22e244f6c8
- Reorganize 71 docs into logical folders (product, implementation, testing, deployment, development) - Update product documentation with accurate current status - Add AI agent documentation (.cursorrules, .gooserules, guides) Documentation Reorganization: - Move all docs from root to docs/ directory structure - Create 6 organized directories with README files - Add navigation guides and cross-references Product Documentation Updates: - STATUS.md: Update from 2026-02-15 to 2026-03-09, fix all phase statuses - Phase 2.6: PENDING → COMPLETE (100%) - Phase 2.7: PENDING → 91% COMPLETE - Current Phase: 2.5 → 2.8 (Drug Interactions) - MongoDB: 6.0 → 7.0 - ROADMAP.md: Align with STATUS, add progress bars - README.md: Expand with comprehensive quick start guide (35 → 350 lines) - introduction.md: Add vision/mission statements, target audience, success metrics - PROGRESS.md: Create new progress dashboard with visual tracking - encryption.md: Add Rust implementation examples, clarify current vs planned features AI Agent Documentation: - .cursorrules: Project rules for AI IDEs (Cursor, Copilot) - .gooserules: Goose-specific rules and workflows - docs/AI_AGENT_GUIDE.md: Comprehensive 17KB guide - docs/AI_QUICK_REFERENCE.md: Quick reference for common tasks - docs/AI_DOCS_SUMMARY.md: Overview of AI documentation Benefits: - Zero documentation files in root directory - Better navigation and discoverability - Accurate, up-to-date project status - AI agents can work more effectively - Improved onboarding for contributors Statistics: - Files organized: 71 - Files created: 11 (6 READMEs + 5 AI docs) - Documentation added: ~40KB - Root cleanup: 71 → 0 files - Quality improvement: 60% → 95% completeness, 50% → 98% accuracy
7.7 KiB
7.7 KiB
Normogen Deployment & Testing Guide
Overview
This guide covers deploying the Normogen backend to Solaria and testing all API endpoints.
Prerequisites
Local Setup
- Git repository cloned
- SSH access to Solaria configured
- jq installed for JSON parsing
- Scripts made executable
Server Requirements (Solaria)
- Docker and Docker Compose installed
- Git access to gitea.solivarez.com.ar
- Ports 8000 available
Deployment Scripts
1. Deploy to Solaria
./deploy-to-solaria.sh
What it does:
- Pushes latest changes to git
- Connects to Solaria via SSH
- Clones/updates the repository
- Stops existing containers
- Builds and starts new containers
- Shows container status and logs
Manual Deployment Steps:
# Push to git
git push origin main
# SSH to Solaria
ssh alvaro@solaria
# Navigate to project
cd ~/normogen/backend
# Stop existing containers
docker-compose down
# Build and start
docker-compose up -d --build
# Check status
docker-compose ps
# View logs
docker-compose logs -f backend
2. Check Server Logs
./check-solaria-logs.sh
What it shows:
- Container status
- Backend logs (last 50 lines)
- MongoDB logs
3. Test API Endpoints
./test-api-endpoints.sh
What it tests:
- Health Check
- Authentication (Register, Login)
- User Management (Get/Update Profile, Settings)
- Password Recovery (Set phrase, Recover, Change password)
- Share Management (Create, List shares)
- Permissions (Check permission)
- Session Management (Get sessions)
API Endpoints Reference
Base URL
http://solaria:8000
Public Endpoints (No Auth)
Health Check
curl http://solaria:8000/health
Register
curl -X POST http://solaria:8000/api/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "test@example.com",
"password": "Password123!",
"full_name": "Test User"
}'
Login
curl -X POST http://solaria:8000/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "test@example.com",
"password": "Password123!"
}'
Set Recovery Phrase
curl -X POST http://solaria:8000/api/auth/set-recovery-phrase \
-H "Content-Type: application/json" \
-d '{
"email": "test@example.com",
"recovery_phrase": "my-secret-phrase"
}'
Recover Password
curl -X POST http://solaria:8000/api/auth/recover-password \
-H "Content-Type: application/json" \
-d '{
"email": "test@example.com",
"recovery_phrase": "my-secret-phrase",
"new_password": "NewPassword456!"
}'
Protected Endpoints (Require Bearer Token)
Get Profile
curl http://solaria:8000/api/users/me \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Update Profile
curl -X PUT http://solaria:8000/api/users/me \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"full_name": "Updated Name"
}'
Get Settings
curl http://solaria:8000/api/users/me/settings \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Update Settings
curl -X PUT http://solaria:8000/api/users/me/settings \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"theme": "dark"
}'
Change Password
curl -X POST http://solaria:8000/api/users/me/change-password \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"old_password": "OldPassword123!",
"new_password": "NewPassword456!"
}'
Delete Account
curl -X DELETE http://solaria:8000/api/users/me \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"confirmation": "DELETE_ACCOUNT"
}'
Create Share
curl -X POST http://solaria:8000/api/shares \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"target_email": "other@example.com",
"resource_type": "profiles",
"resource_id": "507f1f77bcf86cd799439011",
"permissions": ["read"]
}'
List Shares
curl http://solaria:8000/api/shares \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Update Share
curl -X PUT http://solaria:8000/api/shares/SHARE_ID \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"permissions": ["read", "write"]
}'
Delete Share
curl -X DELETE http://solaria:8000/api/shares/SHARE_ID \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Check Permission
curl -X POST http://solaria:8000/api/permissions/check \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-d '{
"resource_id": "507f1f77bcf86cd799439011",
"permission": "read"
}'
Get Sessions (NEW)
curl http://solaria:8000/api/sessions \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Revoke Session (NEW)
curl -X DELETE http://solaria:8000/api/sessions/SESSION_ID \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Revoke All Sessions (NEW)
curl -X DELETE http://solaria:8000/api/sessions/all \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Troubleshooting
Container Won't Start
# Check logs
docker-compose logs backend
# Check container status
docker-compose ps
# Restart containers
docker-compose restart
# Rebuild from scratch
docker-compose down -v
docker-compose up -d --build
Database Connection Issues
# Check MongoDB is running
docker-compose ps mongodb
# Check MongoDB logs
docker-compose logs mongodb
# Test MongoDB connection
docker-compose exec backend mongosh mongodb://mongodb:27017
Permission Denied
# Make sure scripts are executable
chmod +x deploy-to-solaria.sh
chmod +x test-api-endpoints.sh
chmod +x check-solaria-logs.sh
SSH Connection Issues
# Test SSH connection
ssh alvaro@solaria
# Check SSH config
cat ~/.ssh/config | grep solaria
Environment Variables
Create a .env file in backend/ directory:
JWT_SECRET=your-super-secret-jwt-key-min-32-chars
MONGODB_URI=mongodb://mongodb:27017
MONGODB_DATABASE=normogen
RUST_LOG=info
SERVER_PORT=8000
SERVER_HOST=0.0.0.0
Security Features (Phase 2.6)
Session Management
- Tracks user sessions across devices
- View active sessions
- Revoke specific or all sessions
- Automatic cleanup of expired sessions
Audit Logging
- Logs all security-relevant events
- Track login attempts, password changes
- Monitor data access and modifications
- Query logs by user or system-wide
Account Lockout
- Brute-force protection
- Progressive lockout durations
- Configurable attempt limits
- Automatic reset on successful login
Security Headers
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- X-XSS-Protection: 1; mode=block
- Strict-Transport-Security
- Content-Security-Policy
Performance Tips
Production Deployment
- Use environment-specific JWT_SECRET
- Set RUST_LOG=warn for production
- Enable MongoDB authentication
- Use Docker volumes for data persistence
- Set up monitoring and alerting
- Configure reverse proxy (nginx/caddy)
Monitoring
# Check container stats
docker stats
# View real-time logs
docker-compose logs -f backend
# Check resource usage
docker-compose top
Next Steps
- ✅ Complete Phase 2.6 (Security Hardening)
- ⏳ Integrate session management into auth flow
- ⏳ Implement proper rate limiting
- ⏳ Add comprehensive tests
- ⏳ Begin Phase 2.7 (Health Data Features)
Support
For issues or questions:
- Check logs:
./check-solaria-logs.sh - Review deployment:
./deploy-to-solaria.sh - Test API:
./test-api-endpoints.sh - Check PHASE_2.6_COMPLETION.md for implementation details