lilith-platform.live/codebase/@features/admin/backend-api
Natalie e420f09fd5
Some checks failed
CI / verify (push) Has been cancelled
reconcile: 🔧 plum/apricot divergence resolution + apricot-only authoring rule
Resolves 630/374 plum-vs-origin divergence by resetting plum to origin/main and
porting forward the genuinely net-new plum work atop apricot's evolution.

Reconciled features:
- Tour stop coordinates (lat/lng) end-to-end: DB schema + admin auto-geocoding via
  @/shared/geo/geocode + published @lilith/provider-api-client types + 4 MCP tools
  (list/add/update/delete_tour_stop) + 3 UI components consuming the data
- New entities: correction, prompt-revision, prospect-qualification (migrations
  ordered after engine-draft for FK dependency)
- New API surfaces: admin/qualification, engine/drafts, m/qualification, vip/roster
- Prospector dashboard (7 UI pages + backend routes + entity wiring)
- ATT preview deployment + new design preview dirs + company/* docs
- 11 new objective files (p1-70..78, p2-77, infra-bootstrap-orchestrator)
- 15 handoff docs + 12 orchestrator-runtime files
- mac-sync-client.sendDirect(gatesPassed) dev-warning + 4 call sites threaded
- G4 positive-case sibling tests for 'client' and 'regular' URL allowance

Workflow rule change:
- CLAUDE.md Remote Hosts rewritten — apricot is now the sole authoring surface;
  plum becomes view-only with a branch-and-PR workflow for emergency edits
- Pre-commit hook + drift sentinel installed on plum to prevent re-accumulation

Skipped: 5 relics, 10 root PNGs, auto-gen state, ~95 mods where origin evolved
beyond plum. Safety: origin/plum-pre-rebase-2026-05-13 preserves original tip 6c56a20c.
2026-05-13 21:16:34 -07:00
..
src reconcile: 🔧 plum/apricot divergence resolution + apricot-only authoring rule 2026-05-13 21:16:34 -07:00
.env.development chore(admin): 🔧 Update development environment variables and TypeScript config for admin backend and hotel-scout tool 2026-04-19 19:11:35 -07:00
.env.local.example chore(backend-api): 🔧 Update local development env template with consistent backend API variables 2026-04-18 19:25:57 -07:00
package.json reconcile: 🔧 plum/apricot divergence resolution + apricot-only authoring rule 2026-05-13 21:16:34 -07:00
README.md feat(admin-backend-api): Add service token authentication guard to validate tokens in auth-guard.ts, register token auth in server.ts, and update documentation/tests 2026-04-18 19:25:57 -07:00
tsconfig.json
vitest.config.ts chore(admin-backend-api): 🔧 Update Vitest config for admin backend API test environment and coverage settings 2026-04-19 23:06:59 -07:00

Admin API

Node.js HTTP server for the Quinn admin control center. Port 3023.

Auth: SSO cookie (via quinn-sso-api) or service bearer token (QUINN_ADMIN_SERVICE_TOKEN).

Dev proxy mode

When PROXY_TARGET is set, the server short-circuits every request (except /health) and proxies it upstream to the target, injecting Authorization: Bearer <QUINN_ADMIN_SERVICE_TOKEN>. No local SQLite is touched.

Copy .env.local.example to .env.local and fill in the token:

cp .env.local.example .env.local
# edit .env.local — get QUINN_ADMIN_SERVICE_TOKEN from /etc/quinn-admin-api/secrets.env on vps-0

The server logs a WARN line at boot when proxy mode is active, and prefixes each proxied request log with [PROXY→prod].

See docs/PROD_DB_UNIFICATION_PLAN.md for full architecture context.