porsche/hr-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
360533393f6c449a50cbf9ce59712d5867cfce42
hr-portal/backend/.env.example
Porsche Chen 360533393f feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage 
Major Features:
-  Multi-tenant architecture (tenant isolation)
-  Employee CRUD with lifecycle management (onboarding/offboarding)
-  Department tree structure with email domain management
-  Company info management (single-record editing)
-  System functions CRUD (permission management)
-  Email account management (multi-account per employee)
-  Keycloak SSO integration (auth.lab.taipei)
-  Redis session storage (10.1.0.254:6379)
  - Solves Cookie 4KB limitation
  - Cross-system session sharing
  - Sliding expiration (8 hours)
  - Automatic token refresh

Technical Stack:
Backend:
- FastAPI + SQLAlchemy
- PostgreSQL 16 (10.1.0.20:5433)
- Keycloak Admin API integration
- Docker Mailserver integration (SSH)
- Alembic migrations

Frontend:
- Next.js 14 (App Router)
- NextAuth 4 with Keycloak Provider
- Redis session storage (ioredis)
- Tailwind CSS

Infrastructure:
- Redis 7 (10.1.0.254:6379) - Session + Cache
- Keycloak 26.1.0 (auth.lab.taipei)
- Docker Mailserver (10.1.0.254)

Architecture Highlights:
- Session管理由 Keycloak + Redis 統一控制
- 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session
- Token 自動刷新,異質服務整合
- 未來可無縫遷移到雲端

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-23 20:12:43 +08:00

67 lines
1.7 KiB
Plaintext
Raw Blame History

# ============================================================================
# HR Portal Backend 環境變數配置
# 複製此文件為 .env 並填入實際值
# ============================================================================
# 基本資訊
PROJECT_NAME="HR Portal API"
VERSION="2.0.0"
ENVIRONMENT="development" # development, staging, production
HOST="0.0.0.0"
PORT=8000
# 資料庫配置
DATABASE_URL="postgresql://hr_admin:hr_dev_password_2026@localhost:5433/hr_portal"
DATABASE_ECHO=False
# CORS 配置 (多個來源用逗號分隔)
ALLOWED_ORIGINS="http://localhost:3000,http://10.1.0.245:3000,https://hr.ease.taipei"
# Keycloak 配置
KEYCLOAK_URL="https://auth.ease.taipei"
KEYCLOAK_REALM="porscheworld"
KEYCLOAK_CLIENT_ID="hr-backend"
KEYCLOAK_CLIENT_SECRET="your-client-secret-here"
KEYCLOAK_ADMIN_USERNAME="admin"
KEYCLOAK_ADMIN_PASSWORD="your-admin-password"
# JWT 配置
JWT_SECRET_KEY="your-secret-key-change-in-production"
JWT_ALGORITHM="HS256"
JWT_ACCESS_TOKEN_EXPIRE_MINUTES=30
# 郵件配置 (Docker Mailserver)
MAIL_SERVER="10.1.0.30"
MAIL_PORT=587
MAIL_USE_TLS=True
MAIL_ADMIN_USER="admin@porscheworld.tw"
MAIL_ADMIN_PASSWORD="your-mail-admin-password"
# NAS 配置 (Synology DS920+)
NAS_HOST="10.1.0.30"
NAS_PORT=5000
NAS_USERNAME="your-nas-username"
NAS_PASSWORD="your-nas-password"
NAS_WEBDAV_URL="https://nas.lab.taipei/webdav"
NAS_SMB_SHARE="Working"
# 日誌配置
LOG_LEVEL="INFO" # DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_FILE="logs/hr_portal.log"
# 分頁配置
DEFAULT_PAGE_SIZE=20
MAX_PAGE_SIZE=100
# 郵件配額 (MB)
EMAIL_QUOTA_JUNIOR=1000
EMAIL_QUOTA_MID=2000
EMAIL_QUOTA_SENIOR=5000
EMAIL_QUOTA_MANAGER=10000
# NAS 配額 (GB)
NAS_QUOTA_JUNIOR=50
NAS_QUOTA_MID=100
NAS_QUOTA_SENIOR=200
NAS_QUOTA_MANAGER=500
Reference in New Issue View Git Blame Copy Permalink