Kingsmai/dticket.tootaio.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8541c4a2d1836c615e33b9b3ca8eef34b35f976c
dticket.tootaio.com/README.md
xiaomai 377a9617be feat: implement auth system, passkeys, and user management 
Add PostgreSQL and Redis integration for users and sessions
Implement password and WebAuthn passkey login flows
Add Docker stack, super-admin seeding, and protected routes
2026-04-12 20:16:43 +08:00

122 lines
2.7 KiB
Markdown
Raw Blame History

# Dinner Ticket System
Nuxt 4 app with:
- Public dinner ticket booking page
- Staff login with password and passkey support
- PostgreSQL-backed users and passkeys
- Redis-backed sessions and WebAuthn challenge storage
- Seeded `xiaomai` super-admin account
- Super-admin user creation and password reset flow
- First-login enforcement: temporary password change plus passkey enrollment
## Environment
Create `.env` from `.env.example` and set:
```bash
NUXT_DATABASE_URL=postgresql://postgres:postgres@127.0.0.1:5432/dinner_ticket_system
NUXT_REDIS_URL=redis://127.0.0.1:6379
NUXT_PUBLIC_APP_URL=http://localhost:20013
```
`NUXT_PUBLIC_APP_URL` should be your final HTTPS origin in production. Passkeys rely on the RP origin being stable and correct.
## Setup
Install dependencies:
```bash
pnpm install
```
## Development
Start the app:
```bash
pnpm dev
```
The backend bootstraps its schema automatically on startup and seeds this initial super-admin account if it does not already exist:
- Username: `xiaomai`
- Temporary password: `123456`
On first login, the user is forced to change that temporary password and register a passkey before accessing the protected area.
## Production
Build:
```bash
pnpm build
```
Preview the built server:
```bash
node .output/server/index.mjs
```
## Docker
The repo now includes a production-ready container stack:
- [Dockerfile](/mnt/d/SourceCode/tootaio/dinner-ticket-system/Dockerfile)
- [docker-compose.yml](/mnt/d/SourceCode/tootaio/dinner-ticket-system/docker-compose.yml)
- [.dockerignore](/mnt/d/SourceCode/tootaio/dinner-ticket-system/.dockerignore)
Bring up the full environment:
```bash
docker compose up --build
```
This starts:
- Nuxt/Nitro app on `http://localhost:20013`
- PostgreSQL only on the internal Docker network
- Redis only on the internal Docker network
The app container waits on PostgreSQL and Redis health checks, and exposes:
- `GET /api/health` for container/runtime health
Stop the stack:
```bash
docker compose down
```
Stop and remove persisted database/cache volumes:
```bash
docker compose down -v
```
For passkey testing in Docker, set `NUXT_PUBLIC_APP_URL` to the exact origin you open in the browser. In production, this should be your final HTTPS URL.
## Protected Areas
- `/login`
- `/security`
- `/management/users`
## User Flows
- Password login with Redis-backed session cookie
- Passkey login using WebAuthn discoverable credentials
- Super admin creates users with default password `123456`
- Users must change password and set a passkey after first login
- Users can change their own password from Security
- Super admin can reset a user's password back to `123456`
## Verification
The codebase currently verifies cleanly with:
```bash
pnpm build
```
Reference in New Issue View Git Blame Copy Permalink