Phase 1 scaffold: auth for all apps
- Backend: Fastify with two listeners (public + internal), routes, services, DB migration + seed - client_app: Flutter with BLoC, all auth screens (welcome, display name, register, OTP, force-register) - mitra_app: Flutter with BLoC, OTP-only login - control_center: React + Vite, email/password login, mitra/user management, anonymity settings - Docs: phase1 plan, API contract, client app mockup - CLAUDE.md and shared memory for all subprojects Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
27
control_center/CLAUDE.md
Normal file
27
control_center/CLAUDE.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Halo Bestie — Control Center
|
||||
|
||||
React + Vite SPA for internal platform management. **Internal use only.**
|
||||
|
||||
> See root `CLAUDE.md` for full project context and architectural decisions.
|
||||
|
||||
## Stack
|
||||
|
||||
- **Framework:** React + Vite
|
||||
- **Auth:** Firebase Auth (admin role required)
|
||||
- **API:** Calls internal Fastify listener only (`/internal/` routes on port 3001)
|
||||
- **Access:** Internal network / VPN only — never exposed to public internet
|
||||
|
||||
## Security
|
||||
|
||||
- This app and its backend routes must NEVER be accessible from the public internet
|
||||
- Protected at network level: Nginx `allow 10.0.0.0/8; deny all;`
|
||||
- Additional role check on every API call (`role: admin`)
|
||||
- Do not add any public-facing routes or features here
|
||||
|
||||
## Key Responsibilities
|
||||
|
||||
- Manage and approve mitra accounts
|
||||
- Configure platform settings
|
||||
- Monitor sessions and payments
|
||||
- Manage communication between mitra and client (escalation, disputes)
|
||||
- Manage trial period configuration
|
||||
Reference in New Issue
Block a user