admin/40227-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40227-vm/backend/docs/auth-profile.md
Dmitri d4a5378adf Refactor: migrate frontend to Vite/React, add product backend modules 
Frontend:
- Replace Next.js with Vite + React + TypeScript
- Add new component architecture (app-shell, sidebar, dashboard modules)
- Implement product modules: FRAME, safety protocols, walkthrough checkin,
  campus/staff attendance, personality quiz, sign language, classroom timer
- Add shadcn/ui component library with Tailwind CSS
- Remove legacy generated components, stores, and pages

Backend:
- Add product migrations: frame_entries, user_progress, safety_quiz_results,
  walkthrough_checkins, communication_events, personality_quiz_results,
  campus_attendance_config/summaries, staff_attendance_records, content_catalog
- Add corresponding models, services, and routes
- Implement cookie-based auth with refresh token rotation
- Add content catalog seeder with product content
- Migrate to ESLint flat config
- Switch from yarn to npm

Infrastructure:
- Update .gitignore for new tooling
- Add project documentation (CLAUDE.md, docs/)
- Remove deprecated config files and yarn.lock

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-06-09 15:18:23 +02:00

1.6 KiB
Raw Blame History

Auth Profile Contract

Purpose

GET /api/auth/me is the backend-owned current user profile contract for the product frontend.

The endpoint must not expose passwords, verification tokens, reset tokens, or raw Sequelize model objects.

The auth transport hardening is documented in backend/docs/cookie-auth.md.

Response Shape

The endpoint returns:

  • id
  • email
  • firstName
  • lastName
  • phoneNumber
  • organizationsId
  • organizations
  • app_role
  • productRole
  • staffProfile
  • campus
  • campusId
  • permissions

productRole is derived server-side from generated backend roles first, then staff type, then the default teacher role.

Constants

Role names and mappings live in backend/src/constants/roles.js.

Do not duplicate generated-role to product-role mapping in frontend code.

Security Rules

  • JWT validation remains handled by Passport.
  • The target browser auth transport is a backend-owned HttpOnly cookie.
  • Auth tokens must not be returned to the product frontend in response bodies or redirect URLs.
  • Missing or invalid current users return the centralized forbidden error.
  • The response is formatted by AuthService.currentUserProfile.
  • Secrets are read from backend/.env or process environment only.
  • backend/.env is ignored by git; repository access should still be treated carefully because local deployment values can exist in the working copy.

Known Gaps

  • Product roles still need a persistent backend migration or a documented server-owned mapping decision.
  • Staff profile creation and update flows are not complete.
  • Tenant and campus isolation tests still need to be added.