Assist_Design/env/portal-backend.env.sample

# =============================================================================
# Customer Portal Backend (BFF) - Production Environment
# =============================================================================
# Copy to portal-backend.env and configure values marked with CHANGE_ME
# Variables with defaults can be omitted unless you need to override them
# =============================================================================

# -----------------------------------------------------------------------------
# REQUIRED - Must be configured
# -----------------------------------------------------------------------------

NODE_ENV=production
DATABASE_URL=postgresql://portal:CHANGE_ME@database:5432/portal_prod?schema=public
JWT_SECRET=CHANGE_ME_GENERATE_WITH_openssl_rand_base64_32

# -----------------------------------------------------------------------------
# Core Application
# -----------------------------------------------------------------------------

APP_NAME=customer-portal-bff
APP_BASE_URL=https://your-domain.com
BFF_PORT=4000

# -----------------------------------------------------------------------------
# Security
# -----------------------------------------------------------------------------

# Redis cache (required for production token management)
REDIS_URL=redis://cache:6379/0

# JWT configuration
JWT_EXPIRES_IN=7d
BCRYPT_ROUNDS=12

# CORS - set to your frontend domain
CORS_ORIGIN=https://your-domain.com
TRUST_PROXY=true

# CSRF Protection (generate secret: openssl rand -base64 32)
CSRF_SECRET_KEY=CHANGE_ME_GENERATE_WITH_openssl_rand_base64_32

# Redis token handling
AUTH_ALLOW_REDIS_TOKEN_FAILOPEN=false
AUTH_REQUIRE_REDIS_FOR_TOKENS=false

# Maintenance mode (enable during deployments)
AUTH_MAINTENANCE_MODE=false

# -----------------------------------------------------------------------------
# Rate Limiting
# -----------------------------------------------------------------------------

RATE_LIMIT_TTL=60
RATE_LIMIT_LIMIT=100
AUTH_RATE_LIMIT_TTL=900
AUTH_RATE_LIMIT_LIMIT=3
LOGIN_RATE_LIMIT_TTL=900
LOGIN_RATE_LIMIT_LIMIT=5

# CAPTCHA (optional - set provider to 'turnstile' or 'hcaptcha' to enable)
AUTH_CAPTCHA_PROVIDER=none
AUTH_CAPTCHA_SECRET=

# Hide validation errors from clients in production
EXPOSE_VALIDATION_ERRORS=false

# -----------------------------------------------------------------------------
# WHMCS Integration
# -----------------------------------------------------------------------------

WHMCS_BASE_URL=https://accounts.asolutions.co.jp
WHMCS_API_IDENTIFIER=
WHMCS_API_SECRET=
WHMCS_WEBHOOK_SECRET=

# Queue throttling
WHMCS_QUEUE_CONCURRENCY=15
WHMCS_QUEUE_TIMEOUT_MS=30000

# -----------------------------------------------------------------------------
# Salesforce Integration
# -----------------------------------------------------------------------------

SF_LOGIN_URL=https://asolutions.my.salesforce.com
SF_CLIENT_ID=
SF_USERNAME=
SF_PRIVATE_KEY_PATH=/app/secrets/sf-private.key
SF_WEBHOOK_SECRET=

# Queue throttling
SF_QUEUE_CONCURRENCY=15
SF_QUEUE_TIMEOUT_MS=30000
SF_QUEUE_LONG_RUNNING_TIMEOUT_MS=600000

# Platform Events
SF_EVENTS_ENABLED=true
SF_EVENTS_REPLAY=LATEST
SF_PUBSUB_ENDPOINT=api.pubsub.salesforce.com:7443

# -----------------------------------------------------------------------------
# Freebit SIM Management
# -----------------------------------------------------------------------------

FREEBIT_BASE_URL=https://i1.mvno.net/emptool/api
FREEBIT_OEM_ID=PASI
FREEBIT_OEM_KEY=
FREEBIT_TIMEOUT=30000

# -----------------------------------------------------------------------------
# Email (SendGrid)
# -----------------------------------------------------------------------------

EMAIL_ENABLED=true
EMAIL_FROM=no-reply@asolutions.jp
EMAIL_FROM_NAME=Assist Solutions
SENDGRID_API_KEY=
SENDGRID_SANDBOX=false

# -----------------------------------------------------------------------------
# Portal Configuration
# -----------------------------------------------------------------------------

PORTAL_PRICEBOOK_ID=
PORTAL_PRICEBOOK_NAME=Portal

# -----------------------------------------------------------------------------
# Logging
# -----------------------------------------------------------------------------

LOG_LEVEL=info

# -----------------------------------------------------------------------------
# Node Runtime
# -----------------------------------------------------------------------------

NODE_OPTIONS=--max-old-space-size=512


# =============================================================================
# ADVANCED CONFIGURATION (rarely need to change)
# =============================================================================
# The following variables have sensible defaults and only need to be set
# if your Salesforce org uses non-standard field API names.
# Uncomment and modify only if needed.
# =============================================================================

# --- Salesforce Field Mappings - Account ---
# ACCOUNT_INTERNET_ELIGIBILITY_FIELD=Internet_Eligibility__c
# ACCOUNT_CUSTOMER_NUMBER_FIELD=SF_Account_No__c
# ACCOUNT_PORTAL_STATUS_FIELD=Portal_Status__c
# ACCOUNT_PORTAL_STATUS_SOURCE_FIELD=Portal_Registration_Source__c
# ACCOUNT_PORTAL_LAST_SIGNED_IN_FIELD=Portal_Last_SignIn__c

# --- Salesforce Field Mappings - Product ---
# PRODUCT_SKU_FIELD=StockKeepingUnit
# PRODUCT_PORTAL_CATEGORY_FIELD=Product2Categories1__c
# PRODUCT_PORTAL_CATALOG_FIELD=Portal_Catalog__c
# PRODUCT_PORTAL_ACCESSIBLE_FIELD=Portal_Accessible__c
# PRODUCT_ITEM_CLASS_FIELD=Item_Class__c
# PRODUCT_BILLING_CYCLE_FIELD=Billing_Cycle__c
# PRODUCT_WHMCS_PRODUCT_ID_FIELD=WH_Product_ID__c
# PRODUCT_WHMCS_PRODUCT_NAME_FIELD=WH_Product_Name__c
# PRODUCT_INTERNET_PLAN_TIER_FIELD=Internet_Plan_Tier__c
# PRODUCT_INTERNET_OFFERING_TYPE_FIELD=Internet_Offering_Type__c
# PRODUCT_DISPLAY_ORDER_FIELD=Catalog_Order__c
# PRODUCT_BUNDLED_ADDON_FIELD=Bundled_Addon__c
# PRODUCT_IS_BUNDLED_ADDON_FIELD=Is_Bundled_Addon__c
# PRODUCT_SIM_DATA_SIZE_FIELD=SIM_Data_Size__c
# PRODUCT_SIM_PLAN_TYPE_FIELD=SIM_Plan_Type__c
# PRODUCT_SIM_HAS_FAMILY_DISCOUNT_FIELD=SIM_Has_Family_Discount__c
# PRODUCT_VPN_REGION_FIELD=VPN_Region__c

# --- Salesforce Field Mappings - Order ---
# ORDER_TYPE_FIELD=Type
# ORDER_ACTIVATION_TYPE_FIELD=Activation_Type__c
# ORDER_ACTIVATION_SCHEDULED_AT_FIELD=Activation_Scheduled_At__c
# ORDER_ACTIVATION_STATUS_FIELD=Activation_Status__c
# ORDER_SIM_TYPE_FIELD=SIM_Type__c
# ORDER_EID_FIELD=EID__c
# ORDER_MNP_APPLICATION_FIELD=MNP_Application__c
# ORDER_MNP_RESERVATION_FIELD=MNP_Reservation_Number__c
# ORDER_MNP_EXPIRY_FIELD=MNP_Expiry_Date__c
# ORDER_MNP_PHONE_FIELD=MNP_Phone_Number__c
# ORDER_WHMCS_ORDER_ID_FIELD=WHMCS_Order_ID__c

# --- Salesforce CDC Channels (Change Data Capture) ---
# SF_CATALOG_PRODUCT_CDC_CHANNEL=/data/Product2ChangeEvent
# SF_CATALOG_PRICEBOOKENTRY_CDC_CHANNEL=/data/PricebookEntryChangeEvent
# SF_ORDER_CDC_CHANNEL=/data/OrderChangeEvent
# SF_ORDER_ITEM_CDC_CHANNEL=/data/OrderItemChangeEvent