Initial commit: MyMidas personal finance tracker

Full-stack self-hosted finance app with FastAPI backend and React frontend. Features: - Accounts, transactions, budgets, investments with GBP base currency - CSV import with auto-detection for 10 UK bank formats - ML predictions: spending forecast, net worth projection, Monte Carlo - 7 selectable themes (Obsidian, Arctic, Midnight, Vault, Terminal, Synthwave, Ledger) - Receipt/document attachments on transactions (JPEG, PNG, WebP, PDF) - AES-256-GCM field encryption, RS256 JWT, TOTP 2FA, RLS, audit log - Encrypted nightly backups + key rotation script - Mobile-responsive layout with bottom nav Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 11:56:10 +00:00 · 2026-04-21 11:56:10 +00:00 · 61a7884ee5
commit 61a7884ee5
127 changed files with 13323 additions and 0 deletions
--- a/backend/app/config.py
+++ b/backend/app/config.py
@ -0,0 +1,54 @@
+from functools import lru_cache
+from pydantic_settings import BaseSettings, SettingsConfigDict
+
+
+class Settings(BaseSettings):
+    model_config = SettingsConfigDict(env_file=".env", extra="ignore")
+
+    database_url: str = "postgresql+asyncpg://finance_app:password@postgres:5432/financedb"
+    redis_url: str = "redis://localhost:6379/0"
+
+    encryption_key: str  # 32-byte hex string
+    backup_passphrase: str = ""
+
+    environment: str = "production"
+    allow_registration: bool = False
+    base_currency: str = "GBP"
+
+    # JWT — keys read from /run/secrets/ at runtime
+    jwt_private_key_file: str = "/run/secrets/jwt_private.pem"
+    jwt_public_key_file: str = "/run/secrets/jwt_public.pem"
+    jwt_algorithm: str = "RS256"
+    access_token_expire_minutes: int = 15
+    refresh_token_expire_days: int = 7
+
+    # Security
+    csrf_token_expire_hours: int = 24
+    max_login_attempts: int = 5
+    lockout_base_seconds: int = 1800  # 30 min, doubles each time
+
+    # Rate limits (requests per minute)
+    rate_limit_auth: int = 10
+    rate_limit_api: int = 300
+    rate_limit_predictions: int = 20
+
+    # File uploads
+    upload_dir: str = "/app/uploads"
+    max_attachment_bytes: int = 10 * 1024 * 1024  # 10 MB
+    max_attachments_per_txn: int = 10
+
+    # Background jobs
+    price_sync_interval_minutes: int = 15
+    fx_sync_interval_minutes: int = 60
+    snapshot_hour: int = 2  # 2 AM daily
+    backup_hour: int = 3    # 3 AM daily
+    ml_retrain_day: str = "sun"  # weekly on Sunday
+
+    @property
+    def is_development(self) -> bool:
+        return self.environment == "development"
+
+
+@lru_cache
+def get_settings() -> Settings:
+    return Settings()