kybernus 2.1.1 → 2.2.1

package/templates/python-fastapi/hexagonal/infra/modules/vpc/main.tf.hbs

@@ -10,81 +10,213 @@ variable "environment" {
 
 # VPC
 resource "aws_vpc" "main" {
-  cidr_block = "10.0.0.0/16"
+  cidr_block           = "10.0.0.0/16"
   enable_dns_hostnames = true
-  enable_dns_support = true
+  enable_dns_support   = true
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-vpc"
+    Name        = "${var.app_name}-${var.environment}-vpc"
     Environment = var.environment
   }
 }
 
+# Internet Gateway
+resource "aws_internet_gateway" "main" {
+  vpc_id = aws_vpc.main.id
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-igw"
+    Environment = var.environment
+  }
+}
+
+# Data source for AZs
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
 # Public Subnets
 resource "aws_subnet" "public" {
-  count = 2
+  count                   = 2
+  vpc_id                  = aws_vpc.main.id
+  cidr_block              = "10.0.${count.index + 1}.0/24"
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  map_public_ip_on_launch = true
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Environment = var.environment
+  }
+}
+
+# Route Table for Public Subnets
+resource "aws_route_table" "public" {
   vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 1}.0/24"
-  availability_zone = data.aws_availability_zones.available.names[count.index]
 
-  map_public_ip_on_launch = true
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.main.id
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-rt"
+    Environment = var.environment
+  }
+}
+
+# Association for Public Subnets
+resource "aws_route_table_association" "public" {
+  count          = 2
+  subnet_id      = aws_subnet.public[count.index].id
+  route_table_id = aws_route_table.public.id
+}
+
+# Elastic IP for NAT Gateway
+resource "aws_eip" "nat" {
+  count  = 1
+  domain = "vpc"
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-nat-eip"
+    Environment = var.environment
+  }
+}
+
+# NAT Gateway (single NAT for cost savings, can change to 1 per AZ for production if needed)
+resource "aws_nat_gateway" "main" {
+  count         = 1
+  allocation_id = aws_eip.nat[0].id
+  subnet_id     = aws_subnet.public[0].id
+
+  depends_on = [aws_internet_gateway.main]
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-nat"
     Environment = var.environment
   }
 }
 
 # Private Subnets
 resource "aws_subnet" "private" {
-  count = 2
-  vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 10}.0/24"
+  count             = 2
+  vpc_id            = aws_vpc.main.id
+  cidr_block        = "10.0.${count.index + 10}.0/24"
   availability_zone = data.aws_availability_zones.available.names[count.index]
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-private-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-private-${count.index + 1}"
     Environment = var.environment
   }
 }
 
-# Internet Gateway
-resource "aws_internet_gateway" "main" {
+# Route Table for Private Subnets
+resource "aws_route_table" "private" {
   vpc_id = aws_vpc.main.id
 
+  route {
+    cidr_block     = "0.0.0.0/0"
+    nat_gateway_id = aws_nat_gateway.main[0].id
+  }
+
   tags = {
-    Name = "${var.app_name}-${var.environment}-igw"
+    Name        = "${var.app_name}-${var.environment}-private-rt"
     Environment = var.environment
   }
 }
 
-# Data source for AZs
-data "aws_availability_zones" "available" {
-  state = "available"
+# Association for Private Subnets
+resource "aws_route_table_association" "private" {
+  count          = 2
+  subnet_id      = aws_subnet.private[count.index].id
+  route_table_id = aws_route_table.private.id
+}
+
+# Security Group for Load Balancer (ALB)
+resource "aws_security_group" "alb" {
+  name        = "${var.app_name}-${var.environment}-alb-sg"
+  description = "Security group for ALB"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTP from anywhere"
+  }
+
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTPS from anywhere"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-alb-sg"
+    Environment = var.environment
+  }
 }
 
-# Security Group for DB
+# Security Group for ECS Tasks
+resource "aws_security_group" "ecs_tasks" {
+  name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+  description = "Security group for ECS tasks"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port       = 0
+    to_port         = 0
+    protocol        = "-1"
+    security_groups = [aws_security_group.alb.id]
+    description     = "Allow all traffic from ALB"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow all outbound traffic"
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+    Environment = var.environment
+  }
+}
+
+# Security Group for Database (RDS)
 resource "aws_security_group" "db" {
-  name = "${var.app_name}-${var.environment}-db-sg"
+  name        = "${var.app_name}-${var.environment}-db-sg"
   description = "Security group for database"
-  vpc_id = aws_vpc.main.id
+  vpc_id      = aws_vpc.main.id
 
   ingress {
-    from_port = 5432
-    to_port = 5432
-    protocol = "tcp"
-    cidr_blocks = ["10.0.0.0/16"]
+    from_port       = 5432
+    to_port         = 5432
+    protocol        = "tcp"
+    security_groups = [aws_security_group.ecs_tasks.id]
+    description     = "Allow PostgreSQL access from ECS tasks"
   }
 
   egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-db-sg"
+    Name        = "${var.app_name}-${var.environment}-db-sg"
     Environment = var.environment
   }
 }
@@ -104,4 +236,12 @@ output "private_subnet_ids" {
 
 output "db_security_group_id" {
   value = aws_security_group.db.id
-}
+}
+
+output "alb_security_group_id" {
+  value = aws_security_group.alb.id
+}
+
+output "ecs_tasks_security_group_id" {
+  value = aws_security_group.ecs_tasks.id
+}

package/templates/python-fastapi/mvc/app/controllers/auth.py.hbs

@@ -1,11 +1,13 @@
 from fastapi import APIRouter, HTTPException, Depends
+from sqlalchemy.orm import Session
 from pydantic import BaseModel, EmailStr
 from app.middleware.security import hash_password, verify_password, create_access_token, get_current_user
+from app.database import get_db
+from app.models.user import User
+from app.repositories.user_repository import UserRepository
 
 router = APIRouter()
-
-# In-memory user store (replace with database)
-users_db: dict = {}
+user_repo = UserRepository()
 
 class UserRegister(BaseModel):
     email: EmailStr
@@ -21,26 +23,33 @@ class AuthResponse(BaseModel):
     user: dict
 
 @router.post("/register", response_model=AuthResponse)
-async def register(data: UserRegister):
-    if data.email in users_db:
+async def register(data: UserRegister, db: Session = Depends(get_db)):
+    existing_user = user_repo.get_by_email(db, data.email)
+    if existing_user:
         raise HTTPException(status_code=400, detail="User already exists")
     
     hashed = hash_password(data.password)
-    user = {"id": str(len(users_db) + 1), "email": data.email, "name": data.name, "password": hashed}
-    users_db[data.email] = user
+    new_user = User(email=data.email, name=data.name, password=hashed)
+    
+    user = user_repo.create(db, new_user)
     
-    token = create_access_token({"sub": user["id"], "email": user["email"]})
-    return {"token": token, "user": {"id": user["id"], "email": user["email"], "name": user["name"]}}
+    token = create_access_token({"sub": user.id, "email": user.email})
+    return {"token": token, "user": {"id": user.id, "email": user.email, "name": user.name}}
 
 @router.post("/login", response_model=AuthResponse)
-async def login(data: UserLogin):
-    user = users_db.get(data.email)
-    if not user or not verify_password(data.password, user["password"]):
+async def login(data: UserLogin, db: Session = Depends(get_db)):
+    user = user_repo.get_by_email(db, data.email)
+    
+    if not user or not verify_password(data.password, user.password):
         raise HTTPException(status_code=401, detail="Invalid credentials")
     
-    token = create_access_token({"sub": user["id"], "email": user["email"]})
-    return {"token": token, "user": {"id": user["id"], "email": user["email"], "name": user["name"]}}
+    token = create_access_token({"sub": user.id, "email": user.email})
+    return {"token": token, "user": {"id": user.id, "email": user.email, "name": user.name}}
 
 @router.get("/me")
-async def get_me(current_user: dict = Depends(get_current_user)):
-    return {"user": current_user}
+async def get_me(current_user: dict = Depends(get_current_user), db: Session = Depends(get_db)):
+    user = user_repo.get_by_id(db, current_user["id"])
+    if not user:
+         raise HTTPException(status_code=404, detail="User not found")
+    
+    return {"user": {"id": user.id, "email": user.email, "name": user.name}}

package/templates/python-fastapi/mvc/app/controllers/items.py.hbs

@@ -1,21 +1,23 @@
-from fastapi import APIRouter, HTTPException
+from fastapi import APIRouter, HTTPException, Depends
+from sqlalchemy.orm import Session
 from app.services.item_service import ItemService
 from app.schemas.item import ItemCreate, ItemResponse
+from app.database import get_db
 
 router = APIRouter()
 service = ItemService()
 
 @router.get("/", response_model=list[ItemResponse])
-async def list_items():
-    return service.list_items()
+async def list_items(db: Session = Depends(get_db)):
+    return service.list_items(db)
 
 @router.post("/", response_model=ItemResponse, status_code=201)
-async def create_item(item: ItemCreate):
-    return service.create_item(item)
+async def create_item(item: ItemCreate, db: Session = Depends(get_db)):
+    return service.create_item(item, db)
 
 @router.get("/{item_id}", response_model=ItemResponse)
-async def get_item(item_id: str):
-    item = service.get_item(item_id)
+async def get_item(item_id: str, db: Session = Depends(get_db)):
+    item = service.get_item(item_id, db)
     if not item:
         raise HTTPException(status_code=404, detail="Item not found")
     return item

package/templates/python-fastapi/mvc/app/controllers/payments.py.hbs

@@ -1,32 +1,59 @@
-from fastapi import APIRouter, HTTPException
+from fastapi import APIRouter, HTTPException, Request, Depends
 from pydantic import BaseModel
+from sqlalchemy.orm import Session
+import stripe
 import os
+from app.database import get_db
 
 router = APIRouter()
 
+stripe.api_key = os.getenv("STRIPE_SECRET_KEY")
+webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
+
 class CheckoutRequest(BaseModel):
     price_id: str
     customer_id: str | None = None
 
 @router.post("/checkout")
 async def create_checkout(data: CheckoutRequest):
-    # Stripe integration would go here
-    # For now, return mock data
-    return {
-        "checkout_url": f"https://checkout.stripe.com/session_{data.price_id}",
-        "session_id": "cs_test_1234567890"
-    }
+    try:
+        session = stripe.checkout.Session.create(
+            mode="subscription",
+            payment_method_types=["card"],
+            line_items=[{"price": data.price_id, "quantity": 1}],
+            customer=data.customer_id,
+            success_url=f"{os.getenv('FRONTEND_URL')}/success?session_id={{CHECKOUT_SESSION_ID}}",
+            cancel_url=f"{os.getenv('FRONTEND_URL')}/cancel",
+        )
+        return {"checkout_url": session.url, "session_id": session.id}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
 
 @router.post("/webhook")
-async def stripe_webhook(payload: dict):
-    # Handle Stripe webhook events
-    event_type = payload.get("type")
+async def stripe_webhook(request: Request, db: Session = Depends(get_db)):
+    payload = await request.body()
+    sig_header = request.headers.get("stripe-signature")
+
+    try:
+        event = stripe.Webhook.construct_event(
+            payload, sig_header, webhook_secret
+        )
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail="Invalid payload")
+    except stripe.error.SignatureVerificationError as e:
+        raise HTTPException(status_code=400, detail="Invalid signature")
+
+    event_type = event.get("type")
     
     if event_type == "checkout.session.completed":
-        # Handle successful checkout
-        pass
+        session = event.get("data").get("object")
+        print(f"Checkout completed: {session.get('id')}")
+        # Update user in db
     elif event_type == "customer.subscription.updated":
-        # Handle subscription update
-        pass
-    
+        subscription = event.get("data").get("object")
+        print(f"Subscription updated: {subscription.get('id')}")
+    elif event_type == "customer.subscription.deleted":
+        subscription = event.get("data").get("object")
+        print(f"Subscription deleted: {subscription.get('id')}")
+        
     return {"received": True}

package/templates/python-fastapi/mvc/app/database.py.hbs

@@ -0,0 +1,17 @@
+from sqlalchemy import create_engine
+from sqlalchemy.orm import sessionmaker, declarative_base
+import os
+
+DATABASE_URL = os.getenv("DATABASE_URL", "postgresql://postgres:postgres@localhost:5432/{{projectNameSnakeCase}}")
+
+engine = create_engine(DATABASE_URL)
+SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+
+Base = declarative_base()
+
+def get_db():
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()

package/templates/python-fastapi/mvc/app/main.py.hbs

@@ -1,5 +1,9 @@
 from fastapi import FastAPI
 from app.controllers import health, auth, items, payments
+from app.database import engine, Base
+
+# Create tables (In production, use Alembic migrations instead)
+Base.metadata.create_all(bind=engine)
 
 app = FastAPI(title="{{projectName}}")
 

package/templates/python-fastapi/mvc/app/models/item.py.hbs

@@ -1,11 +1,14 @@
-from dataclasses import dataclass, field
+from sqlalchemy import Column, String, Float, DateTime
+from app.database import Base
 from datetime import datetime
-from typing import Optional
 import uuid
 
-@dataclass
-class Item:
-    id: str = field(default_factory=lambda: str(uuid.uuid4()))
-    name: str = ""
-    description: Optional[str] = None
-    created_at: datetime = field(default_factory=datetime.now)
+class Item(Base):
+    __tablename__ = "items"
+
+    id = Column(String, primary_key=True, default=lambda: str(uuid.uuid4()))
+    name = Column(String, nullable=False)
+    description = Column(String, nullable=True)
+    price = Column(Float, nullable=True)
+    created_at = Column(DateTime, default=datetime.utcnow)
+    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)

package/templates/python-fastapi/mvc/app/models/user.py.hbs

@@ -0,0 +1,15 @@
+from sqlalchemy import Column, String, DateTime
+from app.database import Base
+from datetime import datetime
+import uuid
+
+class User(Base):
+    __tablename__ = "users"
+
+    id = Column(String, primary_key=True, default=lambda: str(uuid.uuid4()))
+    email = Column(String, unique=True, index=True, nullable=False)
+    name = Column(String, nullable=True)
+    password = Column(String, nullable=False)
+    stripe_customer_id = Column(String, nullable=True)
+    created_at = Column(DateTime, default=datetime.utcnow)
+    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)

package/templates/python-fastapi/mvc/app/repositories/item_repository.py.hbs

@@ -0,0 +1,15 @@
+from sqlalchemy.orm import Session
+from app.models.item import Item
+
+class ItemRepository:
+    def get_all(self, db: Session) -> list[Item]:
+        return db.query(Item).all()
+
+    def get_by_id(self, db: Session, item_id: str) -> Item | None:
+        return db.query(Item).filter(Item.id == item_id).first()
+
+    def create(self, db: Session, item: Item) -> Item:
+        db.add(item)
+        db.commit()
+        db.refresh(item)
+        return item

package/templates/python-fastapi/mvc/app/repositories/user_repository.py.hbs

@@ -0,0 +1,15 @@
+from sqlalchemy.orm import Session
+from app.models.user import User
+
+class UserRepository:
+    def get_by_email(self, db: Session, email: str) -> User | None:
+        return db.query(User).filter(User.email == email).first()
+
+    def get_by_id(self, db: Session, user_id: str) -> User | None:
+        return db.query(User).filter(User.id == user_id).first()
+
+    def create(self, db: Session, user: User) -> User:
+        db.add(user)
+        db.commit()
+        db.refresh(user)
+        return user

package/templates/python-fastapi/mvc/app/services/item_service.py.hbs

@@ -1,24 +1,22 @@
+from sqlalchemy.orm import Session
 from app.models.item import Item
 from app.schemas.item import ItemCreate
-from typing import List, Optional
+from app.repositories.item_repository import ItemRepository
 
 class ItemService:
     def __init__(self):
-        self.items: dict[str, Item] = {}
-    
-    def list_items(self) -> List[Item]:
-        return list(self.items.values())
-    
-    def create_item(self, item_data: ItemCreate) -> Item:
-        item = Item(name=item_data.name, description=item_data.description)
-        self.items[item.id] = item
-        return item
-    
-    def get_item(self, item_id: str) -> Optional[Item]:
-        return self.items.get(item_id)
-    
-    def delete_item(self, item_id: str) -> bool:
-        if item_id in self.items:
-            del self.items[item_id]
-            return True
-        return False
+        self.item_repo = ItemRepository()
+
+    def list_items(self, db: Session):
+        return self.item_repo.get_all(db)
+
+    def create_item(self, item_data: ItemCreate, db: Session):
+        db_item = Item(
+            name=item_data.name, 
+            description=item_data.description, 
+            price=item_data.price
+        )
+        return self.item_repo.create(db, db_item)
+
+    def get_item(self, item_id: str, db: Session):
+        return self.item_repo.get_by_id(db, item_id)