lilith-platform.live/codebase/@features/admin/backend-api
2026-04-19 20:01:47 -07:00
..
src feat(admin-backend-api): Add API routes for cult management, data export, hero strip management, mail threads, photo protection, restore functionality, roster content, shop management, system status, and touring support, plus server config updates 2026-04-19 20:01:47 -07:00
.env.development chore(admin): 🔧 Update development environment variables and TypeScript config for admin backend and hotel-scout tool 2026-04-19 19:11:35 -07:00
.env.local.example chore(backend-api): 🔧 Update local development env template with consistent backend API variables 2026-04-18 19:25:57 -07:00
package.json deps-upgrade(backend-api): ⬆️ Update dependencies in admin and user feature modules for backend API compatibility, security, and performance improvements 2026-04-19 18:39:51 -07:00
README.md feat(admin-backend-api): Add service token authentication guard to validate tokens in auth-guard.ts, register token auth in server.ts, and update documentation/tests 2026-04-18 19:25:57 -07:00
tsconfig.json
vitest.config.ts

Admin API

Node.js HTTP server for the Quinn admin control center. Port 3023.

Auth: SSO cookie (via quinn-sso-api) or service bearer token (QUINN_ADMIN_SERVICE_TOKEN).

Dev proxy mode

When PROXY_TARGET is set, the server short-circuits every request (except /health) and proxies it upstream to the target, injecting Authorization: Bearer <QUINN_ADMIN_SERVICE_TOKEN>. No local SQLite is touched.

Copy .env.local.example to .env.local and fill in the token:

cp .env.local.example .env.local
# edit .env.local — get QUINN_ADMIN_SERVICE_TOKEN from /etc/quinn-admin-api/secrets.env on vps-0

The server logs a WARN line at boot when proxy mode is active, and prefixes each proxied request log with [PROXY→prod].

See docs/PROD_DB_UNIFICATION_PLAN.md for full architecture context.