3108fe1dff
- Backend (FastAPI): - Attachment and AttachmentVersion models with migration - FileStorageService with SHA-256 checksum validation - File type validation (whitelist/blacklist) - Full CRUD API with version control support - Audit trail integration for upload/download/delete - Configurable upload directory and file size limit - Frontend (React + Vite): - AttachmentUpload component with drag & drop - AttachmentList component with download/delete - TaskAttachments combined component - Attachments service for API calls - Testing: - 12 tests for storage service and API endpoints - OpenSpec: - add-document-management change archived 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
72 lines
1.9 KiB
Python
72 lines
1.9 KiB
Python
from pydantic_settings import BaseSettings
|
|
from typing import List
|
|
import os
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
# Database
|
|
MYSQL_HOST: str = "localhost"
|
|
MYSQL_PORT: int = 3306
|
|
MYSQL_USER: str = "root"
|
|
MYSQL_PASSWORD: str = ""
|
|
MYSQL_DATABASE: str = "pjctrl"
|
|
|
|
@property
|
|
def DATABASE_URL(self) -> str:
|
|
return f"mysql+pymysql://{self.MYSQL_USER}:{self.MYSQL_PASSWORD}@{self.MYSQL_HOST}:{self.MYSQL_PORT}/{self.MYSQL_DATABASE}"
|
|
|
|
# Redis
|
|
REDIS_HOST: str = "localhost"
|
|
REDIS_PORT: int = 6379
|
|
REDIS_DB: int = 0
|
|
|
|
@property
|
|
def REDIS_URL(self) -> str:
|
|
return f"redis://{self.REDIS_HOST}:{self.REDIS_PORT}/{self.REDIS_DB}"
|
|
|
|
# JWT
|
|
JWT_SECRET_KEY: str = "your-secret-key-change-in-production"
|
|
JWT_ALGORITHM: str = "HS256"
|
|
JWT_EXPIRE_MINUTES: int = 10080 # 7 days
|
|
|
|
# External Auth API
|
|
AUTH_API_URL: str = "https://pj-auth-api.vercel.app"
|
|
|
|
# CORS
|
|
CORS_ORIGINS: List[str] = ["http://localhost:3000", "http://localhost:5173"]
|
|
|
|
# System Admin
|
|
SYSTEM_ADMIN_EMAIL: str = "ymirliu@panjit.com.tw"
|
|
|
|
# File Upload
|
|
UPLOAD_DIR: str = "./uploads"
|
|
MAX_FILE_SIZE_MB: int = 50
|
|
|
|
@property
|
|
def MAX_FILE_SIZE(self) -> int:
|
|
return self.MAX_FILE_SIZE_MB * 1024 * 1024
|
|
|
|
# Allowed file extensions (whitelist)
|
|
ALLOWED_EXTENSIONS: List[str] = [
|
|
# Documents
|
|
"pdf", "doc", "docx", "xls", "xlsx", "ppt", "pptx", "txt", "csv",
|
|
# Images
|
|
"jpg", "jpeg", "png", "gif", "bmp", "svg", "webp",
|
|
# Archives
|
|
"zip", "rar", "7z", "tar", "gz",
|
|
# Data
|
|
"json", "xml", "yaml", "yml",
|
|
]
|
|
|
|
# Blocked file extensions (dangerous)
|
|
BLOCKED_EXTENSIONS: List[str] = [
|
|
"exe", "bat", "cmd", "sh", "ps1", "dll", "msi", "com", "scr", "vbs", "js"
|
|
]
|
|
|
|
class Config:
|
|
env_file = ".env"
|
|
case_sensitive = True
|
|
|
|
|
|
settings = Settings()
|