db(couchdb): auto-provision databases on startup for production strategy; add TokenService with CouchDB-backed token storage and localStorage fallback; switch OAuth to unified config for client IDs and redirect URI; express Request typing for req.user; align exportAsEnvVars with show-config expectations; remove Vite importmap from index.html; prefer babel-jest over ts-jest; remove duplicate uuid mocking from Jest config

2025-09-09 12:30:38 -07:00
parent 062e0973c1
commit 15170a4f43
17 changed files with 1097 additions and 67 deletions
--- a/README.md
+++ b/README.md
@@ -200,6 +200,22 @@ VITE_GOOGLE_CLIENT_ID=your-google-client-id
 VITE_GITHUB_CLIENT_ID=your-github-client-id
 ```

+### **OAuth Redirects & Token Persistence**
+
+- OAuth Redirect URI
+  - The redirect URI is derived from the unified configuration’s `APP_BASE_URL`:
+    - Redirect URI = `${APP_BASE_URL}/auth/callback`
+  - Defaults:
+    - Development: `APP_BASE_URL=http://localhost:5173` → `http://localhost:5173/auth/callback`
+    - Test: `APP_BASE_URL=http://localhost:3000` → `http://localhost:3000/auth/callback`
+    - Production: respects your configured base URL (e.g., `https://rxminder.com/auth/callback`)
+  - To change the redirect URI, set `APP_BASE_URL` accordingly.
+
+- Token Persistence (Email Verification & Password Reset)
+  - Production (CouchDB configured): tokens are stored server-side in CouchDB (`auth_tokens` database) for secure, multi-device flows.
+  - Development/Test or when CouchDB isn’t configured: tokens fall back to `localStorage` for demo purposes.
+  - This hybrid approach enables secure flows in production while keeping local development simple.
+
 ### **Database Strategy**

 The application automatically selects the appropriate database strategy: