a7a753bf38
EOD Reports & Daily Close (order-service + Blazor UI): - GetEodReportQuery: Dapper query for revenue, orders, payment breakdown, top items, hourly chart - CloseDayCommand: check pending orders, generate final report - EodReport.razor: 6 KPI cards, donut/bar charts, top 10 table, close-day dialog - FluentValidation for both query and command - BFF proxy endpoints for reports Security Audit — Rate Limiting: - Tighten auth-ratelimit from 100 to 10 req/min (brute force protection) - Add payment-ratelimit (30/min), api-ratelimit (100/min), hub-ratelimit (500/min) - Apply rate limits to ALL Traefik routers (previously many had none) Security Audit — Input Sanitization (44 missing validators created): - iam-service: 14 validators (auth, user, role commands) - merchant-service: 11 validators (admin, attendance commands) - wallet-service: 7 validators (wallet, points commands) - fnb-engine: 7 validators (session, table, ticket, reservation) - catalog-service: 6 validators (product, category CRUD) - storage-service: 6 validators (upload, share, quota) - order-service: 2 validators (complete order/payment) Critical Path Unit Tests (30 new tests): - inventory-service: 12 tests (deduction, partial stock, idempotency) - wallet-service: 14 tests (create payment, process callback, domain events) - fnb-engine: 8 tests (kitchen-served event handler, inventory client integration) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Storage Service
A .NET 10 microservice for file storage management supporting MinIO and Aliyun OSS.
Documentation
Quick Links
Features
- Multi-provider Storage: MinIO (S3-compatible) and Aliyun OSS
- Runtime Provider Switching: Switch providers via environment variable
- Complete File CRUD: Upload, download, delete, list files
- Pre-signed URLs: Secure time-limited download/upload URLs
- User Quotas: Storage capacity and file count limits
- Folder Management: Logical folder organization (database-based)
- File Versioning: Track and restore file versions
- File Sharing: Share links with password, expiration, download limits
- Inter-service Auth: JWT validation via IAM Service
Tech Stack
- .NET 10
- PostgreSQL
- MinIO / Aliyun OSS
- Redis (caching)
- RabbitMQ (events)
Quick Start
cd services/storage-service-net
# Run with Docker
docker-compose up -d
# Or run locally
dotnet run --project src/StorageService.API
Access: http://localhost:5002/swagger
Project Structure
services/storage-service-net/
├── src/
│ ├── StorageService.API/ # Controllers, Commands, Queries
│ ├── StorageService.Domain/ # Entities, Repository interfaces
│ └── StorageService.Infrastructure/# Providers, DbContext, Repositories
├── tests/
│ ├── StorageService.UnitTests/
│ └── StorageService.FunctionalTests/
├── docs/
│ ├── en/ # English documentation
│ └── vi/ # Vietnamese documentation
└── README.md
License
MIT