Skip to content

Ambastha-Org/Universal-Dev-Registery-DB

BranchesTags

Repository files navigation

🌩️ Ambastha Matrix API Service

The core engine for the Universal Development Registry, built with Node.js (Express) and MongoDB (Mongoose). This service manages high-performance compatibility data, sponsorship-driven quotas, and multi-seat licensing.

✨ Enterprise Features

🏦 Sponsorship & Procurement Lifecycle

  • Treasury Settlement: Automated hold period for monthly subscriptions to ensure fund clearance.
  • Instant Allocation: One-time top-ups bypass settlement holds for immediate quota provisioning.
  • Dynamic Quota Scaling: Automatic request allocation based on USD contribution values.

💺 Multi-Seat Concurrency

  • Seat Licensing: Calculates authorized concurrent seats based on sponsorship tier levels.
  • Heartbeat Monitoring: Active session tracking to enforce seat limits across multiple clients.

🛡️ Security & Auditing

  • Master Key Alerts: Real-time email notifications for critical administrative overrides.
  • Access Control: High-entropy API key verification and IP-based security for procurement routes.
  • Payload Sanitization: Strict semantic versioning enforcement using a custom Patch-level Continuity Engine.

⚙️ Prerequisites

  • Node.js: v18+ (LTS recommended)
  • MongoDB: v6.0+ (Atlas recommended for production)

🚀 Getting Started

1. Installation

git clone https://github.com/Ambastha-Org/Universal-Dev-Registry-DB.git
cd api-matrix-service
npm install

2. Configuration

Create a .env.local file in the root directory. Do not commit this file to version control.

To generate secure 64-character hex keys for the security variables below, you can use the built-in utility:

npm run genkey

Required Environment Variables:

PORT=8080
NODE_ENV=production
LOCAL_MONGO_URI=mongodb://localhost:27017/compatibilitydb
GITHUB_ORG_NAME=Sudhanshu-Ambastha
CORS_ORIGIN="http://localhost:3000","https://universal-dev-registry.ambastha.org"

# Security
ADMIN_API_KEY="your_generated_key"
INTERNAL_API_SECRET="your_generated_key"
GITHUB_WEBHOOK_SECRET="your_generated_key"

# Notifications & SMTP
EMAIL_USER="support@ambastha.org"
EMAIL_PASS="your_smtp_password"
OWNER_EMAIL="admin@ambastha.org"
RECIPIENT_EMAIL="test-receiver@gmail.com"

🛠️ Operational Commands

Command Action
npm run dev Start development server with hot-reloading (Nodemon).
npm test Execute the full assertion suite (Logic, Email, Security).
npm run prod Deploy to production background via PM2.
npm run logs View live process logs to monitor webhooks/errors.
npm run restart Restart the service after environment changes.

🔒 API Documentation

Public Endpoints

  • GET /api/v1/matrix: Retrieve all active compatibility registry entries.
  • GET /health: Service health check, database status, and automated reconciliation.

Admin & Webhooks (Protected)

  • POST /webhook/github: Entry point for GitHub Sponsorship events.
  • POST /admin/release-treasury: Manual override to release funds from settlement hold. Requires Admin Key.
  • POST /api/v1/matrix: Create or bulk-update registry entries. Requires Admin Key.

⚠️ Security Notes

  • Key Rotation: Ensure ADMIN_API_KEY is rotated periodically to maintain system integrity.

  • CORS Policy: Strictly define CORS_ORIGIN in production to prevent unauthorized cross-site data access.

  • Audit Logging: All manual treasury releases trigger an immediate security alert sent directly to the designated OWNER_EMAIL.

About

Core engine for the Universal Development Registry. High-performance Node.js API managing compatibility matrices, multi-seat licensing, and automated sponsorship procurement. Engineered for the Ambastha ecosystem.

api.ambastha.org/

Topics

nodejs security-audit automation mongodb expressjs backend-service registry-api

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages