Foundation for the passwordless auth migration (ADR-0028 Phase A) and
the BDD email-parallel strategy (ADR-0030). This PR ships only the
infrastructure — no auth code yet ; that lands in subsequent PRs.
Changes:
- docker-compose.yml: add mailpit service (axllent/mailpit:latest), SMTP
on :1025, HTTP UI/API on :8025, MP_MAX_MESSAGES=5000
- pkg/email/sender.go: provider-agnostic Sender interface + Message struct
- pkg/email/smtp_sender.go: SMTPSender implementation (net/smtp), with
Mailpit-friendly defaults (localhost:1025, no TLS, no AUTH), context-
aware Send with timeout, supports plain text and multipart/alternative
- pkg/config: AuthConfig.Email field + EmailConfig struct + GetEmailConfig
getter + 7 new env vars (DLC_AUTH_EMAIL_*) + defaults
- documentation/EMAIL.md: setup, inspection (UI + API), code examples,
cross-refs to ADR-0028/0029/0030
Tests (pkg/email/smtp_sender_test.go):
- validateMessage rejects missing fields, accepts minimal
- buildRFC5322 plain-text path produces single-part text/plain with
expected headers
- buildRFC5322 multipart path produces multipart/alternative with both
parts and a closing boundary
- buildRFC5322 custom headers are canonicalised (lowercase keys → Title-Case)
- NewSMTPSender defaults are Mailpit-friendly
- Send respects context cancellation (no 10s wait when ctx cancelled)
Race detector clean. Build clean. Vet clean.
Out of scope for this PR (Phase A.2+):
- BDD email-steps helper package (pkg/bdd/mailpit/, pkg/bdd/steps/email_steps.go)
- magic_link_tokens table + repository
- magic-link/request and magic-link/consume HTTP handlers
- BDD scenarios for the magic-link flow
Added ADR-0018 for User Management and Authentication System with:
- Non-persisted admin user with master password authentication
- JWT-based authentication with bcrypt password hashing
- PostgreSQL database schema and GORM integration
- Admin-assisted password reset workflow
- Comprehensive security considerations
Added ADR-0019 for BDD Feature Structure:
- Epic/User Story organization pattern
- Unified development workflow
- Source of truth hierarchy
Added ADR-0020 for Docker Build Strategy:
- Multi-stage build approach
- Cache optimization strategy
- Production vs development build differences
Added technical documentation:
- Complete user management system specification
- API endpoints and integration details
- Security architecture and best practices
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
- Created comprehensive Gitmoji cheatsheet in documentation/
- Added quick reference to README for common Gitmoji
- Links to full cheatsheet for all Gitmoji options
- Helps team use consistent commit message format
This provides:
- Quick visual reference for common Gitmoji
- Examples of good/bad commit messages
- Best practices for commit formatting
- Easy access to full reference when needed
No more guessing which Gitmoji to use!
Refs: #documentation, #gitmoji, #conventions
- Created comprehensive agent usage guide in documentation/
- Added quick launch commands to README
- Provides clear guidance on when to use each agent
- Includes workflow examples and best practices
- Links to full documentation for details
This makes it easier for new users to:
- Launch the correct agent for their task
- Follow established workflows
- Understand agent capabilities
- Find troubleshooting help
Refs: #documentation, #onboarding, #usability
- Moved all documentation files from doc/ to documentation/
- Removed empty doc/ directory
- Single unified location for all project documentation
- Includes BDD guide, CI/CD testing guide, version management guide
Refs: #documentation, #organization, #cleanup
