feat(server): mint API + Postgres schema + manual adapter (PR 1)

Source-agnostic license issuance service. FastAPI app fronts a
Postgres `licenses` table; the only currently-wired source is
`manual` (operator mints via /internal/mint). Gumroad webhook
adapter lands in PR 2.

Key design points:

- Signing reuses src/license/crypto.py via a COPY into the image
  (single source of truth — blobs minted server-side verify against
  the same embedded pubkey on the buyer's machine).
- Source adapter Protocol (app/adapters/base.py) is the seam for
  Gumroad / Lemon Squeezy / Stripe in later PRs; Mint API speaks
  only SaleEvent / RefundEvent.
- (source, source_order_id) UNIQUE composite gives idempotent
  webhook retries without double-mint.
- JSONB type uses with_variant(JSON, 'sqlite') so the same models
  drive both Postgres prod and SQLite tests (no testcontainers dep).
- Bearer-token auth on /internal/*; the IP-loopback guard was
  removed after the docker bridge made it fight legitimate prod
  traffic (nginx defense + Bearer remain).
- Secrets resolved via *_FILE env vars pointing at
  /run/secrets/<name>, so passwords never appear in `docker inspect`.

21 unit tests (SQLite in-memory, StaticPool) plus a real-Postgres
docker-compose smoke test in server/scripts/smoke.sh that builds the
image, runs the alembic migration, mints a license, verifies the
signature against the host dev pubkey, and checks the DB row.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-14 00:46:54 +00:00
parent 4179cb5156
commit bab2c9468c
29 changed files with 1519 additions and 0 deletions

54
server/app/schemas.py Normal file
View File

@@ -0,0 +1,54 @@
"""Pydantic request/response models for the HTTP layer."""
from __future__ import annotations
from datetime import datetime
from decimal import Decimal
from enum import Enum
from typing import Optional
from pydantic import BaseModel, ConfigDict, EmailStr, Field
class TierName(str, Enum):
lite = "lite"
core = "core"
pro = "pro"
enterprise = "enterprise"
class MintRequest(BaseModel):
name: str = Field(min_length=1, max_length=200)
email: EmailStr
tier: TierName
years: int = Field(default=1, ge=1, le=10)
source: str = Field(default="manual", min_length=1, max_length=40)
source_order_id: Optional[str] = Field(default=None, max_length=120)
promotion: Optional[str] = Field(default=None, max_length=60)
amount_paid: Optional[Decimal] = Field(default=None, ge=0, decimal_places=2)
currency: Optional[str] = Field(default="USD", min_length=3, max_length=3)
notes: Optional[str] = Field(default=None, max_length=2000)
class RevokeRequest(BaseModel):
license_key: str = Field(min_length=1, max_length=120)
reason: Optional[str] = Field(default=None, max_length=500)
class LicenseResponse(BaseModel):
model_config = ConfigDict(from_attributes=True)
license_key: str
name: str
email: str
tier: str
issued_at: datetime
expires_at: datetime
blob: str
source: str
source_order_id: Optional[str]
promotion: Optional[str]
amount_paid: Optional[Decimal]
currency: Optional[str]
revoked_at: Optional[datetime]
notes: Optional[str]