refactor: update environment configuration and documentation
- Modified `.env.example` to reflect new API URL structure and added CDN configuration for external storage. - Updated `.gitignore` to include deployment secrets and certificate files, ensuring sensitive information is not committed. - Revised `BACKEND_INTEGRATION.md` to clarify authentication methods, replacing Cognito references with Nostr NIP-98. - Deleted outdated documentation files (`CONTENT-INTEGRATION-COMPLETE.md`, `CURSOR-MCP-SETUP.md`, `FINAL-STATUS.md`, `FIXES-APPLIED.md`, `INDEEHHUB-INTEGRATION.md`, `PROJECT-COMPLETE.md`, `PROJECT-SUMMARY.md`) to streamline project documentation. These changes enhance the clarity of the environment setup and improve the overall documentation structure for better developer onboarding.
This commit is contained in:
Dorian
189
DEV_AUTH.md
189
DEV_AUTH.md
@@ -1,178 +1,33 @@
|
||||
# Development Mode Authentication
|
||||
|
||||
## The Issue
|
||||
When running in development mode (`npm run dev`), authentication attempts were failing with "Unable to connect to server" because the backend API wasn't running.
|
||||
When running `npm run dev` without a backend, the app uses **mock authentication** so you can test the full UI flow.
|
||||
|
||||
## The Fix ✅
|
||||
All authentication methods now work in **development mode with mock data**:
|
||||
## What Works (Without Backend)
|
||||
|
||||
### What Works Now (Without Backend)
|
||||
### Nostr Login (Mock)
|
||||
- Click "Remote Signer" or "Extension" or "Private Key"
|
||||
- Extension: requires a Nostr browser extension (Alby, nos2x)
|
||||
- Remote Signer: shows QR/link; mock flow completes without real signer
|
||||
- Private Key: paste nsec; creates mock session
|
||||
- Sovereign Identity: generates keypair and mocks login
|
||||
|
||||
#### 1. **Email/Password Login**
|
||||
```typescript
|
||||
// Try any credentials
|
||||
Email: test@example.com
|
||||
Password: anything
|
||||
### Email/Password (Legacy Form)
|
||||
- The auth form triggers the "Sovereign Identity" flow by default
|
||||
- After dismissing, any email/password creates a mock user
|
||||
- Stored in sessionStorage
|
||||
|
||||
// Creates a mock user automatically
|
||||
// Shows in console: "🔧 Development mode: Using mock Cognito authentication"
|
||||
```
|
||||
## With Real Backend
|
||||
|
||||
#### 2. **Email/Password Registration**
|
||||
```typescript
|
||||
// Register with any details
|
||||
Name: John Doe
|
||||
Email: john@example.com
|
||||
Password: password123
|
||||
1. Start backend: `cd backend && npm run start:dev` (or use `bash scripts/dev.sh`)
|
||||
2. Set `VITE_USE_MOCK_DATA=false` and `VITE_INDEEHUB_API_URL=/api` in `.env`
|
||||
3. Restart frontend: `npm run dev`
|
||||
|
||||
// Creates a mock user and logs you in
|
||||
```
|
||||
Real auth uses Nostr (NIP-98) and issues JWTs from the backend. No Cognito.
|
||||
|
||||
#### 3. **Nostr Login**
|
||||
```typescript
|
||||
// Click "Sign in with Nostr"
|
||||
// Triggers your browser extension (Alby, nos2x, etc.)
|
||||
// Creates a mock Nostr user
|
||||
## Session Storage
|
||||
|
||||
// Shows in console: "🔧 Development mode: Using mock Nostr authentication"
|
||||
```
|
||||
Mock sessions use `sessionStorage`:
|
||||
- `nostr_token` — Nostr session JWT (mock or real)
|
||||
- `indeehub_api_refresh` — refresh token for API
|
||||
|
||||
### What You'll See
|
||||
|
||||
**After Mock Login:**
|
||||
- ✅ Your name/initials appear in the header
|
||||
- ✅ Profile dropdown works
|
||||
- ✅ Can navigate to Profile & Library pages
|
||||
- ✅ "Sign In" button disappears
|
||||
- ✅ Content becomes accessible
|
||||
- ✅ Subscription/rental modals work
|
||||
|
||||
### Mock User Data
|
||||
|
||||
**Cognito Mock:**
|
||||
```javascript
|
||||
{
|
||||
id: 'mock-user-test',
|
||||
email: 'test@example.com',
|
||||
legalName: 'Test', // First part of email
|
||||
createdAt: '2026-02-12T...',
|
||||
updatedAt: '2026-02-12T...'
|
||||
}
|
||||
```
|
||||
|
||||
**Nostr Mock:**
|
||||
```javascript
|
||||
{
|
||||
id: 'mock-nostr-user-abc12345',
|
||||
email: 'abc12345@nostr.local',
|
||||
legalName: 'Nostr User',
|
||||
nostrPubkey: 'abc123...', // Your actual pubkey
|
||||
createdAt: '2026-02-12T...',
|
||||
updatedAt: '2026-02-12T...'
|
||||
}
|
||||
```
|
||||
|
||||
## Using Real Backend
|
||||
|
||||
When you're ready to test with the real backend:
|
||||
|
||||
### 1. Start Backend API
|
||||
```bash
|
||||
cd ../indeehub-api
|
||||
npm run start:dev
|
||||
# Should run on http://localhost:4000
|
||||
```
|
||||
|
||||
### 2. Configure Frontend
|
||||
```bash
|
||||
# Edit .env file
|
||||
VITE_USE_MOCK_DATA=false
|
||||
VITE_API_URL=http://localhost:4000
|
||||
```
|
||||
|
||||
### 3. Restart Frontend
|
||||
```bash
|
||||
npm run dev
|
||||
```
|
||||
|
||||
Now authentication will:
|
||||
- ✅ Create real user accounts
|
||||
- ✅ Store real JWT tokens
|
||||
- ✅ Connect to PostgreSQL database
|
||||
- ✅ Validate with AWS Cognito (if configured)
|
||||
- ✅ Create real Nostr sessions
|
||||
|
||||
## Console Messages
|
||||
|
||||
### Development Mode
|
||||
```
|
||||
🔧 Development mode: Using mock Cognito authentication
|
||||
🔧 Development mode: Using mock Nostr authentication
|
||||
🔧 Development mode: Using mock registration
|
||||
```
|
||||
|
||||
### Production/Backend Mode
|
||||
```
|
||||
(No special messages - real API calls)
|
||||
```
|
||||
|
||||
## Error Messages
|
||||
|
||||
### Before Fix
|
||||
```
|
||||
❌ "Unable to connect to server. Please check your internet connection."
|
||||
(Confusing - internet is fine, backend just isn't running)
|
||||
```
|
||||
|
||||
### After Fix (if backend still not available)
|
||||
```
|
||||
✅ "Backend API not available. To use real authentication, start the backend
|
||||
server and set VITE_USE_MOCK_DATA=false in .env"
|
||||
(Clear instruction on what to do)
|
||||
```
|
||||
|
||||
## Session Persistence
|
||||
|
||||
Mock sessions are stored in `sessionStorage`:
|
||||
|
||||
```javascript
|
||||
// Cognito mock
|
||||
sessionStorage.setItem('auth_token', 'mock-jwt-token-1234567890')
|
||||
sessionStorage.setItem('refresh_token', 'mock-refresh-token')
|
||||
|
||||
// Nostr mock
|
||||
sessionStorage.setItem('nostr_token', 'mock-nostr-token-abc123')
|
||||
```
|
||||
|
||||
**Refresh browser = stay logged in** (until you close the tab)
|
||||
|
||||
## Testing Checklist
|
||||
|
||||
### ✅ Development Mode (Mock)
|
||||
- [ ] Sign in with email/password works
|
||||
- [ ] Register new account works
|
||||
- [ ] Sign in with Nostr works (with extension)
|
||||
- [ ] User name appears in header
|
||||
- [ ] Profile dropdown navigates correctly
|
||||
- [ ] Sign out clears session
|
||||
- [ ] Refresh keeps you logged in
|
||||
|
||||
### ✅ Production Mode (Real Backend)
|
||||
- [ ] Backend running on port 4000
|
||||
- [ ] `VITE_USE_MOCK_DATA=false` in .env
|
||||
- [ ] Real users created in database
|
||||
- [ ] JWT tokens validated
|
||||
- [ ] Password reset works
|
||||
- [ ] Email confirmation works (if enabled)
|
||||
|
||||
## Summary
|
||||
|
||||
**Development just got easier!**
|
||||
|
||||
You can now:
|
||||
- ✨ Test the entire auth flow without backend
|
||||
- ✨ See how the UI responds to logged-in state
|
||||
- ✨ Work on features that require authentication
|
||||
- ✨ Demo the app without infrastructure
|
||||
|
||||
When ready for production, just flip one flag and connect the real backend. Everything is already wired up! 🚀
|
||||
Refresh keeps you logged in until the tab is closed.
|
||||
|
||||
Reference in New Issue
Block a user