ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
0e3be8bdf4
TenantAtlas/specs/064-auth-structure/quickstart.md
Ahmed Darrazi 0e3be8bdf4 feat: implement auth structure system panel
2026-01-27 22:44:54 +01:00

2.5 KiB
Raw Blame History

Quickstart: Auth Structure

This guide provides the essential steps for a developer to set up and test the 064-auth-structure feature locally.

Prerequisites

  • Ensure you are on the 064-auth-structure feature branch.
  • A working local development environment (Laravel Sail is preferred).
  • Entra ID application credentials must be configured in your .env file to test the /admin panel.

1. Apply Database Changes

Run the new migration to create the platform_users table and seed it with an initial administrator account.

# Using Laravel Sail
./vendor/bin/sail artisan migrate
./vendor/bin/sail artisan db:seed --class=PlatformUserSeeder

The default seeded platform user will be:

  • Email: operator@tenantpilot.io
  • Password: password

2. Configure Environment Variables

Add the following variables to your local .env file to control the new features.

# .env

# Enables the "break-glass" feature in the System Panel.
# Default: false
BREAK_GLASS_ENABLED=true

# Sets the duration (in minutes) for a break-glass session before it auto-expires.
# Default: 60
BREAK_GLASS_TTL_MINUTES=60

3. Verification Steps

Follow these steps to confirm the feature is working correctly.

a. Test System Panel Access

  1. Navigate to http://localhost/system/login.
  2. Log in using the seeded platform operator credentials:
    • Email: operator@tenantpilot.io
    • Password: password
  3. You should be successfully redirected to the System Panel dashboard.
  4. If BREAK_GLASS_ENABLED is true, find and activate the "Enter break-glass mode" feature. A persistent banner should appear at the top of the page.

b. Test Admin Panel Access

  1. Navigate to http://localhost/admin/login.
  2. Log in using a valid Microsoft Entra ID test user associated with a tenant.
  3. You should be successfully redirected to that tenant's dashboard.

c. Test Isolation (Cross-Scope Access)

  1. While logged into the System Panel (/system), attempt to navigate directly to a tenant-scoped admin URL (e.g., http://localhost/admin/t/1/dashboard).

    • Expected Result: You should receive a 404 Not Found error page.

  2. While logged into the Admin Panel (/admin), attempt to navigate directly to a system panel URL (e.g., http://localhost/system/dashboard).

    • Expected Result: You should receive a 404 Not Found error page.

If all the above steps are successful, the local setup is complete and correct.