||||
)
|
||||
|
||||
func (s EventStatus) Valid() bool {
|
||||
switch s {
|
||||
case EventStatusDraft, EventStatusPublished, EventStatusClosed, EventStatusArchived:
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type Event struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
HostID uuid.UUID `json:"host_id"`
|
||||
Name string `json:"name"`
|
||||
Slug string `json:"slug"`
|
||||
EventDate time.Time `json:"event_date"`
|
||||
Venue string `json:"venue"`
|
||||
MaxCapacity int `json:"max_capacity"`
|
||||
Settings map[string]any `json:"settings"`
|
||||
Status EventStatus `json:"status"`
|
||||
CreatedAt time.Time `json:"created_at"`
|
||||
UpdatedAt time.Time `json:"updated_at"`
|
||||
}
|
||||
|
||||
var (
|
||||
ErrEventNotFound = errors.New("event not found")
|
||||
ErrSlugTaken = errors.New("slug already in use")
|
||||
)
|
||||
@@ -0,0 +1,25 @@
|
||||
package domain
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestEventStatus_Valid(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
in EventStatus
|
||||
want bool
|
||||
}{
|
||||
{"draft", EventStatusDraft, true},
|
||||
{"published", EventStatusPublished, true},
|
||||
{"closed", EventStatusClosed, true},
|
||||
{"archived", EventStatusArchived, true},
|
||||
{"empty", "", false},
|
||||
{"unknown", "running", false},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if got := tt.in.Valid(); got != tt.want {
|
||||
t.Errorf("Valid() = %v, want %v", got, tt.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,22 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type Guest struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
EventID uuid.UUID `json:"event_id"`
|
||||
Name string `json:"name"`
|
||||
Email *string `json:"email,omitempty"`
|
||||
Phone *string `json:"phone,omitempty"`
|
||||
PlusOnes int `json:"plus_ones"`
|
||||
DietaryNotes *string `json:"dietary_notes,omitempty"`
|
||||
TableNumber *int `json:"table_number,omitempty"`
|
||||
CreatedAt time.Time `json:"created_at"`
|
||||
}
|
||||
|
||||
var ErrGuestNotFound = errors.New("guest not found")
|
||||
@@ -0,0 +1,41 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type RSVPResponse string
|
||||
|
||||
const (
|
||||
RSVPAttending RSVPResponse = "attending"
|
||||
RSVPDeclined RSVPResponse = "declined"
|
||||
RSVPMaybe RSVPResponse = "maybe"
|
||||
)
|
||||
|
||||
func (r RSVPResponse) Valid() bool {
|
||||
switch r {
|
||||
case RSVPAttending, RSVPDeclined, RSVPMaybe:
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type RSVP struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
GuestID uuid.UUID `json:"guest_id"`
|
||||
Response RSVPResponse `json:"response"`
|
||||
PlusOnes int `json:"plus_ones"`
|
||||
DietaryNotes *string `json:"dietary_notes,omitempty"`
|
||||
SubmittedAt time.Time `json:"submitted_at"`
|
||||
DeviceFingerprint map[string]any `json:"device_fingerprint,omitempty"`
|
||||
IPAddress *string `json:"ip_address,omitempty"`
|
||||
RiskScore *int `json:"risk_score,omitempty"`
|
||||
}
|
||||
|
||||
var (
|
||||
ErrRSVPAlreadySubmitted = errors.New("rsvp already submitted")
|
||||
ErrRSVPBlocked = errors.New("rsvp blocked due to fraud risk")
|
||||
)
|
||||
@@ -0,0 +1,49 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type TokenStatus string
|
||||
|
||||
const (
|
||||
TokenStatusActive TokenStatus = "active"
|
||||
TokenStatusUsed TokenStatus = "used"
|
||||
TokenStatusRevoked TokenStatus = "revoked"
|
||||
TokenStatusExpired TokenStatus = "expired"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
GuestID uuid.UUID `json:"guest_id"`
|
||||
TokenHash string `json:"-"`
|
||||
ExpiresAt time.Time `json:"expires_at"`
|
||||
Status TokenStatus `json:"status"`
|
||||
UsedAt *time.Time `json:"used_at,omitempty"`
|
||||
CreatedAt time.Time `json:"created_at"`
|
||||
}
|
||||
|
||||
func (t *Token) IsValid(now time.Time) error {
|
||||
switch t.Status {
|
||||
case TokenStatusUsed:
|
||||
return ErrTokenAlreadyUsed
|
||||
case TokenStatusRevoked:
|
||||
return ErrTokenRevoked
|
||||
case TokenStatusExpired:
|
||||
return ErrTokenExpired
|
||||
}
|
||||
if now.After(t.ExpiresAt) {
|
||||
return ErrTokenExpired
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
var (
|
||||
ErrTokenNotFound = errors.New("token not found")
|
||||
ErrTokenExpired = errors.New("token expired")
|
||||
ErrTokenRevoked = errors.New("token revoked")
|
||||
ErrTokenAlreadyUsed = errors.New("token already used")
|
||||
)
|
||||
@@ -0,0 +1,21 @@
|
||||
package domain
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
ID uuid.UUID `json:"id"`
|
||||
Email string `json:"email"`
|
||||
Name string `json:"name"`
|
||||
CreatedAt time.Time `json:"created_at"`
|
||||
UpdatedAt time.Time `json:"updated_at"`
|
||||
}
|
||||
|
||||
var (
|
||||
ErrUserNotFound = errors.New("user not found")
|
||||
ErrEmailTaken = errors.New("email already in use")
|
||||
)
|
||||
Reference in New Issue
Block a user