elyssonmr / double-check Goto Github PK

The /request_token doesn't return a correct Status Code when the provided data is not valid. It returns a 500 status code (Internal Server Error) which is not correct for this situation.

It should return a 400 (Bad Request) informing which field is not valid.

The project is written and tested using Python 3.7 but the current stable version is 3.10.

Update the python version of the project and don't forget to also update the python version used in the Dockerfile

The /check_token doesn't return a correct Status Code when the provided data is not valid. It returns a 500 status code (Internal Server Error) which is not correct for this situation.

It should return a 400 (Bad Request) informing which field is not valid.

Today the application doesn't delete the created token after it was used from a "Double Check" request. This could lead to a security problem and use of the same token for more than one request.

When a application verifies a token and it is correct, it should be removed from the cache to prevent its use for the same verification request again.

Add the configuration of logs in the system.

It should use python default logs with the configuration within the config file.

For now if we log to a file should be really great but in the future we should configure some tools provided by big clouds or make the logs in a way that we can configure different logs tools.

Add and configure bump version.

It should have a version in:

• Config file
• Readme
• Tag (I think its the default of bumpversion)

The README.md is not with all information about the project.

This issue refers to the improvement of the installation process within the README.md.

The rquested improvement should cover:

• How to download the docker image of the project
• Run the API docker container passing the required configurations
• Run the BOT docker container passing the required configurations
• Run the Redis dependency
• How to check if everything is running OK

I am trying to generate a token without having the chat_id registered in Redis.

double_check_api    | DEBUG:aiogram:Make request: "sendMessage" with data: "{'chat_id': 986743, 'text': 'Hello afdf6057-77b3-4985-a4c9-fe94dbfc5e72. Your token is: 986743'}" and files "None"
double_check_api    | DEBUG:aiogram:Response for sendMessage: [400] "'{"ok":false,"error_code":400,"description":"Bad Request: chat not found"}'"

Could we retrieve the user's chat_id from the telegram API if it doesn't already exist?

Improve swagger text. There is some errors there

The idea of this issue is to create a end-to-end test for the project.

The test structure is not yet planned but any suggestions would be great.

The restrictions are:

• All testes should use Cypress or Robot Framework
• The end-to-end tests should have it's own folder at the same level of the project code

We can discuss the structure in this issue before start implementing

The API accepts a action field to indicate which action should be "Double Checked" but this action is not being sent within the message to a user.

Add the action in the message sent to the user to inform which action is being requested to be Double Checked

The project has no release yet, but we need to configure a changelog and we should track all the changes.

Configure the Towncrier in the prject and create a CHANGELOG.md in the project root.

The Double Check API still don't have a Swagger documentation in order to indicate its endpoints or explain how to integrate with the API.

Create a documentation using swagger.

I should contain the endpoints:

• Request token
• Check token

It also should have the data structure used on those endpoints.