mikkel/pvm

History

Mikkel Georgsen 28a827efa1 Add custom login UI replacing Zitadel built-in login pages Replace Zitadel's built-in login v1 with a fully custom SvelteKit-based login experience using Zitadel Session API v2. Keeps the existing OIDC authorization code flow (Auth.js handles token exchange) while providing branded login, signup, password reset, and TOTP pages. - Enable Login V2 in docker-compose, assign IAM_LOGIN_CLIENT role in setup script - Add server-only Zitadel API client ($lib/server/zitadel.ts) with session, user, and auth-request management functions - Create reusable auth UI components (AuthCard, FormField, FormError, LoadingButton) - Rewrite login page with email/password form and TOTP second factor support - Add signup page with auto-login after registration - Add password reset flow (request + verify pages) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-02-08 13:54:01 +01:00
..
.env.example	Add Zitadel OIDC setup, SMTP config, and security fixes	2026-02-08 12:34:44 +01:00
docker-compose.dev.yml	Add custom login UI replacing Zitadel built-in login pages	2026-02-08 13:54:01 +01:00
README.md	Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env	2026-02-08 03:37:07 +01:00
setup-zitadel.sh	Add custom login UI replacing Zitadel built-in login pages	2026-02-08 13:54:01 +01:00
zitadel-healthcheck.yaml	Fix auth flow: federated logout, login page move, and healthcheck	2026-02-08 12:55:35 +01:00

README.md

PVM Docker Dev Environment

Local development stack with Zitadel auth, PostgreSQL, and DragonflyDB.

Services

Service	Description	Port
zitadel	Zitadel v3 identity provider (OIDC/OAuth2)	8080
zitadel-db	PostgreSQL 16 for Zitadel (internal, not exposed)	—
pvm-db	PostgreSQL 16 for PVM application data	5432
dragonfly	DragonflyDB (Redis-compatible cache)	6379

Quick Start

# Copy env file and adjust if needed
cp .env.example .env

# Start all services
docker compose -f docker-compose.dev.yml up -d

# Check status
docker compose -f docker-compose.dev.yml ps

# View Zitadel logs (first startup takes ~30-60s)
docker compose -f docker-compose.dev.yml logs -f zitadel

Zitadel Admin Console

Once Zitadel finishes initializing (watch the logs for "server is listening"), open:

Console URL: http://localhost:8080/ui/console
Username: admin
Password: value of ZITADEL_ADMIN_PASSWORD in your .env (default: Admin1234!)

First-Time Zitadel Setup

After the first docker compose up, configure Zitadel for PVM:

Log in to the admin console at http://localhost:8080/ui/console
Create a project called "PVM"
Create an application within the project:
- Name: "PVM Web"
- Type: Web
- Auth method: PKCE (recommended for SvelteKit)
- Redirect URIs: http://localhost:5173/auth/callback/zitadel
- Post-logout URIs: http://localhost:5173
Note the Client ID — you'll need it for SvelteKit's AUTH_ZITADEL_ID
(Optional) Configure social login providers under Settings > Identity Providers:
- Google, Apple, Facebook — each requires an OAuth app from the respective developer console

Connecting from the PVM Backend

# PostgreSQL (PVM app database)
DATABASE_URL=postgres://pvm:pvm-dev-password@localhost:5432/pvm

# DragonflyDB (Redis-compatible)
REDIS_URL=redis://localhost:6379

# Zitadel issuer (for OIDC/JWT validation)
ZITADEL_URL=http://localhost:8080

Stopping & Cleanup

# Stop services (data is preserved in volumes)
docker compose -f docker-compose.dev.yml down

# Stop and delete all data (fresh start)
docker compose -f docker-compose.dev.yml down -v