This is a full API for simaple social network develop with FastApi Postgresql and MongoDB in microservices architecture,
deployed as containerized application with Docker
You can view the demo run on Ubuntu here
You can get the project images here
Table of Contents
- Social Network fastAPI
- Overview
- Getting Started
- Features
- Authentication & Security
- Tests
- CI CD
- Database & Alembic
- env
This is a full API for simaple social network which was developed in microservices architecture,
The architecture looks something like this:
Example of docker-compose run on Ubuntu machine.
I am not a professional developer, I have background in the IT field and recently I moved to devops
The architecture could have been better and so the development itself
You can view the Getting Started presentation Here
Currently the project contains the following topics:
Users
There is a registration and login, the registration is verified by email verification, and the login is based on JWT.
Most features are conditional on a authenticated user and verified user.
There is email verification for new users
Posts
The user can create a post visible to everyone or in a specific group.
Can update or delete, and filter posts of your choice.
Votes
Each user has the option to like the post, and can cancel the like
Comments
Each user has the option to add a comment to the post.
The user can update or delete the comment.
Groups
Groups is the most multi-function feature,
Any verified user can create and manage a group,
Users can send a join request, the onwer of the group can choose whether to confirm or not.
The administrator of the group can block a user from the group, can exclude users,
or can replace himself with another member of the group
I decided to gain experience with Keycloak, so user authentication is performed with Keycloak and postgresql,
I'm not sure if it fits the requirement for this kind of software, but for the purpose of studying I used it.
I used the fastapi-keycloak package, and Keycloak 16.0.1, it's a bit outdated, but it's what fits the package right now.
Because I didn't want user communication with Keycloak (That's why I said it might not be suitable for the project),
For some of the requirements I did not find a way to work with the keycloak API, action-token for example,
So I added some features with JWT.
CORS (Cross Origin Resource Sharing) is implemented
Using environment variables, you can see more in the .env section.
There are currently 335 tests, implemented with pytest,
Each test is isolated and independent of another, using @pytest.fixture
There is a separate database for tests to maintain a proper test, which is initialized after each test
For data validation I used Field and validator imported from Pydantic
And Query Path and Body imported from fastapi
You can see more in validators.py and schemas.py Files
The project has a simple CI/CD based on GitHub Actions.
For each push or pull request, a build is performed for a test environment with all the dependencies,
If the build is completed successfully, two security jobs start running,
The first is git-guardian-scanning - uses gitguardian's feature for scanning
The second is trufflehog-credential-verification - Credential Verification Scanning
If these two jobs are completed successfully, three jobs for deploy start running,
The first is deploy-to-heroku the second is deploy-to-ubunto-server and the third is update-docker-image
The last job that runs is notification, This is a custom email that gives status update on the other jobs
All jobs use environmental variables, which are explained in the .env section
Postgres
In the `main_server` I used postgresql and there are 8 tables:
`Post`, `User`, `Vote`, `Comment`, `Groups`, `UserInGroups`, `JoinRequestGroups`, `alembic_version`
**alembic_version -** This table is created by default following the use of alembic
You can see all the fields and the relationships between the tables in the `app/models.py` file
**All relevant tables support CASCADE, and I adhered to the ACID guidelines**
All DB access has been implemented with SQLAlchemy
I use Alembic to manage the versions of the database,
All versions can be found here: `/ alembic / versions /`
The id of the latest version (the version currently in use) is stored in the `alembic_version` table
I set the primary key to be `INT` type `(AUTO_INCREMENT)` and not `UUID` to simplify
Mongodb
In the email_verification_server I used mongodb and there are 1 DB and 1 collection,
Use for track users who need to verify email
A file containing the environment variables:
For These environment variables, it is required to set up a database first:
DATABASE_HOSTNAME=
DATABASE_PORT=
DATABASE_PASSWORD=
DATABASE_NAME=
DATABASE_USERNAME=
These environment variables required for create token, password hash and expiration for token:
SECRET_KEY=
ALGORITHM=
ACCESS_TOKEN_EXPIRE_MINUTES=
Note that there is a separate test database that also needs to be set up,
At the moment his name is {settings.database_name}_test (like the main only with _test at the end)
You can change its definition here: /tests/conftest.py
To use Workflow for GitHub Actions, you required to include additional environment variables in GitHub Secrets