megaproxy/MyMidas
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add public demo mode with auto-seeding, hourly reset, and Portainer deploy guide

Browse source 
- DEMO_MODE=true env flag: disables password changes and backup endpoints (403),
  exposes GET /demo/status for frontend detection
- Auto-seed on first startup: creates demo user (demo@mymidas.app / demo123)
  with 6 months of transactions, investments, budgets, subscriptions, and tax
  payslips; takes a pg_dump snapshot immediately after for hourly restore
- Hourly reset: resetter Alpine container with cron restores DB from snapshot
  and purges uploaded attachments every hour on the hour
- Frontend: amber demo banner on all pages, login page shows credentials,
  password change disabled with notice, backups section replaced with notice
- demo/ directory: self-contained docker-compose.yml (ports 4001/8091),
  .env.example, reset.sh, and step-by-step Portainer DEPLOY.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
megaproxy 2026-04-23 22:08:24 +00:00
parent afb5e99bb2
commit 9897d03d91
17 changed files with 975 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
backend/app/api/v1/admin.py
View file

@ -8,9 +8,12 @@ from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.responses import FileResponse
from pydantic import BaseModel
from app.config import get_settings
from app.dependencies import get_current_user
from app.db.models.user import User
_DEMO_DISABLED = "Backups are disabled in demo mode"
router = APIRouter(prefix="/admin", tags=["admin"])
BACKUP_DIR = Path(os.environ.get("BACKUP_DIR", "/app/backups"))
@ -44,11 +47,15 @@ def _list_backup_files() -> list[BackupFile]:
@router.get("/backups", response_model=list[BackupFile])
async def list_backups(current_user: User = Depends(get_current_user)):
if get_settings().is_demo:
raise HTTPException(status_code=403, detail=_DEMO_DISABLED)
return _list_backup_files()
@router.post("/backup", response_model=BackupResult)
async def trigger_backup(current_user: User = Depends(get_current_user)):
if get_settings().is_demo:
raise HTTPException(status_code=403, detail=_DEMO_DISABLED)
try:
proc = await asyncio.create_subprocess_exec(
"bash", "/app/scripts/backup.sh",
@ -71,6 +78,8 @@ async def download_backup(
filename: str,
current_user: User = Depends(get_current_user),
):
if get_settings().is_demo:
raise HTTPException(status_code=403, detail=_DEMO_DISABLED)
if not BACKUP_PATTERN.match(filename):
raise HTTPException(status_code=400, detail="Invalid filename")
path = BACKUP_DIR / filename
@ -88,6 +97,8 @@ async def restore_backup(
filename: str,
current_user: User = Depends(get_current_user),
):
if get_settings().is_demo:
raise HTTPException(status_code=403, detail=_DEMO_DISABLED)
if not BACKUP_PATTERN.match(filename):
raise HTTPException(status_code=400, detail="Invalid filename")
path = BACKUP_DIR / filename

3
backend/app/api/v1/users.py
View file

@ -8,6 +8,7 @@ from pydantic import BaseModel, Field
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession
from app.config import get_settings
from app.core.audit import write_audit
from app.core.security import hash_password, verify_password
from app.dependencies import get_current_user, get_db
@ -41,6 +42,8 @@ async def change_password(
db: AsyncSession = Depends(get_db),
user=Depends(get_current_user),
):
if get_settings().is_demo:
raise HTTPException(status_code=403, detail="Password changes are disabled in demo mode")
if not verify_password(body.current_password, user.password_hash):
raise HTTPException(status_code=400, detail="Current password is incorrect")
user.password_hash = hash_password(body.new_password)