1246d5e792
Some checks failed
ci/woodpecker/push/integration Pipeline failed
ci/woodpecker/push/main Pipeline failed
CI/CD Pipeline / Docker Build & Push (push) Has been cancelled
CI/CD Pipeline / Linting (push) Has been cancelled
CI/CD Pipeline / Go Tests (push) Has been cancelled
CI/CD Pipeline / Python Tests (push) Has been cancelled
CI/CD Pipeline / Website Tests (push) Has been cancelled
CI/CD Pipeline / Security Scan (push) Has been cancelled
CI/CD Pipeline / Integration Tests (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / CI Summary (push) Has been cancelled
Security Scanning / Python Security Scan (push) Has been cancelled
Security Scanning / Node.js Security Scan (push) Has been cancelled
Security Scanning / Secret Scanning (push) Has been cancelled
Security Scanning / Dependency Vulnerability Scan (push) Has been cancelled
Security Scanning / Go Security Scan (push) Has been cancelled
Security Scanning / Docker Image Security (push) Has been cancelled
Security Scanning / Security Summary (push) Has been cancelled
Tests / Go Tests (push) Has been cancelled
Tests / Python Tests (push) Has been cancelled
Tests / Integration Tests (push) Has been cancelled
Tests / Go Lint (push) Has been cancelled
Tests / Python Lint (push) Has been cancelled
Tests / Security Scan (push) Has been cancelled
Tests / All Checks Passed (push) Has been cancelled
Implements anomaly-score-based middleware to protect SDK/Compliance endpoints from systematic data harvesting. Includes 5 detection mechanisms (diversity, burst, sequential enumeration, unusual hours, multi-tenant), multi-window quota system, progressive throttling, HMAC watermarking, and graceful Valkey fallback. - backend/middleware/sdk_protection.py: Core middleware (~750 lines) - Admin API endpoints for score management and tier configuration - 14 new tests (all passing) - MkDocs documentation with clear explanations - Screen flow and middleware dashboard updates Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
BreakPilot Website
Marketing- und Pricing-Website fuer BreakPilot mit Stripe Checkout Integration.
Tech Stack
- Framework: Next.js 15.1.6
- Styling: Tailwind CSS 3.4
- Language: TypeScript 5.7
- Payment: Stripe Checkout (via Billing Service)
Lokale Entwicklung
Voraussetzungen
- Node.js 20+
- npm oder yarn
Installation
cd website
npm install
npm run dev
Website ist dann unter http://localhost:3000 erreichbar.
Docker
Build
docker build -t breakpilot-website \
--build-arg NEXT_PUBLIC_BILLING_API_URL=http://localhost:8083 \
--build-arg NEXT_PUBLIC_APP_URL=http://localhost:8000 \
.
Run
docker run -p 3000:3000 breakpilot-website
Mit Docker Compose
# Aus dem Root-Verzeichnis
docker compose up -d website
Umgebungsvariablen
| Variable | Beschreibung | Default |
|---|---|---|
NEXT_PUBLIC_BILLING_API_URL |
URL zum Billing Service | http://localhost:8083 |
NEXT_PUBLIC_APP_URL |
URL zur BreakPilot App | http://localhost:8000 |
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY |
Stripe Public Key | - |
Build-Zeit vs. Runtime
NEXT_PUBLIC_* Variablen werden zur Build-Zeit eingebettet. Fuer Docker:
docker build \
--build-arg NEXT_PUBLIC_BILLING_API_URL=https://api.breakpilot.de \
--build-arg NEXT_PUBLIC_APP_URL=https://app.breakpilot.de \
--build-arg NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_live_xxx \
.
Stripe Integration
Flow
- Nutzer waehlt Plan auf der Pricing-Seite
- Nutzer gibt E-Mail ein
- Website ruft
POST /api/v1/billing/trial/startam Billing Service auf - Billing Service erstellt Stripe Checkout Session
- Nutzer wird zu Stripe Checkout weitergeleitet
- Nach Zahlung: Redirect zu
/success?session_id=xxx - Success-Seite zeigt Bestaetigung und leitet zur App weiter
API Endpunkt
POST /api/v1/billing/trial/start
Content-Type: application/json
{
"plan_id": "basic" | "standard" | "premium",
"email": "user@example.com"
}
Response:
{
"checkout_url": "https://checkout.stripe.com/..."
}
Seiten
| Route | Beschreibung |
|---|---|
/ |
Landing Page mit Hero, Pricing, Trust-Sektion |
/success |
Erfolgsseite nach Stripe Checkout |
/cancel |
Abbruchseite wenn Checkout abgebrochen |
Produktion
Empfohlene Konfiguration
NEXT_PUBLIC_BILLING_API_URL=https://api.breakpilot.de
NEXT_PUBLIC_APP_URL=https://app.breakpilot.de
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_live_xxx
SSL/TLS
Fuer Produktion sollte ein Reverse Proxy (nginx, Traefik) mit SSL verwendet werden.
Projektstruktur
website/
├── app/
│ ├── globals.css # Tailwind + Custom Styles
│ ├── layout.tsx # Root Layout
│ ├── page.tsx # Landing Page
│ ├── success/
│ │ └── page.tsx # Checkout Erfolgsseite
│ └── cancel/
│ └── page.tsx # Checkout Abbruchseite
├── components/
│ ├── Header.tsx # Navigation
│ ├── PricingSection.tsx # Pricing Cards + Modal
│ └── Footer.tsx # Footer
├── Dockerfile # Multi-stage Docker Build
├── next.config.mjs # Next.js Konfiguration
├── tailwind.config.ts # Tailwind mit BreakPilot Farben
└── package.json