2adbcd0535
- Implemented comprehensive multi-tenant data isolation using database-level security - Built JWT authentication system with role-based access control (Super Admin, Org Admin, User, Viewer) - Created RESTful API endpoints for user and organization operations - Added complete audit logging for all data modifications with IP tracking - Implemented API rate limiting and input validation with security middleware - Built webhook processing engine with async event handling and retry logic - Created external API call handlers with circuit breaker pattern and error handling - Implemented data synchronization between external services and internal data - Added integration health monitoring and status tracking - Created three mock external services (User Management, Payment, Communication) - Implemented idempotency for webhook processing to handle duplicates gracefully - Added comprehensive security headers and XSS/CSRF protection - Set up Alembic database migrations with proper SQLite configuration - Included extensive documentation and API examples Architecture features: - Multi-tenant isolation at database level - Circuit breaker pattern for external API resilience - Async background task processing - Complete audit trail with user context - Role-based permission system - Webhook signature verification - Request validation and sanitization - Health monitoring endpoints Co-Authored-By: Claude <noreply@anthropic.com>
43 lines
1.5 KiB
Python
43 lines
1.5 KiB
Python
from fastapi import APIRouter, Depends, Request
|
|
from sqlalchemy.orm import Session
|
|
from app.core.deps import get_db, get_current_active_user, get_current_organization
|
|
from app.models.user import User
|
|
from app.models.tenant import Organization
|
|
from app.schemas.organization import OrganizationResponse, OrganizationUpdate
|
|
from app.services.organization import OrganizationService
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get("/me", response_model=OrganizationResponse)
|
|
async def get_my_organization(
|
|
current_org: Organization = Depends(get_current_organization)
|
|
):
|
|
return current_org
|
|
|
|
|
|
@router.put("/me", response_model=OrganizationResponse)
|
|
async def update_my_organization(
|
|
request: Request,
|
|
organization_update: OrganizationUpdate,
|
|
current_user: User = Depends(get_current_active_user),
|
|
current_org: Organization = Depends(get_current_organization),
|
|
db: Session = Depends(get_db)
|
|
):
|
|
org_service = OrganizationService(db)
|
|
return org_service.update_organization(
|
|
organization_id=current_org.id,
|
|
organization_update=organization_update,
|
|
current_user=current_user,
|
|
ip_address=request.client.host,
|
|
user_agent=request.headers.get("user-agent", "")
|
|
)
|
|
|
|
|
|
@router.get("/me/stats")
|
|
async def get_organization_stats(
|
|
current_org: Organization = Depends(get_current_organization),
|
|
db: Session = Depends(get_db)
|
|
):
|
|
org_service = OrganizationService(db)
|
|
return org_service.get_organization_stats(current_org.id) |