feat: build core API, fraud engine, notifier, and frontend
Phase 1 — Core API (Go): - Events, guests, tokens, RSVPs CRUD on PostgreSQL via pgx/v5 - HMAC-signed per-guest tokens with format validation - Health endpoint with DB ping, slog JSON logging, graceful shutdown Phase 2 — NATS + Fraud Engine: - NATS JetStream pub/sub with explicit-ack consumers - Python/FastAPI fraud engine with heuristic risk scoring (fingerprint mismatch, IP change, missing signals, repeated access) - gRPC sync scoring with 250ms fail-open timeout - Per-guest baseline tracking; risk bands low/medium/high/block Phase 3 — Notifications + Frontend: - Notification worker scaffolding (Twilio/SES stubs, retry/backoff) - Nuxt 3 frontend with Tailwind dark theme + brand green - Live monitor via WebSocket with auto-reconnect - Activity history endpoint backfills monitor with RSVPs + scored access checks (including blocked attempts) UX polish: - Marketing-friendly landing page (hero mockup, how-it-works, features, use cases, testimonials, FAQ, final CTA) - Animated layered card mockups on landing + new-event page - Plus-ones stepper, RSVP status badges, filter buttons - Friendly access-check labels (Verified/Review/Suspicious/Blocked) - Dashboard hydration fix via ClientOnly wrapper Infrastructure: - docker-compose for full local dev (postgres, nats, api, fraud-engine, notifier, frontend) - Multi-stage Dockerfiles, non-root UID 1000 - Integration tests with testcontainers-go Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Kwaku Danso
@@ -0,0 +1,119 @@
|
||||
package natspub
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/nats-io/nats.go"
|
||||
"github.com/nats-io/nats.go/jetstream"
|
||||
)
|
||||
|
||||
type Client struct {
|
||||
conn *nats.Conn
|
||||
js jetstream.JetStream
|
||||
logger *slog.Logger
|
||||
}
|
||||
|
||||
func Connect(ctx context.Context, url string, logger *slog.Logger) (*Client, error) {
|
||||
conn, err := nats.Connect(url,
|
||||
nats.Name("guestguard-api"),
|
||||
nats.MaxReconnects(-1),
|
||||
nats.ReconnectWait(2*time.Second),
|
||||
nats.DisconnectErrHandler(func(_ *nats.Conn, err error) {
|
||||
if err != nil {
|
||||
logger.Warn("nats disconnected", "err", err)
|
||||
}
|
||||
}),
|
||||
nats.ReconnectHandler(func(c *nats.Conn) {
|
||||
logger.Info("nats reconnected", "url", c.ConnectedUrl())
|
||||
}),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("connect nats: %w", err)
|
||||
}
|
||||
|
||||
js, err := jetstream.New(conn)
|
||||
if err != nil {
|
||||
conn.Close()
|
||||
return nil, fmt.Errorf("jetstream: %w", err)
|
||||
}
|
||||
|
||||
c := &Client{conn: conn, js: js, logger: logger}
|
||||
if err := c.ensureStream(ctx); err != nil {
|
||||
conn.Close()
|
||||
return nil, err
|
||||
}
|
||||
return c, nil
|
||||
}
|
||||
|
||||
func (c *Client) ensureStream(ctx context.Context) error {
|
||||
cfg := jetstream.StreamConfig{
|
||||
Name: StreamName,
|
||||
Subjects: StreamSubjects(),
|
||||
Retention: jetstream.LimitsPolicy,
|
||||
Storage: jetstream.FileStorage,
|
||||
MaxAge: 14 * 24 * time.Hour,
|
||||
Replicas: 1,
|
||||
}
|
||||
|
||||
_, err := c.js.CreateOrUpdateStream(ctx, cfg)
|
||||
if err != nil {
|
||||
return fmt.Errorf("create stream %s: %w", StreamName, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) Close() {
|
||||
if c.conn != nil {
|
||||
c.conn.Drain() //nolint:errcheck
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Client) JetStream() jetstream.JetStream {
|
||||
return c.js
|
||||
}
|
||||
|
||||
func (c *Client) PublishAccessAttempted(ctx context.Context, evt AccessAttempted) error {
|
||||
if evt.OccurredAt.IsZero() {
|
||||
evt.OccurredAt = time.Now().UTC()
|
||||
}
|
||||
return c.publishJSON(ctx, SubjectAccessAttempted, evt, evt.GuestID)
|
||||
}
|
||||
|
||||
func (c *Client) PublishRSVPConfirmed(ctx context.Context, evt RSVPConfirmed) error {
|
||||
if evt.SubmittedAt.IsZero() {
|
||||
evt.SubmittedAt = time.Now().UTC()
|
||||
}
|
||||
return c.publishJSON(ctx, SubjectRSVPConfirmed, evt, evt.RSVPID)
|
||||
}
|
||||
|
||||
func (c *Client) publishJSON(ctx context.Context, subject string, payload any, dedupeKey uuid.UUID) error {
|
||||
body, err := json.Marshal(payload)
|
||||
if err != nil {
|
||||
return fmt.Errorf("marshal %s: %w", subject, err)
|
||||
}
|
||||
|
||||
msg := &nats.Msg{Subject: subject, Data: body}
|
||||
msg.Header = nats.Header{}
|
||||
msg.Header.Set("Content-Type", "application/json")
|
||||
if dedupeKey != uuid.Nil {
|
||||
msg.Header.Set("Nats-Msg-Id", subject+":"+dedupeKey.String()+":"+time.Now().UTC().Format(time.RFC3339Nano))
|
||||
}
|
||||
|
||||
pubCtx, cancel := context.WithTimeout(ctx, 3*time.Second)
|
||||
defer cancel()
|
||||
|
||||
_, err = c.js.PublishMsg(pubCtx, msg)
|
||||
if err != nil {
|
||||
if errors.Is(err, context.DeadlineExceeded) {
|
||||
return fmt.Errorf("publish %s timed out: %w", subject, err)
|
||||
}
|
||||
return fmt.Errorf("publish %s: %w", subject, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user