helix-engage-server

helix-admin/helix-engage-server

Fork 0

mirror of https://dev.azure.com/globalhealthx/EMR/_git/helix-engage-server synced 2026-04-11 18:08:16 +00:00

Commit Graph

Author	SHA1	Message	Date
saridsa2	e6c8d950ea	feat: widget config via admin-editable data/widget.json Mirrors the existing theme config pattern so website widget settings can be edited from the admin portal instead of baked into frontend env vars. Fixes the current symptom where the staging widget is silently disabled because VITE_WIDGET_KEY is missing from .env.production. Backend (sidecar): - src/config/widget.defaults.ts — WidgetConfig type + defaults (enabled, key, siteId, url, allowedOrigins, hospitalName, embed.loginPage, version, updatedAt) - src/config/widget-config.service.ts — file-backed load / update / rotate-key / reset with backups, mirroring ThemeService. On module init: * first boot → auto-generates an HMAC-signed site key via WidgetKeysService, persists both to data/widget.json and to Redis * subsequent boots → re-registers the key in Redis if missing (handles Redis flushes so validateKey() keeps working without admin action) - src/config/widget-config.controller.ts — new endpoints under /api/config: GET /api/config/widget public subset {enabled, key, url, embed} GET /api/config/widget/admin full config for the settings UI PUT /api/config/widget admin update (partial merge) POST /api/config/widget/rotate-key revoke old siteId + mint a new key POST /api/config/widget/reset reset to defaults + regenerate - Move src/widget/widget-keys.service.ts → src/config/widget-keys.service.ts (it's a config-layer concern now, not widget-layer). config-theme.module becomes the owner, imports AuthModule for SessionService, and exports WidgetKeysService + WidgetConfigService alongside ThemeService. - widget.module stops providing WidgetKeysService (it imports ConfigThemeModule already, so the guard + controller still get it via DI). - .gitignore data/widget.json + data/widget-backups/ so each environment auto-generates its own instance-specific key instead of sharing one via git. TODO (flagged, out of scope for this pass): - Protect admin endpoints with an auth guard when settings UI ships. - Set WIDGET_SECRET env var in staging (currently falls back to the hardcoded default in widget-keys.service.ts). - Admin portal settings page for editing widget config (mirror branding-settings). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-06 17:33:25 +05:30
saridsa2	a3172140b0	chore: scaffold NestJS sidecar with config, CORS, and dependency setup	2026-03-17 09:02:15 +05:30

Author

SHA1

Message

Date

saridsa2

e6c8d950ea

feat: widget config via admin-editable data/widget.json

Mirrors the existing theme config pattern so website widget settings can be
edited from the admin portal instead of baked into frontend env vars. Fixes
the current symptom where the staging widget is silently disabled because
VITE_WIDGET_KEY is missing from .env.production.

Backend (sidecar):
- src/config/widget.defaults.ts — WidgetConfig type + defaults
  (enabled, key, siteId, url, allowedOrigins, hospitalName,
  embed.loginPage, version, updatedAt)
- src/config/widget-config.service.ts — file-backed load / update /
  rotate-key / reset with backups, mirroring ThemeService. On module init:
    * first boot → auto-generates an HMAC-signed site key via
      WidgetKeysService, persists both to data/widget.json and to Redis
    * subsequent boots → re-registers the key in Redis if missing (handles
      Redis flushes so validateKey() keeps working without admin action)
- src/config/widget-config.controller.ts — new endpoints under /api/config:
    GET  /api/config/widget            public subset {enabled, key, url, embed}
    GET  /api/config/widget/admin      full config for the settings UI
    PUT  /api/config/widget            admin update (partial merge)
    POST /api/config/widget/rotate-key revoke old siteId + mint a new key
    POST /api/config/widget/reset      reset to defaults + regenerate
- Move src/widget/widget-keys.service.ts → src/config/widget-keys.service.ts
  (it's a config-layer concern now, not widget-layer). config-theme.module
  becomes the owner, imports AuthModule for SessionService, and exports
  WidgetKeysService + WidgetConfigService alongside ThemeService.
- widget.module stops providing WidgetKeysService (it imports ConfigThemeModule
  already, so the guard + controller still get it via DI).
- .gitignore data/widget.json + data/widget-backups/ so each environment
  auto-generates its own instance-specific key instead of sharing one via git.

TODO (flagged, out of scope for this pass):
- Protect admin endpoints with an auth guard when settings UI ships.
- Set WIDGET_SECRET env var in staging (currently falls back to the
  hardcoded default in widget-keys.service.ts).
- Admin portal settings page for editing widget config (mirror branding-settings).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 17:33:25 +05:30

saridsa2

a3172140b0

chore: scaffold NestJS sidecar with config, CORS, and dependency setup

2026-03-17 09:02:15 +05:30

2 Commits