arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

📝 docs: add comprehensive user management ADR and technical documentation

Browse Source 
Added ADR-0018 for User Management and Authentication System with:
- Non-persisted admin user with master password authentication
- JWT-based authentication with bcrypt password hashing
- PostgreSQL database schema and GORM integration
- Admin-assisted password reset workflow
- Comprehensive security considerations

Added ADR-0019 for BDD Feature Structure:
- Epic/User Story organization pattern
- Unified development workflow
- Source of truth hierarchy

Added ADR-0020 for Docker Build Strategy:
- Multi-stage build approach
- Cache optimization strategy
- Production vs development build differences

Added technical documentation:
- Complete user management system specification
- API endpoints and integration details
- Security architecture and best practices

Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
Gabriel Radureau
2026-04-09 00:25:35 +02:00
parent 10c909581c
commit 69e7c44eb2
6 changed files with 1207 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adr/0018-user-management-auth-system.md
View File

@@ -7,7 +7,7 @@
## Context
The DanceLessonsCoach application currently lacks user management and authentication capabilities. To provide personalized experiences and administrative functions, we need to implement a secure user authentication system with PostgreSQL persistence.
The dance-lessons-coach application currently lacks user management and authentication capabilities. To provide personalized experiences and administrative functions, we need to implement a secure user authentication system with PostgreSQL persistence.
## Decision
@@ -69,7 +69,7 @@ CREATE TABLE users (
#### Architecture Alignment
The user management system follows the established DanceLessonsCoach patterns:
The user management system follows the established dance-lessons-coach patterns:
1. **Interface-based Design:**
```go
@@ -120,6 +120,7 @@ The user management system follows the established DanceLessonsCoach patterns:
- 30-minute expiration for access tokens
- Secure random signing key
- HTTPS-only cookies
- **Secret Rotation:** Multiple valid secrets with retention policy (see Issue #8)
3. **Admin Access:**
- Master password from environment variable
- Non-persisted admin user
@@ -308,7 +309,7 @@ type Config struct {
## Implementation Plan
This implementation builds upon the completed phases and follows the established DanceLessonsCoach patterns.
This implementation builds upon the completed phases and follows the established dance-lessons-coach patterns.
### Phase 10: User Management Foundation (Next Phase)
@@ -464,6 +465,7 @@ The implementation maintains full backward compatibility:
3. **User Activity Logging:** For audit trails
4. **Password Strength Meter:** For better user experience
5. **Account Recovery:** Email/phone-based recovery options
6. **JWT Secret Rotation:** Implement secret persistence and rotation mechanism (Issue #8)
## References