# Portal Backend

The Container Mom portal backend is an Express.js application that handles API requests and interfaces with MongoDB and Auth0.

## Key Features

- RESTful API for deployment management
- Auth0 integration for authentication
- Role-based access control
- MongoDB integration for data persistence
- User role verification

## Architecture

### Routes

- **/api/deployments**: CRUD operations for deployments
- **/api/auth**: Authentication and role management
- **/callback**: Auth0 callback handling

### Authentication

Uses express-openid-connect for Auth0 integration:

```javascript
const auth0Config = {
  authRequired: false,
  auth0Logout: true,
  baseURL: config.server.url,
  clientID: config.auth0.clientId,
  issuerBaseURL: `https://${config.auth0.domain}`,
  secret: config.auth0.secret
};
```

### Database

MongoDB is used for data persistence with Mongoose for schema management:

```javascript
mongoose.connect(config.mongodb.uri, {
  useNewUrlParser: true,
  useUnifiedTopology: true,
  serverSelectionTimeoutMS: 5000,
  socketTimeoutMS: 45000
});
```

## API Endpoints

### Deployments

- `GET /api/deployments`: List deployments
- `POST /api/deployments`: Create deployment
- `PUT /api/deployments/:id`: Update deployment
- `DELETE /api/deployments/:id`: Delete deployment

### Authentication

- `GET /api/auth/login`: Initiate login
- `GET /api/auth/logout`: Logout
- `GET /api/auth/user`: Get user info
- `GET /api/auth/roles`: Get user roles

## Role-Based Access Control

Admin roles are verified through Auth0 Management API:

```javascript
router.get('/roles', async (req, res) => {
  // Fetch roles from Auth0 Management API
  const response = await axios({
    url: `https://${process.env.AUTH0_DOMAIN}/api/v2/users/${userId}/roles`,
    headers: {
      'Authorization': `Bearer ${process.env.AUTH0_MANAGEMENT_API_TOKEN}`
    }
  });
});
```

## Environment Configuration

Required environment variables:
```env
PORT=3001
FRONTEND_URL=http://localhost:3000
AUTH0_DOMAIN=your-domain.auth0.com
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-secret
AUTH0_AUDIENCE=https://container-mom.com/api
AUTH0_MANAGEMENT_API_TOKEN=your-token
AUTH0_SECRET=your-session-secret
MONGODB_URI=your-mongodb-uri
```