- Downgraded Swashbuckle.AspNetCore.Annotations package to version 7.2.0 for compatibility.
- Enhanced Swagger documentation with detailed API description, features, and contact information.
- Added JWT Bearer security definition to improve API security.
- Updated launch settings to change the application URL from localhost:5000 to localhost:5003.
- Modified connection strings in appsettings.json for membership and storage services to use the new database host and credentials.
- Updated Redis configuration with new host, port, and authentication details.
- Changed JWT secret key to enhance security and updated issuer and audience settings for consistency across services.
- Updated CreateMemberCommand and UpdateMemberProfileCommand to include optional gender and preferences fields.
- Modified Member entity to store gender and preferences, improving member data handling.
- Implemented validation for gender and preferences in command validators.
- Adjusted command handlers to support new fields during member creation and profile updates.
- Updated unit tests to verify new functionality for gender and preferences management.
- Added detailed sections for Organization, Group, Access Request, Access Review, and Audit & Compliance aggregates in both English and Vietnamese.
- Included class diagrams and enumerations to enhance understanding of the new structures and their relationships.
- Updated the AuditEventType table to reflect 18 event types, improving clarity on event handling within the IAM Service.
- Added detailed sections for new API endpoints in both English and Vietnamese, covering functionalities for managing organizations, groups, access requests, access reviews, privileged access, audit logs, and compliance reports.
- Enhanced documentation clarity and accessibility, reflecting the latest features introduced in the IAM Service.
- Added Access Requests, Access Reviews, Privileged Access Management, Audit Log, and Compliance APIs to enhance access management and governance capabilities.
- Updated the DbContext to include new entities for AuditLog and ComplianceReport, improving data handling for compliance and auditing.
- Enhanced Dependency Injection to support new repositories for the added functionalities, streamlining service operations.
- Introduced new AccessReview and PrivilegedAccess entities in the DbContext to enhance access management capabilities.
- Updated Dependency Injection to include AccessReviewRepository and PrivilegedAccessRepository, improving service functionality for access reviews and privileged access management.
- Introduced new Access Request and Access Request Approver entities in the DbContext to support access management features.
- Updated Dependency Injection to include the AccessRequestRepository, enhancing the service's capabilities for handling access requests.
- Added example curl command for token retrieval using the test account, improving developer experience for testing authentication flows.
- Added new sections for Organization & Group APIs, User Profile APIs, and Identity Verification APIs in both English and Vietnamese documentation, reflecting the features introduced in Phase 2.
- Revised the implementation roadmap to indicate the completion of Identity Management features, enhancing clarity on the current capabilities of the IAM Service.
- Updated the Dependency Injection and DbContext to include new repositories and database tables for the added functionalities.
- Deleted various outdated files including configuration, documentation, and source code related to the organization service.
- This cleanup enhances repository maintainability by removing obsolete components that are no longer in use.
- Deleted various outdated files related to the IAM service, including configuration files, documentation, and test scripts, to streamline the project structure.
- This cleanup helps maintain focus on current practices and ensures that only relevant and up-to-date information is retained in the repository.
- Expanded the API documentation to include detailed sections on file management endpoints, including upload, retrieval, sharing, and deletion.
- Added a comprehensive overview of pre-signed URLs and access levels, clarifying the differences between public, private, and shared file access.
- Introduced a new architecture section detailing the download URL generation flow and security considerations for pre-signed URLs.
- Enhanced the README with examples and explanations to improve developer understanding of file access and management processes.
- Updated the GenerateObjectKey method to include a prefix based on the file access level (public, private, shared).
- Improved documentation for the method to clarify the path structure and its implications for file accessibility.
- Adjusted the UploadFileCommandHandler to utilize the new object key generation logic, ensuring proper file organization in storage.
- Introduced a new endpoint to retrieve CDN URLs for public files, falling back to pre-signed URLs when necessary.
- Enhanced caching for file metadata retrieval in GetFileQueryHandler to improve performance.
- Updated file handling commands to invalidate relevant caches upon file operations.
- Added configuration settings for CDN in appsettings.json to manage CDN behavior.
- Implemented new data models for CDN URL responses and integrated them into the API response structure.
- Added multipart upload methods to the IStorageProvider interface and implemented them in the MinioStorageProvider and AliyunOssStorageProvider classes.
- Integrated Redis caching for user quota management in ConfirmUploadCommandHandler and DeleteFileCommandHandler to ensure updated quota values.
- Enhanced GetUserQuotaQueryHandler to utilize cache-aside pattern for improved performance.
- Updated Dependency Injection to register Redis cache service and configured related settings.
- Introduced database schema changes to support multipart uploads and their parts.
- Introduced a new section detailing the Multipart Upload architecture for files larger than 100MB, including a comparison of upload methods.
- Documented the Multipart Upload flow with a sequence diagram illustrating the process from initiation to completion.
- Listed the relevant API endpoints for Multipart Upload, including initiation, part uploads, completion, and progress checking.
- Added a database schema section for tracking multipart uploads and their parts, enhancing clarity on data management.
- Added the Membership Service configuration to the local docker-compose.yml, replacing the previous Social Service setup.
- Implemented IAM Service client with caching and health check capabilities in the Membership Service.
- Created Dependency Injection for IAM Service settings and registered the HttpClient for communication.
- Removed the outdated docker-compose.yml for the previous Social Service.
- Enhanced IAM Service client functionality to validate users, retrieve roles, and manage permissions.
- Updated the README and ARCHITECTURE documentation to emphasize the Logical Folder structure, clarifying that folders are a logical concept in the database rather than dependent on bucket structure.
- Highlighted the benefits of using UUID-based keys and a flat bucket structure, including improved performance, security, and scalability.
- Provided detailed examples of database schema, workflows, and performance comparisons to illustrate the advantages of the new approach over traditional methods.
- Enhanced explanations of folder management processes, including creation, renaming, and file uploads, to improve developer understanding and implementation.
- Updated the architecture documentation to emphasize the Logical Folder structure and its alignment with Data Sovereignty principles.
- Introduced a clear distinction between logical and physical storage, highlighting the benefits of using UUID-based keys and a flat bucket structure.
- Provided detailed examples of database schema, workflows, and performance comparisons to illustrate the advantages of the new approach over traditional bucket-based methods.
- Enhanced explanations of folder creation, renaming, and file management processes to improve developer understanding and implementation.
- Enhanced the architecture documentation to recommend direct upload over legacy proxy upload for improved performance and scalability.
- Added detailed comparisons of upload patterns, including throughput, memory usage, and latency.
- Updated API endpoint documentation to reflect new direct upload methods and their benefits.
- Included examples for direct upload flow and bucket directory structure to aid developers in implementation.
- Expanded the README documentation to include detailed instructions for Docker network configuration and JWT token issuer setup for inter-service communication.
- Added troubleshooting tips for common issues related to JWT issuer mismatch and container networking.
- Updated caching information and clarified available methods for the IIamServiceClient.
- Added a fixed issuer URI for inter-service communication in the docker-compose.yml and appsettings.json.
- Updated DependencyInjection to utilize the new issuer URI, ensuring consistency across hosts and containers.
- Added curl installation in the IAM service Dockerfile for improved functionality.
- Removed the deprecated docker-compose.yml for the Storage Service, consolidating service definitions.
- Ensured consistency in the build and publish commands for the Storage Service Dockerfile.
- Changed the IAM service base URL from "http://iam-service:5001" to "http://iam-service-net:8080" in both the local docker-compose.yml and the IamServiceClient class to ensure consistency across configurations.
- Updated the UsersController to ensure that the Email field defaults to an empty string if null, and the Status field defaults to "Unknown" if not set. This improves the robustness of the user data returned in API responses.
- Changed authorization schemes in AuthController, RolesController, and UsersController from JwtBearerDefaults.AuthenticationScheme to "Bearer" for uniformity across the application.
- Added new endpoints in UsersController to retrieve user roles and permissions by user ID, enhancing user management capabilities.
- Added IAM service configuration to the local docker-compose.yml for streamlined deployment.
- Removed the separate docker-compose.yml file from the IAM service directory to consolidate service definitions.
- Added phone number field to the registration example in the API documentation.
- Included detailed response structure for registration and email verification endpoints.
- Updated email confirmation example to use email instead of userId for clarity.
- Enhanced two-factor authentication response to include manual entry key and recovery codes.
- Updated recovery code generation to use 12 bytes for base64 conversion, ensuring sufficient characters.
- Implemented fallback padding to guarantee a minimum length of 8 characters for generated codes.
- Adjusted formatting to maintain readability with XXXX-XXXX structure.
- Changed SMTP configuration to use specific credentials and sender details for the GoodGo IAM service.
- Updated sender email and name to reflect the new service branding.
- Modified logging levels in `appsettings.Development.json` to enhance log visibility.
- Added Serilog configuration for structured logging and console output.
- Updated Redis connection settings for improved security and performance.
- Introduced email configuration settings for SMTP integration.
- Added two-factor authentication settings and social login configurations for Google and Facebook.
- Updated the default connection string in `appsettings.json` to match the new database setup.
- Deleted the `Login` method and associated `LoginRequest` and `LoginResponse` models from `AuthController.cs` to streamline authentication processes.
- This change simplifies the codebase by removing unused components related to the Resource Owner Password Grant flow.
- Added JWT Bearer authentication configuration in `Program.cs` for IAM service integration.
- Updated Swagger setup to include JWT Bearer security definition and requirements.
- Introduced a new Swagger UI client for testing with resource owner password grant type in `Config.cs`.
- Included necessary package reference for `Microsoft.AspNetCore.Authentication.JwtBearer` in the project file.
- Added Swagger support in `Program.cs` to enhance API documentation and enable annotations.
- Updated project file to generate XML documentation for Swagger and included the `Swashbuckle.AspNetCore.Annotations` package.
- Modified `FilesController` and `QuotaController` to support API versioning and updated route attributes accordingly.
- Changed the default bucket name in `appsettings.Development.json` from "storage" to "goodgo" and updated MinIO endpoint and credentials for improved access.
- Modified the service initialization in `Program.cs` to include the environment name, enhancing configuration flexibility.
- Added a missing namespace in `CustomWebApplicationFactory.cs` for better test setup.
- Removed obsolete unit test files for `CreateSampleCommandHandler` and `SampleAggregate`, streamlining the test suite.
- Updated `appsettings.Development.json` to change the database connection string for the storage service.
- Added `Microsoft.EntityFrameworkCore.Design` package reference to the project file for design-time features.
- Removed obsolete command and handler files related to sample management, including `ChangeSampleStatusCommand`, `CreateSampleCommand`, `UpdateSampleCommand`, and their respective handlers.
- Cleaned up the `SamplesController` and related query and validation files to streamline the codebase.
- Modified local `.env` and `.env.local` files to include external Redis configuration and IAM service database connection details.
- Updated `docker-compose.yml` to disable local Redis service in favor of an external Redis instance.
- Added JWT configuration parameters for the IAM service, enhancing security and token management.
- Revised example environment file to reflect new configuration options for external services.
- Enhanced documentation to clarify setup instructions for local development with external dependencies.
