0xWheatyz
9c98b948d3
Protect all analysis endpoints with JWT authentication:
- Require valid access token for analysis operations
- Add CORS middleware for React frontend (localhost:3000, 5173)
Add auth endpoints:
- POST /auth/register - user registration (first user becomes admin)
- POST /auth/login - JWT token issuance
- POST /auth/refresh - token refresh
- GET /auth/me - current user info
Add admin endpoints:
- GET /admin/users - list all users
- PATCH /admin/users/{id}/role - update user role
- DELETE /admin/users/{id} - delete user
Add analytics endpoint:
- GET /analytics - usage statistics by company and type
Update .env.example with USE_CACHE and JWT_SECRET config
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
22 lines
706 B
Bash
22 lines
706 B
Bash
# SPARC Configuration
|
|
|
|
# SerpAPI key for patent search
|
|
API_KEY=your_serpapi_key_here
|
|
|
|
# OpenRouter API key for LLM analysis
|
|
OPENROUTER_API_KEY=your_openrouter_key_here
|
|
|
|
# Database configuration
|
|
# All messages are stored in the database for persistence and caching
|
|
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/sparc
|
|
|
|
# Cache configuration
|
|
# When USE_CACHE=true: check database for cached responses before making API calls
|
|
# When USE_CACHE=false: always make fresh API calls (still stores results in database)
|
|
# Default: true
|
|
USE_CACHE=true
|
|
|
|
# JWT Secret for authentication
|
|
# IMPORTANT: Change this to a secure random string in production
|
|
JWT_SECRET=your-secure-jwt-secret-change-in-production
|