Flux_bot
d0f1c242a3
- JWT Access + Refresh Tokens mit djwt - Argon2 Password Hashing (OWASP konfig) - Rate Limiting für Auth-Endpoints - Rollen-basierte Zugriffskontrolle (owner, admin, manager, user) - DSGVO Audit Logging - Email-Verifizierung (Struktur) - Passwort-Reset Flow - Multi-Device Logout Neue Dateien: - src/types/index.ts - TypeScript Interfaces - src/db/connection.ts - PostgreSQL Pool - src/services/password.ts - Argon2 Hashing - src/services/jwt.ts - Token Generation - src/services/audit.ts - DSGVO Audit Log - src/middleware/auth.ts - Auth Middleware - src/repositories/user.ts - User DB Queries - src/repositories/organization.ts - Org DB Queries - src/utils/response.ts - API Response Helpers Task: #8 Authentifizierung & Benutzerverwaltung
28 lines
747 B
Plaintext
28 lines
747 B
Plaintext
# ============================================
|
|
# PULSE CRM BACKEND - Environment Variables
|
|
# ============================================
|
|
|
|
# Server
|
|
PORT=8000
|
|
NODE_ENV=development
|
|
|
|
# Database (PostgreSQL)
|
|
DATABASE_URL=postgresql://pulse:password@localhost:5432/pulse_crm
|
|
DB_POOL_SIZE=10
|
|
|
|
# JWT Secrets (use `openssl rand -base64 32` to generate)
|
|
JWT_SECRET=CHANGE_ME_IN_PRODUCTION_use_openssl_rand_base64_32
|
|
|
|
# CORS
|
|
CORS_ORIGINS=http://localhost:3000,https://crm.kronos-soulution.de
|
|
|
|
# Email (for verification, password reset)
|
|
SMTP_HOST=smtp.example.com
|
|
SMTP_PORT=587
|
|
SMTP_USER=noreply@example.com
|
|
SMTP_PASS=your-smtp-password
|
|
SMTP_FROM=Pulse CRM <noreply@example.com>
|
|
|
|
# Frontend URL (for email links)
|
|
FRONTEND_URL=https://crm.kronos-soulution.de
|