xiaomai
06165f80db
Remove passkey requirement from user onboarding flow Update UI badges to show passkeys as optional rather than pending Update documentation to reflect the new behavior
4.0 KiB
Dinner Ticket System
Nuxt 4 app with:
- Public dinner ticket booking page
- Staff login with password and passkey support
- PostgreSQL-backed users and passkeys
- Redis-backed sessions and WebAuthn challenge storage
- Seeded
xiaomaisuper-admin account - Super-admin user creation and password reset flow
- First-login enforcement: temporary password change
Environment
Create .env from .env.example and set:
NUXT_DATABASE_URL=postgresql://postgres:postgres@127.0.0.1:5432/dinner_ticket_system
NUXT_REDIS_URL=redis://127.0.0.1:6379
NUXT_WHATSAPP_ACCESS_TOKEN=
NUXT_WHATSAPP_PHONE_NUMBER_ID=
NUXT_WHATSAPP_API_VERSION=v23.0
NUXT_PUBLIC_APP_URL=http://localhost:20013
NUXT_PUBLIC_APP_URL should be your final HTTPS origin in production. Passkeys rely on the RP origin being stable and correct.
Set the WhatsApp variables to enable automatic ticket receipt delivery after PIC confirmation. Without them, confirmation still succeeds and the UI reports that WhatsApp delivery was skipped.
Setup
Install dependencies:
pnpm install
Development
Start the app:
pnpm dev
The backend bootstraps its schema automatically on startup and seeds this initial super-admin account if it does not already exist:
- Username:
xiaomai - Temporary password:
123456
On first login, the user is forced to change that temporary password before accessing the protected area. Passkey enrollment is available from Security, but optional.
Production
Build:
pnpm build
Preview the built server:
node .output/server/index.mjs
Docker
The repo now includes a production-ready container stack:
Bring up the full environment:
docker compose up --build
This starts:
- Nuxt/Nitro app on
http://localhost:20013 - PostgreSQL only on the internal Docker network
- Redis only on the internal Docker network
The app container waits on PostgreSQL and Redis health checks, and exposes:
GET /api/healthfor container/runtime health
Stop the stack:
docker compose down
Stop and remove persisted database/cache volumes:
docker compose down -v
For passkey testing in Docker, set NUXT_PUBLIC_APP_URL to the exact origin you open in the browser. In production, this should be your final HTTPS URL.
Docker Development With Hot Reload
Use the dev override when you want live reload instead of rebuilding the image after every code change:
docker compose -f docker-compose.yml -f docker-compose.dev.yml up --build
This keeps PostgreSQL and Redis in Docker, but runs the app container in Nuxt dev mode with:
- the project directory bind-mounted into
/app - a persistent
/app/node_modulesvolume so dependencies stay inside Docker - an automatic
pnpm install --frozen-lockfileduring app container startup - polling-based file watching for reliable reloads on mounted filesystems
After the first start, code changes on the host should reload automatically without rebuilding the image.
When you change dependencies, restart the app container so it reruns pnpm install against the current lockfile:
docker compose -f docker-compose.yml -f docker-compose.dev.yml restart app
Protected Areas
/login/security/management/users
User Flows
- Password login with Redis-backed session cookie
- Passkey login using WebAuthn discoverable credentials
- Super admin creates users with default password
123456 - Users must change password after first login
- Users can optionally register a passkey from Security
- Users can change their own password from Security
- Super admin can reset a user's password back to
123456
Verification
The codebase currently verifies cleanly with:
pnpm build