feat: Updated admin panel providers list & modal

2026-03-26 16:27:14 +00:00
parent 9cf71ab4a0
commit 005a8f4cf0
40 changed files with 2391 additions and 1051 deletions
--- a/ENV_SETUP.md
+++ b/ENV_SETUP.md
@@ -1,98 +1,151 @@
-# Environment Configuration
+# Environment Setup

-Copy `.env.example` files and configure for your environment:
+Notely uses three different environment-file locations depending on how you run the app.

-## Backend (.env)
+## 1. Root `.env`

-```env
-# MongoDB
-MONGODB_URI=mongodb://admin:password@localhost:27017/noteapp?authSource=admin
+Use the root `.env` file when running `docker compose` from the repository root.

-# JWT Configuration
-JWT_SECRET=your-super-secret-jwt-key-minimum-32-characters
-JWT_ISSUER=noteapp
-
-# Encryption (32 bytes = 32 characters)
-ENCRYPTION_KEY=00000000000000000000000000000000
-
-# Server
-PORT=8080
-ENV=development
-LOG_LEVEL=info
-
-# CORS (comma-separated for multiple origins)
-CORS_ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
-
-# Rate Limiting
-RATE_LIMIT_REQUESTS=50
-RATE_LIMIT_WINDOW=1s
-```
-
-## Frontend (.env)
-
-```env
-VITE_API_BASE_URL=http://localhost:8080
-VITE_ENV=development
-```
-
-## Development vs Production
-
-### Development (.env.development)
-
- Less strict security (for easier testing)
- Localhost CORS allowed
- JWT secrets can be simple
- Logging more verbose
-
-### Production (.env.production)
-
- Strict security requirements
- Specific CORS origins only
- Strong random JWT secrets
- Limited logging (performance)
- All environment variables must be set
-
-## Generating Secrets
+Start from:
+
+```bash
+cp .env.example .env
+```
+
+### Variables Used By Docker Compose
+
+Required or commonly used:
+
+- `MONGODB_URI`
+- `BACKEND_PORT`
+- `JWT_SECRET`
+- `ENCRYPTION_KEY`
+- `FRONTEND_URL`
+- `VITE_API_BASE_URL`
+- `DEFAULT_ADMIN_EMAIL`
+- `DEFAULT_ADMIN_USERNAME`
+- `DEFAULT_ADMIN_PASSWORD`
+- `NGINX_HTTP_PORT`
+- `NGINX_HTTPS_PORT`
+
+Optional backend runtime values that Docker Compose will also pass through if present:
+
+- `REDIS_ADDR`
+- `REDIS_USER`
+- `REDIS_PASSWORD`
+- `REDIS_DB`
+- `SESSION_TTL_HOURS`
+
+### Current Defaults In The Checked-In Example
+
+- MongoDB container: `mongodb://admin:password@mongodb:27017/noteapp?authSource=admin`
+- Backend port: `8080`
+- Public frontend URL: `http://localhost`
+- Browser API base URL for container builds: `http://localhost`
+
+## 2. `backend/.env`
+
+Use `backend/.env` for local backend development.
+
+Start from:
+
+```bash
+cd backend
+cp .env.example .env
+```
+
+### Variables Currently Read By The Backend Runtime
+
+Read in `backend/cmd/server/main.go` or other active handlers:
+
+- `MONGODB_URI`
+- `JWT_SECRET`
+- `ENCRYPTION_KEY`
+- `PORT`
+- `REDIS_ADDR`
+- `REDIS_USER`
+- `REDIS_PASSWORD`
+- `REDIS_DB`
+- `SESSION_TTL_HOURS`
+- `DEFAULT_ADMIN_EMAIL`
+- `DEFAULT_ADMIN_USERNAME`
+- `DEFAULT_ADMIN_PASSWORD`
+- `FRONTEND_URL`
+
+### Variables Present In `backend/.env.example` But Not Currently Consumed By Runtime Code
+
+These values exist in the example file, but the current code path does not read them yet:
+
+- `JWT_ISSUER`
+- `ENV`
+- `LOG_LEVEL`
+- `CORS_ALLOWED_ORIGINS`
+- `RATE_LIMIT_REQUESTS`
+- `RATE_LIMIT_WINDOW`
+
+### Backend Defaults If A Variable Is Missing
+
+- `MONGODB_URI`: `mongodb://localhost:27017`
+- `JWT_SECRET`: `your-secret-key-change-in-production`
+- `ENCRYPTION_KEY`: `00000000000000000000000000000000`
+- `PORT`: `8080`
+- `REDIS_ADDR`: `localhost:6379`
+- `REDIS_DB`: `0`
+- `SESSION_TTL_HOURS`: `168`
+- `FRONTEND_URL`: falls back to `http://localhost:5173` for login redirects
+
+## 3. `frontend/.env`
+
+Use `frontend/.env` for local frontend development.
+
+Start from:
+
+```bash
+cd frontend
+cp .env.example .env
+```
+
+### Frontend Variables In `frontend/.env.example`
+
+- `VITE_API_BASE_URL`
+- `VITE_ENV`
+- `VITE_ENABLE_ANALYTICS`
+
+### Variables Currently Relevant To The Frontend App
+
+- `VITE_API_BASE_URL`: used by the API client
+
+The other example values are safe to keep, but the current checked-in frontend code does not actively consume them.
+
+## Secret Generation
+
+Examples:

 ```bash
-# JWT Secret (32+ characters)
 openssl rand -base64 32
-
-# Encryption Key (32 bytes)
-openssl rand -hex 16  # outputs 32 characters
-
-# Random token
+openssl rand -hex 16
 openssl rand -hex 32
 ```

-## Docker Compose
+Use generated values for:

-Environment variables are defined in `docker-compose.yml` and will override `.env` files. Update the file for your deployment:
+- `JWT_SECRET`
+- `ENCRYPTION_KEY`
+- provider secrets or other sensitive credentials stored through admin settings

-```yaml
-environment:
-    MONGODB_URI: mongodb://admin:password@mongodb:27017/noteapp?authSource=admin
-    JWT_SECRET: your-secret-key-change-in-production
-    # ... other vars
-```
+## Compose Vs Local Development

-## Kubernetes
+Use the right env file for the right mode:

-Use `kubectl create secret` for sensitive data:
+- root `.env`: Docker Compose
+- `backend/.env`: local backend
+- `frontend/.env`: local frontend

-```bash
-# Create secret from literal values
-kubectl create secret generic app-secrets \
-  --from-literal=mongodb-uri="..." \
-  --from-literal=jwt-secret="..." \
-  -n noteapp
+Do not assume values from one location are automatically shared with the others.

-# Or use ConfigMap for non-sensitive config
-kubectl create configmap app-config \
-  --from-file=config.yaml \
-  -n noteapp
-```
+## Important Notes

---
-
-**IMPORTANT**: Never commit .env files or secrets to version control!
+- Do not commit real secrets
+- Keep `ENCRYPTION_KEY` at 32 characters for the current AES-256 usage
+- If OAuth login is enabled, set `FRONTEND_URL` correctly so callback redirects go to the intended UI
+- If Redis settings are omitted, the backend assumes a local Redis instance at `localhost:6379`