A comprehensive Flask-based financial platform for communities, churches, and organizations to manage digital wallets, contributions, payments, and KYC compliance.
- Overview
- Features
- Architecture
- Quick Start
- Documentation
- API Endpoints
- Frontend Templates & Demos
- Deployment
- Testing
- Contributing
KingdomPay is a production-ready financial platform designed to provide secure, scalable financial services for communities. The backend API handles user authentication, digital wallet management, transaction processing, KYC compliance, and comprehensive financial operations with enterprise-grade security and reliability.
- Secure Authentication: OTP-based phone verification with JWT tokens
- Digital Wallets: Complete wallet management with transfers, deposits, and withdrawals
- KYC Compliance: Multi-tier verification system with document upload and risk assessment
- Real-time Transactions: Double-entry ledger with comprehensive audit trails
- Frontend Demos: Interactive HTML templates for testing and demonstration
- Health Monitoring: Comprehensive system health checks and performance metrics
- Production Ready: Docker support with cloud deployment (Render) configuration
- Fully Tested: Complete test suite with unit, integration, and security tests
- OTP-based Phone Verification: Secure phone number authentication with SMS delivery
- JWT Token Management: Access and refresh token system with automatic renewal
- Rate Limiting: API protection against abuse and brute force attacks
- Data Encryption: Sensitive data encryption at rest and in transit
- Input Validation: Comprehensive request validation and sanitization
- Auto Wallet Creation: Automatic wallet creation for new users
- Balance Tracking: Real-time balance updates with transaction history
- Fund Transfers: Secure wallet-to-wallet transfers with validation
- Deposit/Withdrawal: Add and remove funds with audit trails
- Display Numbers: User-friendly wallet identification system
- Double-Entry Ledger: Complete transaction tracking and audit trails
- Transaction History: Comprehensive transaction logs with pagination
- Real-time Updates: Instant balance updates and transaction confirmations
- Transaction Types: Support for transfers, deposits, withdrawals, and more
- Multi-tier Verification: Tiered KYC system (Tier 0, 1, 2)
- Document Upload: Support for multiple document types (ID, Passport, Utility Bills)
- Risk Assessment: Automated risk scoring and compliance checks
- Transaction Limits: Tier-based transaction limits and monitoring
- Audit Trails: Complete KYC process tracking and compliance logs
- Health Checks: Multiple health check endpoints for monitoring
- System Metrics: CPU, memory, disk, and database performance monitoring
- Database Monitoring: Connection health and query performance tracking
- Redis Monitoring: Cache performance and connectivity checks
- Backend Framework: Flask 2.3.3 with SQLAlchemy ORM
- Database: PostgreSQL 15+ (production) / SQLite (development)
- Cache & Sessions: Redis 7+ for caching and session management
- Authentication: JWT with access/refresh token system
- Security: Data encryption, rate limiting, input validation
- Deployment: Gunicorn with Docker support
- Auth Service: OTP verification, JWT management, user authentication
- Wallet Service: Wallet operations, balance management, fund transfers
- Ledger Service: Transaction processing, double-entry accounting
- KYC Service: Document verification, compliance management, risk assessment
- SMS Service: OTP delivery via SMS providers
- Cache Service: Redis-based caching and session management
- Health Service: System monitoring and health checks
- Encryption Service: Data encryption and security utilities
- User: User profiles, authentication, and account management
- Wallet: Digital wallets with balances and display numbers
- Transaction: Complete transaction records with audit trails
- OTP Verification: OTP codes and verification tracking
- KYC Models: Verification records, documents, and compliance tracking
- Python 3.9+
- PostgreSQL 15+ (or SQLite for development)
- Redis 6+ (optional for development)
- Docker (optional, for database)
-
Clone the repository:
git clone <repository-url> cd kingdompay-backend
-
Create virtual environment:
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install dependencies:
pip install -r requirements.txt
-
Set up environment variables:
cp .env.example .env # Edit .env with your configuration -
Initialize the database:
flask db init flask db migrate -m "Initial migration" flask db upgrade -
Run the application:
python run.py
The API will be available at http://localhost:5000
# Health check
curl http://localhost:5000/health
# Request OTP (check console for code in development)
curl -X POST http://localhost:5000/api/v1/auth/otp/request \
-H "Content-Type: application/json" \
-d '{"phone_number": "+254712345678"}'- API Documentation - Complete API reference with examples
- Setup Guide - Detailed setup instructions for development and production
- Errors and Fixes - Critical issues found and recommended fixes
POST /api/v1/auth/otp/request- Request OTP for phone verification (Rate: 5/min)POST /api/v1/auth/otp/verify- Verify OTP and get JWT tokens (Rate: 10/min)POST /api/v1/auth/refresh- Refresh access token using refresh tokenGET /api/v1/auth/me- Get current user informationPUT /api/v1/auth/profile- Update user profile informationPOST /api/v1/auth/logout- Logout user and invalidate tokens
GET /api/v1/wallets/balance- Get current wallet balance and detailsGET /api/v1/wallets/transactions- Get paginated transaction historyGET /api/v1/wallets/ledger- Get wallet ledger (same as transactions)POST /api/v1/wallets/transfer- Transfer funds between walletsPOST /api/v1/wallets/deposit- Add funds to walletPOST /api/v1/wallets/withdraw- Remove funds from wallet
GET /api/v1/kyc/status- Get user's KYC status and verification levelPOST /api/v1/kyc/initiate- Initiate KYC verification processPOST /api/v1/kyc/documents- Upload KYC documents (multipart/form-data)GET /api/v1/kyc/documents/<id>- Get document informationPOST /api/v1/kyc/verify- Verify KYC document (admin only)POST /api/v1/kyc/upgrade- Upgrade user's KYC tier (admin only)POST /api/v1/kyc/limits/check- Check transaction limits against KYC tierGET /api/v1/kyc/audit-trail- Get KYC audit trail for userGET /api/v1/kyc/documents/types- Get supported document typesGET /api/v1/kyc/tiers- Get KYC tier information and limits
GET /health- Basic health check endpointGET /health/detailed- Comprehensive system health with metricsGET /health/ready- Kubernetes readiness probe endpointGET /health/live- Kubernetes liveness probe endpoint
KingdomPay includes interactive HTML templates for testing and demonstration purposes:
GET /- Main dashboard and API overviewGET /dashboard- Dashboard template (same as index)GET /auth-demo- Authentication flow demonstrationGET /wallet-demo- Wallet management interface
The project also includes standalone HTML files in the static/ directory:
static/index.html- Main dashboard with API status and features overviewstatic/auth.html- Authentication flow demonstration with OTP testingstatic/wallet.html- Wallet management interface for testing transfersstatic/kyc.html- KYC verification process demonstrationstatic/transactions.html- Transaction history and ledger viewer
- API Status Overview: Live status of all API endpoints
- Feature Highlights: Interactive cards showing system capabilities
- Health Monitoring: Real-time system health indicators
- Quick Actions: Direct links to demo pages and API testing
- OTP Request Flow: Test phone number verification
- Token Management: JWT token display and refresh testing
- User Profile: Profile management interface
- Rate Limiting Demo: Shows API rate limiting in action
- Balance Display: Real-time wallet balance and details
- Transfer Interface: Wallet-to-wallet transfer testing
- Transaction History: Paginated transaction list
- Deposit/Withdrawal: Fund management operations
# Start the Flask application
python run.py
# Access templates in your browser:
# Main Dashboard: http://localhost:5000/
# Authentication Demo: http://localhost:5000/auth-demo
# Wallet Demo: http://localhost:5000/wallet-demo
# Or access static files directly:
# http://localhost:5000/static/index.html
# http://localhost:5000/static/auth.html
# http://localhost:5000/static/wallet.html
# http://localhost:5000/static/kyc.html
# http://localhost:5000/static/transactions.html- OTP-based phone verification with SMS delivery
- JWT token management with refresh tokens
- Rate limiting and API protection
- Data encryption and security utilities
- Comprehensive input validation
- Automatic wallet creation for new users
- Real-time balance tracking and updates
- Wallet-to-wallet fund transfers
- Deposit and withdrawal operations
- User-friendly wallet display numbers
- Complete transaction history with pagination
- Multi-tier KYC verification (Tier 0, 1, 2)
- Document upload and management
- Risk assessment and scoring
- Transaction limit enforcement
- Complete audit trails and compliance tracking
- Admin verification workflows
- Comprehensive health monitoring
- Database and Redis connectivity checks
- System performance metrics
- Docker and cloud deployment support
- Complete test suite with coverage
SECRET_KEY- Flask secret keyJWT_SECRET_KEY- JWT signing keyENCRYPTION_KEY- 32-byte encryption key
DATABASE_URL- Database connection string (optional, defaults to SQLite)
REDIS_URL- Redis connection stringSMS_PROVIDER_API_KEY- SMS provider API keySMS_PROVIDER_URL- SMS provider URLEMAIL_SERVER- SMTP server for emailsEMAIL_USERNAME- SMTP usernameEMAIL_PASSWORD- SMTP password
# Using Flask development server
python run.py
# Using Gunicorn for production-like environment
gunicorn -w 4 -b 0.0.0.0:5000 app:app# Build the Docker image
docker build -t kingdompay-backend .
# Run with environment file
docker run -p 5000:5000 --env-file .env kingdompay-backend
# Using Docker Compose (recommended)
docker-compose up -dThe project includes complete Render deployment configuration:
- Automatic Setup:
render.yamlconfigures PostgreSQL, Redis, and web service - Environment Variables: Secure key generation and database connections
- Health Monitoring: Built-in health checks and monitoring endpoints
- Free Tier: 750 hours/month, 1GB PostgreSQL, 25MB Redis
See deploy.md for detailed Render deployment instructions.
- Database: PostgreSQL 15+ with connection pooling
- Cache: Redis 7+ for session management and caching
- SSL: Automatic SSL termination with Render
- Monitoring: Health checks at
/health/detailed - Logging: Structured logging with log aggregation
- Security: Environment-based secret management
- Community and organization management
- Campaign creation and management
- Contribution tracking and analytics
- Multi-user wallet sharing
- Group payment collections
- Advanced reporting and analytics
- Mobile app integration
- Payment gateway integration (M-Pesa, PayPal, etc.)
- International money transfers
- Cryptocurrency support
- Advanced fraud detection
- Real-time notifications
- API webhooks for third-party integrations
# Install test dependencies
pip install pytest pytest-cov pytest-flask
# Run all tests
python run_tests.py
# Run with coverage
python run_tests.py --coverage
# Run specific test types
python run_tests.py --unit
python run_tests.py --integration
# Run specific test file
python run_tests.py --path tests/test_auth.py
# Run with verbose output
python run_tests.py --verboseThe comprehensive test suite includes:
- Model Tests: User, Wallet, Transaction, OTP, KYC model validation
- Service Tests: Auth, Wallet, Ledger, KYC, SMS service functionality
- Utility Tests: Encryption, validation, and helper functions
- API Workflows: Complete authentication and wallet operations
- End-to-End Scenarios: User registration, KYC verification, fund transfers
- Database Integration: Transaction rollbacks, data consistency
- Authentication: OTP verification, JWT token handling
- Authorization: Protected endpoint access, permission checks
- Rate Limiting: OTP request limits, API abuse protection
- Input Validation: Malicious input handling, SQL injection prevention
- Edge Cases: Invalid inputs, network failures, database errors
- Business Logic: Insufficient funds, invalid transfers, KYC limits
- System Failures: Service unavailability, timeout handling
# Health check
curl -X GET http://localhost:5000/health
# Test OTP flow
curl -X POST http://localhost:5000/api/v1/auth/otp/request \
-H "Content-Type: application/json" \
-d '{"phone_number": "+254712345678"}'
# Test wallet operations (after authentication)
curl -X GET http://localhost:5000/api/v1/wallets/balance \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Test coverage reports are generated in the htmlcov/ directory and include:
- Line Coverage: Code execution coverage
- Branch Coverage: Conditional statement coverage
- Function Coverage: Function call coverage
- Class Coverage: Class method coverage
- Health check endpoint:
GET /health - Database connectivity monitoring
- Rate limiting metrics
- Error rate tracking
- OTP-based authentication
- JWT token security
- Rate limiting protection
- Input validation
- SQL injection prevention
- CORS configuration
- Encryption for sensitive data
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests
- Submit a pull request
This project is licensed under the MIT License.
For issues and questions:
- Check the Setup Guide
- Review Error Analysis
- Check API documentation
- Contact the development team
- v1.0.0 - Initial release with basic wallet functionality
- v1.1.0 - Added KYC compliance system and document verification
- v1.2.0 - Enhanced security with encryption and comprehensive monitoring
- v1.3.0 - Production-ready with Docker support and cloud deployment
- Current - Phase 1: Wallets + KYC + Security + Monitoring