admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
48bb30b0096b4df60e94b563376825f9cc2ca921
pos-system/services/storage-service-net
History
Ho Ngoc Hai 619a06fafe fix(security): remove external Redis/MinIO/SMTP credentials from base appsettings.json 
SEC-C-01 extended gap: 3 base appsettings.json files still referenced external
infrastructure (167.114.174.113) with Velik@2026 credentials and real SMTP
password — missed by the Wave 1 security fix which targeted DB credentials only.

Changes:
- iam-service-net/appsettings.json: Redis localhost (removed Velik@2026),
  SMTP localhost:1025 (removed Mailgun credentials)
- membership-service-net/appsettings.json: Redis localhost (removed Velik@2026)
- storage-service-net/appsettings.json: MinIO→localhost:9000 minioadmin/minioadmin,
  Redis→localhost (removed Velik@2026)

All production credentials (Redis, MinIO, SMTP) must be injected via
environment variables. Base appsettings.json targets docker-compose local stack.

CTO review finding: Redis__Password, MinIO:SecretKey, Email:SmtpPassword
must never appear in committed config files.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-23 09:54:59 +07:00
..
docs
docs: Add new services, update existing service documentation, and enhance IAM and Storage service features.
2026-01-18 23:44:03 +07:00
src
fix(security): remove external Redis/MinIO/SMTP credentials from base appsettings.json
2026-03-23 09:54:59 +07:00
tests
feat: Thêm các unit test cho iam-service-net, cập nhật Dockerfile của merchant-service-net để tăng cường bảo mật và cải thiện quy trình build, đồng thời sửa đổi các unit test hiện có trong storage-service-net.
2026-01-15 18:58:04 +07:00
.env.example
feat(authentication): Implement email verification, two-factor authentication, and social login features
2026-01-12 23:07:53 +07:00
.gitignore
feat(authentication): Implement email verification, two-factor authentication, and social login features
2026-01-12 23:07:53 +07:00
Directory.Build.props
feat(authentication): Implement email verification, two-factor authentication, and social login features
2026-01-12 23:07:53 +07:00
Dockerfile
chore(docker): Update IAM and Storage Service Dockerfiles
2026-01-13 19:57:51 +07:00
global.json
feat(authentication): Implement email verification, two-factor authentication, and social login features
2026-01-12 23:07:53 +07:00
README.md
docs: Add new services, update existing service documentation, and enhance IAM and Storage service features.
2026-01-18 23:44:03 +07:00
SERVICE_DOCS.md
docs: add SERVICE_DOCS.md for all 24 microservices from per-service code audit
2026-03-13 17:54:53 +07:00
StorageService.slnx
feat(authentication): Implement email verification, two-factor authentication, and social login features
2026-01-12 23:07:53 +07:00

README.md

Storage Service

A .NET 10 microservice for file storage management supporting MinIO and Aliyun OSS.

Documentation

EN: English Documentation
VI: Tài liệu Tiếng Việt

Quick Links

Features

  • Multi-provider Storage: MinIO (S3-compatible) and Aliyun OSS
  • Runtime Provider Switching: Switch providers via environment variable
  • Complete File CRUD: Upload, download, delete, list files
  • Pre-signed URLs: Secure time-limited download/upload URLs
  • User Quotas: Storage capacity and file count limits
  • Folder Management: Logical folder organization (database-based)
  • File Versioning: Track and restore file versions
  • File Sharing: Share links with password, expiration, download limits
  • Inter-service Auth: JWT validation via IAM Service

Tech Stack

  • .NET 10
  • PostgreSQL
  • MinIO / Aliyun OSS
  • Redis (caching)
  • RabbitMQ (events)

Quick Start

cd services/storage-service-net

# Run with Docker
docker-compose up -d

# Or run locally
dotnet run --project src/StorageService.API

Access: http://localhost:5002/swagger

Project Structure

services/storage-service-net/
├── src/
│   ├── StorageService.API/           # Controllers, Commands, Queries
│   ├── StorageService.Domain/        # Entities, Repository interfaces
│   └── StorageService.Infrastructure/# Providers, DbContext, Repositories
├── tests/
│   ├── StorageService.UnitTests/
│   └── StorageService.FunctionalTests/
├── docs/
│   ├── en/                           # English documentation
│   └── vi/                           # Vietnamese documentation
└── README.md

License

MIT

Reference in New Issue View Git Blame Copy Permalink