coulomb/direkt-vermittlung-de
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45d60fc1a994c5cca4fd77ae15698cbefae7d549
direkt-vermittlung-de/prototype-chatgpt5/IMPLEMENTATION_GUIDE.md

2.5 KiB
Raw Blame History

Implementation Guide DirektVermittlungDe (FastAPI)

This guide explains how this codebase implements the architectural decisions and API specification of DirektVermittlungDe.

1. Architecture Mapping

  • Belegorientierung: Document is the central aggregate.

    • Domain models in app/domain/models.py
    • ORM model in app/adapters/orm.py::Document

  • Interaction Threads: Thread and Message map to interaction threads and their logs.

    • Cursor-based pagination implemented in app/service/threads_service.py::list_messages
    • The created_at timestamp is used as the pagination cursor.

  • Routing Engine:

    • Implemented as an adapter in app/adapters/routing.py
    • Operates solely on DocumentMetadata (plaintext) as required by the split-payload model.

  • Asynchronous Exports:

    • POST /exportsstart_export() in app/service/exports_service.py
    • Returns 202 Accepted with jobId and uses a job registry (app/adapters/jobs.py)
    • In a production system this would publish to Redis / RabbitMQ and be processed by workers.

2. Security

  • Auth:

    • OAuth2 / JWT is abstracted in app/adapters/auth.py.
    • In this reference implementation, we parse unverified claims; in production, validate via JWKS.

  • Data Protection:

    • Encrypted payloads are treated as opaque strings and stored via app/adapters/storage.py.
    • Only routing metadata is stored in PostgreSQL for server-side logic.

  • Retention:

    • Each Document gets a retention_date, set to a grace period in the future.
    • Implement a periodic cleanup job that deletes rows where retention_date < NOW().

3. Performance / Hybrid Concurrency

  • All endpoints are async def and rely on the async SQLAlchemy engine.
  • CPU-heavy operations (PDF merge, crypto) must not be run inside the event loop.
    • To extend this, create a ProcessPoolExecutor in workers/ and call via loop.run_in_executor.

4. Extending the System

  • Real Routing Rules:
    • Add a routing_rules table and adapt app/adapters/routing.py to query it.
  • Real Export Workers:
    • Replace jobs.py with a Redis-backed queue and a worker process in workers/exports_worker.py.
  • Authority Integration:
    • Call the authoritys eAkte ingress API from the worker, using authority-specific keys.

5. Definition of Done Checklist

Before going to production:

  • Load-test POST /documents and GET /threads/{id}/messages.
  • Verify that logs never contain Aktenzeichen or other PII.
  • Verify that retention cleanup jobs work correctly on staging data.
Reference in New Issue View Git Blame Copy Permalink