admin
4553f63deb
- monorepo (npm workspaces): apps/api (Fastify+Prisma+TS), apps/web (Vite+React+TS), packages/shared (zod schemas) - SSO via auth.queo.ru: jose+JWKS plugin, requireDocPermission(viewer|user|admin) - DEV_BYPASS_AUTH for local development (hard-checked off in production) - M2: organization upsert, clients CRUD with search, services catalog with soft-delete - BigInt -> Number serializer for Prisma money columns - Embedded Postgres + npm run dev:demo for one-command local boot - Docker compose for queoserver: postgres + api + web (nginx as ingress proxying /api -> api:3030) - First migration 0_init committed (prisma migrate diff) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
37 lines
1.4 KiB
Bash
37 lines
1.4 KiB
Bash
# --- API server ---
|
||
NODE_ENV=development
|
||
PORT=3030
|
||
HOST=127.0.0.1
|
||
|
||
# --- Database ---
|
||
DATABASE_URL=postgresql://docmanager:docmanager@localhost:5432/docmanager?schema=public
|
||
|
||
# --- SSO via auth.queo.ru ---
|
||
AUTH_ISSUER=https://auth.queo.ru
|
||
AUTH_AUDIENCE=queo.ru
|
||
AUTH_JWKS_URL=https://auth.queo.ru/.well-known/jwks.json
|
||
AUTH_COOKIE_NAME=q_at
|
||
AUTH_LOGIN_URL=https://auth.queo.ru/auth/login
|
||
|
||
# --- CORS ---
|
||
# Допустимые источники для браузера (запятая). На проде: https://doc.queo.ru
|
||
CORS_ORIGINS=http://localhost:5173
|
||
|
||
# --- Tochka API ---
|
||
# 32 случайных байта в base64 — ключ AES-256-GCM для шифрования JWT-токенов Точки в БД.
|
||
# Генерация: node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
|
||
TOCHKA_JWT_KEY=
|
||
|
||
# --- Webhook secret для Точки ---
|
||
# Случайная строка, попадает в URL: /webhooks/tochka/<TOCHKA_WEBHOOK_SECRET>
|
||
TOCHKA_WEBHOOK_SECRET=
|
||
|
||
# --- Default organization (single-tenant v1) ---
|
||
# UUID единственной организации — сидится в M2.
|
||
DEFAULT_ORGANIZATION_ID=00000000-0000-0000-0000-000000000001
|
||
|
||
# --- Dev-only ---
|
||
# Если 1 — пропускает проверку JWT и подсовывает фейкового admin'а.
|
||
# В production отказывается стартовать с этой переменной.
|
||
DEV_BYPASS_AUTH=0
|