curo1305
7.5 KiB
7.5 KiB
Technology Stack
Analysis Date: 2026-06-02
Languages
Primary:
- Python 3.12 — backend API, services, Celery tasks, storage backends
- JavaScript (ES Modules, ES2022+) — Vue 3 frontend SPA
Secondary:
- SQL — PostgreSQL schema via Alembic migrations (
backend/migrations/) - HTML/CSS — Vue SFC templates, Tailwind utility classes
Runtime
Backend:
- CPython 3.12 (pinned:
FROM python:3.12-sliminbackend/Dockerfile) - ASGI server: Uvicorn
>=0.29with[standard]extras - Entry point:
backend/main.py—uvicorn main:app
Frontend:
- Node.js 20 (pinned:
FROM node:20-alpineinfrontend/Dockerfile) - Dev server: Vite 5 on port 5173, proxies
/api→http://backend:8000 - Entry point:
frontend/index.html→frontend/src/main.js
Package Manager:
- Backend:
pip—backend/requirements.txt; no lockfile (floating>=ranges used throughout — see CONCERNS.md) - Frontend:
npm— lockfile:frontend/package-lock.json
Frameworks
Backend Core
| Package | Version | Purpose |
|---|---|---|
fastapi |
>=0.111 |
Async REST API framework — backend/main.py |
uvicorn[standard] |
>=0.29 |
ASGI server |
pydantic |
>=2.0 with [email] |
Request/response validation |
pydantic-settings |
>=2.2 |
Environment-based config — backend/config.py |
python-multipart |
>=0.0.27 |
Multipart file upload parsing |
ORM / Database
| Package | Version | Purpose |
|---|---|---|
sqlalchemy[asyncio] |
>=2.0.49 |
Async ORM — backend/db/session.py, backend/db/models.py |
psycopg[binary] |
>=3.3.4 |
psycopg v3 async PostgreSQL driver |
alembic |
>=1.18.4 |
Schema migrations — backend/migrations/ |
aiosqlite |
>=0.20.0 |
SQLite async driver (test isolation only) |
Background Tasks
| Package | Version | Purpose |
|---|---|---|
celery[redis] |
>=5.5.0 |
Async task queue — backend/celery_app.py |
redis |
>=4.6.0 |
Redis async client; Celery broker + result backend + JTI token store |
Auth / Security
| Package | Version | Purpose |
|---|---|---|
PyJWT |
>=2.8.0 |
JWT access token creation and verification — backend/services/auth.py |
pwdlib[argon2] |
>=0.2.1 |
Argon2id password hashing |
pyotp |
>=2.9.0 |
TOTP provisioning and verification (2FA) |
cryptography |
>=41.0.0 |
HKDF per-user key derivation; Fernet encryption for cloud credentials |
slowapi |
>=0.1.9 |
Rate limiting middleware on auth endpoints |
httpx |
>=0.27 |
Async HTTP client (HIBP k-anonymity checks, OneDrive Graph API) |
Document Processing
| Package | Version | Purpose |
|---|---|---|
PyMuPDF |
>=1.26.7 |
PDF text extraction — backend/services/extractor.py |
python-docx |
>=1.1 |
DOCX text extraction — backend/services/extractor.py |
pytesseract |
>=0.3 |
OCR for image files — backend/services/extractor.py |
Pillow |
>=10.3 |
Image loading for OCR pipeline |
aiofiles |
>=23.2 |
Async file I/O |
AI Classification
| Package | Version | Purpose |
|---|---|---|
anthropic |
>=0.26 |
Anthropic Claude SDK — backend/ai/anthropic_provider.py |
openai |
>=1.30 |
OpenAI SDK; also used as shim for Ollama and LM Studio — backend/ai/openai_provider.py |
Cloud Storage SDKs
| Package | Version | Purpose |
|---|---|---|
minio |
>=7.2.20 |
MinIO/S3 object storage SDK — backend/storage/minio_backend.py |
google-auth-oauthlib |
>=1.3.1 |
Google OAuth2 flow — backend/storage/google_drive_backend.py |
google-api-python-client |
>=2.196.0 |
Google Drive v3 API — backend/storage/google_drive_backend.py |
msal |
>=1.36.0 |
Microsoft Auth Library for OneDrive — backend/storage/onedrive_backend.py |
webdavclient3 |
>=3.14.7 |
Generic WebDAV + Nextcloud — backend/storage/webdav_backend.py |
cachetools |
>=5.3.0 |
Cloud connection caching — backend/services/cloud_cache.py |
Frontend
| Package | Version | Purpose |
|---|---|---|
vue |
^3.4.0 |
UI framework (Options API) — frontend/src/ |
vue-router |
^4.3.0 |
Client-side routing — frontend/src/router/ |
pinia |
^2.1.0 |
State management (JWT access token stored in memory only) — frontend/src/stores/ |
qrcode |
^1.5.4 |
TOTP QR code generation for 2FA enrollment UI |
tailwindcss |
^3.4.0 |
Utility-first CSS — frontend/tailwind.config.js |
Frontend Dev / Build
| Tool | Version | Purpose |
|---|---|---|
vite |
^5.2.0 |
Dev server and bundler — frontend/vite.config.js |
@vitejs/plugin-vue |
^5.0.0 |
Vue SFC compilation |
postcss |
^8.4.0 |
CSS processing — frontend/postcss.config.js |
autoprefixer |
^10.4.0 |
CSS vendor prefixing |
Testing
| Tool | Version | Purpose |
|---|---|---|
pytest |
>=8.2 |
Backend test runner — backend/pytest.ini |
pytest-asyncio |
>=1.3.0 |
Async test support (asyncio_mode = auto) |
vitest |
^4.1.7 |
Frontend test runner — frontend/vitest.config.js |
@vue/test-utils |
^2.4.10 |
Vue component test utilities |
happy-dom |
^20.9.0 |
DOM environment for Vitest |
Infrastructure
Docker Compose Services (docker-compose.yml)
| Service | Image | Port(s) | Notes |
|---|---|---|---|
postgres |
postgres:17-alpine |
internal | Persistent postgres_data volume |
minio |
minio/minio:latest |
9000, 9001 |
S3-compatible object store; persistent minio_data volume |
redis |
redis:7-alpine |
internal | Password-protected; Celery broker + JTI revocation store |
backend |
Built from ./backend |
8000 |
Hot-reload via volume mount; depends on postgres, minio, redis |
celery-worker |
Built from ./backend |
— | Processes documents queue |
celery-beat |
Built from ./backend |
— | Periodic task scheduler |
frontend |
Built from ./frontend |
5173 |
Vite dev server; proxies /api → backend:8000 |
Database Role Separation
docuvault_app— DML only (SELECT/INSERT/UPDATE/DELETE); used by FastAPI appdocuvault_migrate— DDL; used by Alembic migrations only- Init script:
docker/postgres/initdb.d/01-init-users.sql
System Dependencies (backend Docker image)
Installed via apt-get in backend/Dockerfile:
tesseract-ocr— OCR binary forpytesseractlibgl1,libglib2.0-0— shared libraries required by PyMuPDF
Configuration
Environment variables are the single source of truth, read by pydantic-settings in backend/config.py.
Required for core operation:
DATABASE_URL— psycopg v3 async DSN for app userDATABASE_MIGRATE_URL— psycopg v3 DSN for migrate userMINIO_ENDPOINT,MINIO_ACCESS_KEY,MINIO_SECRET_KEY,MINIO_BUCKETREDIS_URL— used by both FastAPI (JTI store) and CelerySECRET_KEY— JWT signing secretCLOUD_CREDS_KEY— 32-byte master key for HKDF cloud credential encryption
Optional:
SMTP_HOST/PORT/USER/PASSWORD/FROM— transactional emailGOOGLE_CLIENT_ID/SECRET,ONEDRIVE_CLIENT_ID/SECRET— OAuth cloud storageADMIN_EMAIL,ADMIN_PASSWORD— bootstrap admin accountSYSTEM_PROMPT,DEFAULT_AI_PROVIDER,DEFAULT_AI_MODEL— AI defaultsCORS_ORIGINS,FRONTEND_URL,BACKEND_URL
Platform Requirements
Development:
- Docker + Docker Compose (preferred), or
- Python 3.12, Node.js 20 plus running PostgreSQL 17, MinIO, Redis instances locally
Production:
- Containerised via Docker Compose; no cloud-native manifests or reverse-proxy config detected in repo
Stack analysis: 2026-06-02