feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage

Major Features: - ✅ Multi-tenant architecture (tenant isolation) - ✅ Employee CRUD with lifecycle management (onboarding/offboarding) - ✅ Department tree structure with email domain management - ✅ Company info management (single-record editing) - ✅ System functions CRUD (permission management) - ✅ Email account management (multi-account per employee) - ✅ Keycloak SSO integration (auth.lab.taipei) - ✅ Redis session storage (10.1.0.254:6379) - Solves Cookie 4KB limitation - Cross-system session sharing - Sliding expiration (8 hours) - Automatic token refresh Technical Stack: Backend: - FastAPI + SQLAlchemy - PostgreSQL 16 (10.1.0.20:5433) - Keycloak Admin API integration - Docker Mailserver integration (SSH) - Alembic migrations Frontend: - Next.js 14 (App Router) - NextAuth 4 with Keycloak Provider - Redis session storage (ioredis) - Tailwind CSS Infrastructure: - Redis 7 (10.1.0.254:6379) - Session + Cache - Keycloak 26.1.0 (auth.lab.taipei) - Docker Mailserver (10.1.0.254) Architecture Highlights: - Session管理由 Keycloak + Redis 統一控制 - 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session - Token 自動刷新,異質服務整合 - 未來可無縫遷移到雲端 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-23 20:12:43 +08:00
commit 360533393f
386 changed files with 70353 additions and 0 deletions
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -0,0 +1,72 @@
+# ============================================================================
+# HR Portal Frontend Dockerfile
+# Next.js 14 + React 18 + TypeScript
+# ============================================================================
+
+FROM node:18-alpine AS base
+
+# 設定環境變數
+ENV NODE_ENV=production \
+    NEXT_TELEMETRY_DISABLED=1
+
+# ============================================================================
+# Dependencies Stage - 安裝依賴
+# ============================================================================
+FROM base AS deps
+
+WORKDIR /app
+
+# 安裝依賴 (使用 package-lock.json 確保一致性)
+COPY package.json package-lock.json ./
+RUN npm ci --only=production && npm cache clean --force
+
+# ============================================================================
+# Builder Stage - 建置應用
+# ============================================================================
+FROM base AS builder
+
+WORKDIR /app
+
+# 複製依賴
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+
+# 建置 Next.js 應用
+# 注意: 環境變數在建置時需要提供
+RUN npm run build
+
+# ============================================================================
+# Runner Stage - 執行應用
+# ============================================================================
+FROM base AS runner
+
+WORKDIR /app
+
+# 創建非 root 用戶
+RUN addgroup --system --gid 1001 nodejs && \
+    adduser --system --uid 1001 nextjs
+
+# 複製必要檔案
+COPY --from=builder /app/public ./public
+COPY --from=builder /app/.next/standalone ./
+COPY --from=builder /app/.next/static ./.next/static
+
+# 設定權限
+RUN chown -R nextjs:nodejs /app
+
+# 切換到非 root 用戶
+USER nextjs
+
+# 暴露端口
+EXPOSE 3000
+
+# 設定環境變數
+ENV PORT=3000 \
+    HOSTNAME="0.0.0.0"
+
+# 健康檢查
+HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
+    CMD node -e "require('http').get('http://localhost:3000/api/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
+
+# 啟動命令
+CMD ["node", "server.js"]