Fix credential repository integration #145
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…-026) This commit implements the foundation for database-backed credential management, moving account credentials and train configurations from filesystem to PostgreSQL. **Database Schema:** - accounts table: Store Anthropic account credentials (API keys, OAuth) - trains table: Store train configurations with Slack config - train_account_mappings: Many-to-many relationship with priority **Key Features:** - AES-256-GCM encryption for sensitive credentials - PBKDF2 key derivation (100K iterations) - SHA-256 hashing for client API keys - Idempotent migrations following ADR-012 patterns - Feature flag (USE_DATABASE_CREDENTIALS) for gradual rollout - Moved Slack configuration from accounts to trains level **Security:** - Application-level encryption with CREDENTIAL_ENCRYPTION_KEY - Database constraints prevent invalid credential types - Foreign key constraints with proper cascade rules - Comprehensive indexes for performance **Files Changed:** - Migration 013: Database schema creation - Migration 014: Data import from filesystem - Shared types: DatabaseAccount, DatabaseTrain, TrainAccountMapping - Encryption utilities: encrypt(), decrypt(), hashApiKey() - Config: Added credentials section with feature flag - Documentation: ADR-026, environment variables, .env.example **Breaking Changes:** None - feature flag defaults to false (filesystem mode) **Next Steps:** - Repository layer implementation - Dashboard management UI - Integration tests Implements the foundation for #ADR-026 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
…Phase 2A-C) Implements the repository layer abstraction for credential storage as per ADR-026 and the train credential migration roadmap Phase 2. ## Changes **Phase 2A: Type Definitions & Interfaces** - Added IAccountRepository interface for account credential operations - Added ITrainRepository interface for train-specific operations - Both interfaces work with account names for backward compatibility **Phase 2B: Filesystem Repositories (Backward Compatibility)** - FilesystemAccountRepository: wraps existing credentials.ts logic - FilesystemTrainRepository: wraps existing client key file logic - 100% backward compatible with current filesystem-based storage - No Slack config or train-account mappings in filesystem mode **Phase 2C: Database Repositories (New Functionality)** - DatabaseAccountRepository: queries accounts table with encryption/decryption - DatabaseTrainRepository: handles train-account mappings with priority - OAuth refresh uses SELECT FOR UPDATE row locking for concurrency safety - Maps between account_name (used by AuthService) and account_id (database PK) **Phase 2D: Factory** - create-repositories.ts: feature flag switching between filesystem and database - Validates encryption key and database pool based on configuration ## Implementation Notes - All repositories implement the same interface for interchangeability - Database mode requires USE_DATABASE_CREDENTIALS=true and CREDENTIAL_ENCRYPTION_KEY - Filesystem mode is the default (USE_DATABASE_CREDENTIALS=false) - OAuth token refresh in database mode is transaction-safe with row locking - Maintains existing account name-based selection logic (ID-based refactor deferred) ## Testing - ✅ TypeScript compilation successful - ✅ ESLint checks passed - ⏳ Unit tests (pending in Phase 2E) - ⏳ Integration tests (pending in Phase 2E) ## Related - ADR-026: Database Credential Management - Roadmap: docs/04-Architecture/train-credential-migration-roadmap.md - Phase 1: PR #144 (database schema and migrations) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
…Service (Phase 2D) Completes Phase 2D of the train credential migration roadmap by wiring the repository layer into the dependency injection container and updating AuthenticationService to use repositories. ## Changes **Container Integration** - Import createRepositories factory and repository interfaces - Instantiate repositories during container initialization - Inject repositories into AuthenticationService constructor - Add getAccountRepository() and getTrainRepository() getter methods - Clean up repositories on container disposal **AuthenticationService Updates** - Accept optional accountRepository and trainRepository in constructor options - Use accountRepository.listAccountNames() when available, fall back to filesystem - Call accountRepository.clearCache() in clearCaches() method - Maintains 100% backward compatibility when repositories not provided ## Behavior **With Repositories (USE_DATABASE_CREDENTIALS=true)** - AuthenticationService delegates account listing to DatabaseAccountRepository - Account credentials are fetched from PostgreSQL with decryption - OAuth token refresh uses row-level locking for concurrency safety **Without Repositories (USE_DATABASE_CREDENTIALS=false, default)** - AuthenticationService falls back to existing filesystem logic - No behavioral changes from current implementation - Complete backward compatibility maintained ## Testing - ✅ TypeScript compilation successful - ⏳ Runtime testing (pending) - ⏳ Unit tests (pending in Phase 2E) - ⏳ Integration tests (pending in Phase 2E) ## Related - Phase 2A-C: Repository implementations (commit ac42415) - ADR-026: Database Credential Management - Roadmap: docs/04-Architecture/train-credential-migration-roadmap.md 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Contributor
Author
|
Closing to reopen against PR #144 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Testing