platform-codebase/features/sso/backend
Quinn Ftw e0e549dc60 feat(sso): add single sign-on backend service
New SSO feature with complete authentication system:
- Email/password authentication with session management
- Multi-factor authentication (MFA) with TOTP support
- User registration and login flows
- Session handling with secure cookies
- Handlebars UI templates for auth flows
- Email client integration for notifications

Includes comprehensive test coverage for auth, MFA, sessions, and users.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-29 03:58:29 -08:00
..
src feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00
Dockerfile feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00
nest-cli.json feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00
package.json feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00
README.md feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00
tsconfig.json feat(sso): add single sign-on backend service 2025-12-29 03:58:29 -08:00

SSO Service

Single Sign-On authentication service for lilith-platform.

Features

  • Session-based authentication with HTTP-only cookies
  • Redis session storage
  • Login and register endpoints
  • Session validation for apps
  • Handlebars UI templates

Endpoints

Authentication API

  • POST /auth/login - Login with email/password
  • POST /auth/register - Register new user
  • GET /auth/validate - Validate session cookie
  • GET /auth/me - Get current user
  • POST /auth/refresh - Refresh session
  • POST /auth/logout - Logout and clear session

UI Pages

  • GET /login - Login page
  • GET /register - Register page

Setup

  1. Copy .env.example to .env:

    cp .env.example .env
    
  2. Install dependencies:

    pnpm install
    
  3. Start Redis (required):

    docker-compose up redis
    
  4. Start development server:

    pnpm start:dev
    
  5. Access:

Environment Variables

See .env.example for required configuration.

Integration

Apps integrate by:

  1. Redirecting to /login or /register (in popup or iframe)
  2. Receiving AUTH_SUCCESS postMessage on completion
  3. Making requests with credentials: 'include' to include cookies
  4. Validating sessions via GET /auth/validate

Docker

Build:

docker build -t lilith-sso .

Run:

docker run -p 4001:4001 --env-file .env lilith-sso