Activity

Summary

• Add Alembic database migrations for production-ready schema management
• Add API key authentication for secure Laravel ↔ Server communication
• Refine Docker setup with health checks and production config
• Add end-to-end test script

Changes

Database Migrations

• Initialize Alembic with async SQLAlchemy support
• Initial schema migration (f4937396683c) - captures 16 existing tables
• API keys migration (5e2dee2daae6) - adds api_keys table
• Remove create_all() - now relies on Alembic migrations

API Key Authentication

• APIKey model for database-backed keys
• api_key_guard for Litestar route protection
• Supports X-API-Key header and Authorization: Bearer token
• Config-based API_KEY env var for simple deployments
• All data endpoints (/users/{user_id}/*) now protected

Docker

• .dockerignore for smaller builds
• Health checks for both services
• docker-compose.prod.yml for production deployment
• Dockerfile updated with curl

Testing

• scripts/test_e2e.py - comprehensive end-to-end tests
• 8 tests covering auth, endpoints, health checks

Test plan

• alembic upgrade head creates tables correctly
• alembic downgrade -1 and upgrade head works
• API endpoints return 401 without API key
• API endpoints work with valid X-API-Key header
• API endpoints work with Bearer token
• Health endpoint remains public
• Docker containers show "healthy" status
• E2E test script passes (8/8 tests)

Laravel Integration

Http::withHeaders([
    'X-API-Key' => config('services.polar_flow.api_key'),
])->get('http://polar-flow-server:8000/users/{$polarUserId}/sleep');

🤖 Generated with Claude Code