Giorgio Gilestro
f326b41a08
Adds opt-in client-side-encrypted portfolio sync (paid). Browser
PBKDF2(PIN) → AES-GCM, server HKDF(pepper, user_id) outer wrap;
server stores opaque bytes only. Sliding-window rate limit on GET.
- new portfolio_sync table (migration 0015)
- POST/GET/DELETE /api/portfolio/sync + /status
- app/services/portfolio_sync.py crypto + rate limit
- app/routers/sync.py paid-gated
- app/static/js/portfolio-sync.js WebCrypto wrapper
- settings page: enable/disable + PIN modal
- PORTFOLIO_SYNC_PEPPER setting (warn on startup if missing)
Settings + import rework:
- /upload merged into /settings#import (legacy route 302s)
- drop CSV → auto-parse → preview → Import only / Import & sync
- nav slimmed to Dashboard / News / Log
- Settings + Logout moved to a user dropdown
- brand logo links to /
Collateral fixes:
- settings 500: re-fetch User in current session before mutating
referral_code (assign_code_if_missing was refreshing a User
loaded in the auth dep's now-closed session)
- csv_import: distinct error for unfunded T212 pies (all qty=0)
- db.py: drop pool_pre_ping (aiomysql 0.3.2 incompat); pin
isolation_level=READ COMMITTED to avoid gap-lock deadlocks
- alembic env: disable_existing_loggers=False so in-process
migrations don't silence uvicorn's loggers
- docker-compose.override.yml: dev-only volume mount + --reload
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
49 lines
1.1 KiB
TOML
49 lines
1.1 KiB
TOML
[project]
|
|
name = "cassandra"
|
|
version = "0.1.0"
|
|
description = "Containerised macro-strategy dashboard — market data, news, portfolios, AI daily log."
|
|
requires-python = ">=3.13"
|
|
dependencies = [
|
|
"fastapi>=0.115",
|
|
"uvicorn[standard]>=0.32",
|
|
"jinja2>=3.1",
|
|
"python-multipart>=0.0.12",
|
|
"sqlalchemy[asyncio]>=2.0.36",
|
|
"aiomysql>=0.2.0",
|
|
"alembic>=1.14",
|
|
"pydantic>=2.9",
|
|
"pydantic-settings>=2.6",
|
|
"httpx>=0.28",
|
|
"apscheduler>=3.10",
|
|
"tenacity>=9.0",
|
|
"structlog>=24.4",
|
|
"argon2-cffi>=23.1",
|
|
"cryptography>=43.0",
|
|
"itsdangerous>=2.2",
|
|
"email-validator>=2.2",
|
|
"aiosmtplib>=3.0",
|
|
"redis[hiredis]>=5.2",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"pytest>=8.3",
|
|
"pytest-asyncio>=0.24",
|
|
"pytest-httpx>=0.34",
|
|
"ruff>=0.7",
|
|
]
|
|
|
|
[tool.pytest.ini_options]
|
|
asyncio_mode = "auto"
|
|
testpaths = ["tests"]
|
|
|
|
[tool.ruff]
|
|
line-length = 100
|
|
target-version = "py313"
|
|
|
|
[build-system]
|
|
requires = ["setuptools>=68"]
|
|
build-backend = "setuptools.build_meta"
|
|
|
|
[tool.setuptools]
|
|
packages = ["app", "app.services", "app.jobs", "app.routers"]
|