Initial commit from monorepo

kyc/__init__.py

@@ -0,0 +1 @@
+# Django orders service

kyc/settings.py

@@ -0,0 +1,147 @@
+import os
+from pathlib import Path
+from urllib.parse import urlparse
+from dotenv import load_dotenv
+from infisical_sdk import InfisicalSDKClient
+import sentry_sdk
+from sentry_sdk.integrations.django import DjangoIntegration
+
+load_dotenv()
+
+INFISICAL_API_URL = os.environ["INFISICAL_API_URL"]
+INFISICAL_CLIENT_ID = os.environ["INFISICAL_CLIENT_ID"]
+INFISICAL_CLIENT_SECRET = os.environ["INFISICAL_CLIENT_SECRET"]
+INFISICAL_PROJECT_ID = os.environ["INFISICAL_PROJECT_ID"]
+INFISICAL_ENV = os.environ.get("INFISICAL_ENV", "prod")
+
+client = InfisicalSDKClient(host=INFISICAL_API_URL)
+client.auth.universal_auth.login(
+    client_id=INFISICAL_CLIENT_ID,
+    client_secret=INFISICAL_CLIENT_SECRET,
+)
+
+# Fetch secrets from /kyc and /shared
+for secret_path in ["/kyc", "/shared"]:
+    secrets_response = client.secrets.list_secrets(
+        environment_slug=INFISICAL_ENV,
+        secret_path=secret_path,
+        project_id=INFISICAL_PROJECT_ID,
+        expand_secret_references=True,
+        view_secret_value=True,
+    )
+    for secret in secrets_response.secrets:
+        os.environ[secret.secretKey] = secret.secretValue
+
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'dev-secret-key-change-in-production')
+
+DEBUG = os.getenv('DEBUG', 'False') == 'True'
+
+# Sentry/GlitchTip configuration
+SENTRY_DSN = os.getenv('SENTRY_DSN', '')
+if SENTRY_DSN:
+    sentry_sdk.init(
+        dsn=SENTRY_DSN,
+        integrations=[DjangoIntegration()],
+        auto_session_tracking=False,
+        traces_sample_rate=0.01,
+        release=os.getenv('RELEASE_VERSION', '1.0.0'),
+        environment=os.getenv('ENVIRONMENT', 'production'),
+        send_default_pii=False,
+        debug=DEBUG,
+    )
+
+ALLOWED_HOSTS = ['*']
+
+CSRF_TRUSTED_ORIGINS = ['https://kyc.optovia.ru']
+
+INSTALLED_APPS = [
+    'whitenoise.runserver_nostatic',
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'corsheaders',
+    'graphene_django',
+    'kyc_app',
+]
+
+MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
+    'django.middleware.security.SecurityMiddleware',
+    'whitenoise.middleware.WhiteNoiseMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'kyc.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'kyc.wsgi.application'
+
+db_url = os.environ["KYC_DATABASE_URL"]
+parsed = urlparse(db_url)
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': parsed.path.lstrip('/'),
+        'USER': parsed.username,
+        'PASSWORD': parsed.password,
+        'HOST': parsed.hostname,
+        'PORT': str(parsed.port) if parsed.port else '',
+    }
+}
+
+# Internationalization
+LANGUAGE_CODE = 'ru-ru'
+TIME_ZONE = 'UTC'
+USE_I18N = True
+USE_TZ = True
+
+# Static files
+STATIC_URL = '/static/'
+STATIC_ROOT = BASE_DIR / 'staticfiles'
+
+# Default primary key field type
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# CORS
+CORS_ALLOW_ALL_ORIGINS = False
+CORS_ALLOWED_ORIGINS = ['https://optovia.ru']
+CORS_ALLOW_CREDENTIALS = True
+
+# Logto JWT settings
+LOGTO_JWKS_URL = os.getenv('LOGTO_JWKS_URL', 'https://auth.optovia.ru/oidc/jwks')
+LOGTO_ISSUER = os.getenv('LOGTO_ISSUER', 'https://auth.optovia.ru/oidc')
+LOGTO_KYC_AUDIENCE = os.getenv('LOGTO_KYC_AUDIENCE', 'https://kyc.optovia.ru')
+LOGTO_ID_TOKEN_AUDIENCE = os.getenv('LOGTO_ID_TOKEN_AUDIENCE')
+
+# Odoo connection (internal M2M)
+ODOO_INTERNAL_URL = os.getenv('ODOO_INTERNAL_URL', 'odoo:8069')
+
+# Temporal connection
+TEMPORAL_HOST = os.getenv('TEMPORAL_HOST', 'temporal:7233')
+TEMPORAL_NAMESPACE = os.getenv('TEMPORAL_NAMESPACE', 'default')
+TEMPORAL_TASK_QUEUE = os.getenv('TEMPORAL_TASK_QUEUE', 'platform-worker')

kyc/settings_local.py

@@ -0,0 +1,117 @@
+import os
+from pathlib import Path
+from urllib.parse import urlparse
+from dotenv import load_dotenv
+import sentry_sdk
+from sentry_sdk.integrations.django import DjangoIntegration
+
+load_dotenv()
+
+
+
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'dev-secret-key-change-in-production')
+
+DEBUG = True
+
+# Sentry/GlitchTip configuration
+SENTRY_DSN = os.getenv('SENTRY_DSN', '')
+if SENTRY_DSN:
+    sentry_sdk.init(
+        dsn=SENTRY_DSN,
+        integrations=[DjangoIntegration()],
+        auto_session_tracking=False,
+        traces_sample_rate=0.01,
+        release=os.getenv('RELEASE_VERSION', '1.0.0'),
+        environment=os.getenv('ENVIRONMENT', 'production'),
+        send_default_pii=False,
+        debug=DEBUG,
+    )
+
+ALLOWED_HOSTS = ['*']
+
+CSRF_TRUSTED_ORIGINS = ['https://kyc.optovia.ru']
+
+INSTALLED_APPS = [
+    'whitenoise.runserver_nostatic',
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'corsheaders',
+    'graphene_django',
+    'kyc_app',
+]
+
+MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
+    'django.middleware.security.SecurityMiddleware',
+    'whitenoise.middleware.WhiteNoiseMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'kyc.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'kyc.wsgi.application'
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": BASE_DIR / "db.sqlite3",
+    }
+}
+# Internationalization
+LANGUAGE_CODE = 'ru-ru'
+TIME_ZONE = 'UTC'
+USE_I18N = True
+USE_TZ = True
+
+# Static files
+STATIC_URL = '/static/'
+STATIC_ROOT = BASE_DIR / 'staticfiles'
+
+# Default primary key field type
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# CORS
+CORS_ALLOW_ALL_ORIGINS = False
+CORS_ALLOWED_ORIGINS = ['http://localhost:3000', 'https://optovia.ru']
+CORS_ALLOW_CREDENTIALS = True
+
+# Logto JWT settings
+LOGTO_JWKS_URL = os.getenv('LOGTO_JWKS_URL', 'https://auth.optovia.ru/oidc/jwks')
+LOGTO_ISSUER = os.getenv('LOGTO_ISSUER', 'https://auth.optovia.ru/oidc')
+LOGTO_KYC_AUDIENCE = os.getenv('LOGTO_KYC_AUDIENCE', 'https://kyc.optovia.ru')
+LOGTO_ID_TOKEN_AUDIENCE = os.getenv('LOGTO_ID_TOKEN_AUDIENCE')
+
+# Odoo connection (internal M2M)
+ODOO_INTERNAL_URL = os.getenv('ODOO_INTERNAL_URL', 'odoo:8069')
+
+# Temporal connection
+TEMPORAL_HOST = os.getenv('TEMPORAL_HOST', 'temporal:7233')
+TEMPORAL_NAMESPACE = os.getenv('TEMPORAL_NAMESPACE', 'default')
+TEMPORAL_TASK_QUEUE = os.getenv('TEMPORAL_TASK_QUEUE', 'platform-worker')

kyc/urls.py

@@ -0,0 +1,10 @@
+from django.contrib import admin
+from django.urls import path
+from django.views.decorators.csrf import csrf_exempt
+from kyc_app.views import UserGraphQLView
+from kyc_app.schemas.user_schema import user_schema
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('graphql/user/', csrf_exempt(UserGraphQLView.as_view(graphiql=True, schema=user_schema))),
+]

kyc/wsgi.py

@@ -0,0 +1,6 @@
+import os
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'kyc.settings')
+
+application = get_wsgi_application()