# Local dev environment


# Front-end

## .env file
```
#export API_HOST=https://api.dev.x-hr.ai  --> use dev stack backend
export API_HOST=http://localhost:8080 --> use local backend (devlocal repo, identitiy-management-service?? as proxy)
```
### AI agent

platform-frontend-app/src/shared/services/sse/SseServiceImpl.ts:54-56

```
        //const baseUrl = this.getBaseUrl()
        const baseUrl = "http://localhost:8080" --> Agent-service backend
        const url = `${baseUrl}${path}
```
### Run

```
. .env
npm run dev
```

### dev user

thuy.dang+001@x-hr.co
1S2N

# Start Agent
Change APP_PORT=8090 in .env to avoid conflict with devlocal services (identity management)

```
. .venv/bin/activate
uv sync
alembic upgrade head
export PYTHONPATH=$(pwd)
uv run agent
```

# identitiy-management-service

## Build option gradle
identity-management-service/gradle.properties:27-28
```
gpr.user=thuydang
gpr.key=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
```

## CORS

### Allow OPTIONS for CORS
identity-management-service/common/src/main/java/co/xhr/identitymanagement/common/config/AuthorizationServerConfig.java:34-34
```
               .requestMatchers(org.springframework.http.HttpMethod.OPTIONS, "/**").permitAll() // A
```

### Add cors headers

identity-management-service/rest/src/main/java/co/xhr/identitymanagement/rest/configuration/WebConfiguration.java:1-54
```
package co.xhr.identitymanagement.rest.configuration;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * Web configuration for CORS settings
 */
@Configuration
public class WebConfiguration implements WebMvcConfigurer {

    @Value("${frontend.base-url:https://app.x-hr.ai}")
    private String frontendBaseUrl;

    @Value("${frontend.domain:localhost}")
    private String frontendDomain;

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/v*/**")
                .allowedOriginPatterns(
                        frontendBaseUrl,
                        "http://localhost:*",
                        "https://localhost:*",
                        "http://" + frontendDomain + ":*",
                        "https://" + frontendDomain + ":*",
                        "http://localhost:5173",
                        "http://localhost:3000",
                        "http://localhost:8080"
                )
                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")
                .allowedHeaders(
                           "Origin",
                           "Content-Type",
                           "Accept",
                           "Authorization",
                           "X-Requested-With",
                           "Access-Control-Request-Method",
                           "Access-Control-Request-Headers",
                           "Access-Control-Allow-Origin",
                           "X-Tenant-ID",
                           "X-Company-ID",
                           "X-Correlation-ID",
                           "x-correlation-id",
                           "x-session-id",
                           "x-tenant-id",
                           "x-company-id"
                   )
                .allowCredentials(true)
                .maxAge(3600);
    }
}
```


## Database Setup

I've successfully inserted the dummy user into the local database. Here's what was done:


1. **Created a demo company**:
   - ID: `e388a122-4a87-498f-925e-520bbf200ce3`
   - Name: "Demo Company"
   - Domain: "demo.com"

2. **Created the demo user**:
   - ID: `df109bb1-e781-4b45-b4e8-f7731aec674f`
   - Full Name: "Demo User"
   - Email: `demo@demo.com`
   - Password: `DemoDemo` (bcrypt hashed)
   - Status: `ACTIVE`
   - Group Type: `EMPLOYEE`
   - Email Verified: `true`
   - No password change required

## Login Credentials

You can now login to the application using:
- **Email**: `demo@demo.com`
- **Password**: `DemoDemo`

## Database Connection Details

- **Host**: localhost:5432
- **Database**: authdb
- **Username**: admin
- **Password**: secret

The user is active and ready for testing the login functionality. The password has been properly hashed using bcrypt for security.
### Scripts:

```
#!/bin/bash

# Database setup script for demo user
# Usage: ./setup-demo-db.sh

DB_HOST="localhost"
DB_PORT="5432"
DB_NAME="authdb"
DB_USER="admin"
DB_PASSWORD="secret"

# Generate UUIDs
COMPANY_UUID=$(python3 -c "import uuid; print(str(uuid.uuid4()))")
USER_UUID=$(python3 -c "import uuid; print(str(uuid.uuid4()))")

# Hash the password
HASHED_PASSWORD=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b'DemoDemo', bcrypt.gensalt()).decode('utf-8'))")

echo "Generated Company UUID: $COMPANY_UUID"
echo "Generated User UUID: $USER_UUID"
echo "Hashed Password: $HASHED_PASSWORD"

# Clean up existing demo data
echo "Cleaning up existing demo data..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -p $DB_PORT -U $DB_USER -d $DB_NAME -c "
DELETE FROM \"public\".\"users\" WHERE email = 'demo@demo.com';
DELETE FROM \"public\".\"companies\" WHERE name = 'Demo Company';
DELETE FROM \"public\".\"whitelist_emails\" WHERE email = 'demo@demo.com';
"

# Insert company
echo "Inserting demo company..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -p $DB_PORT -U $DB_USER -d $DB_NAME -c "
INSERT INTO \"public\".\"companies\" (\"id_company\", \"name\", \"domain_name\", \"supported_login_methods\", \"self_signup_allowed\", \"created_at\", \"updated_at\", \"employee_id_generation_config\", \"logo\")
VALUES ('$COMPANY_UUID', 'Demo Company', 'demo.com', '{}', true, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'SYSTEM_GENERATION', NULL);
"

if [ $? -eq 0 ]; then
    echo "Company inserted successfully."
else
    echo "Failed to insert company."
    exit 1
fi

# Insert whitelist email
echo "Inserting demo email into whitelist..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -p $DB_PORT -U $DB_USER -d $DB_NAME -c "
INSERT INTO \"public\".\"whitelist_emails\" (\"email\", \"status\", \"created_at\", \"updated_at\", \"added_by\")
VALUES ('demo@demo.com', 1, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'script');
"

# Insert user
echo "Inserting demo user..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -p $DB_PORT -U $DB_USER -d $DB_NAME -c "
INSERT INTO \"public\".\"users\" (\"id_user\", \"full_name\", \"email\", \"status\", \"fk_company\", \"source\", \"password\", \"requires_password_change\", \"last_password_change_at\", \"email_verification_required\", \"email_verified\", \"created_at\", \"updated_at\", \"fk_employee\", \"group_type\", \"avatar\", \"onboarding_authorization_completed\")
VALUES ('$USER_UUID', 'Demo User', 'demo@demo.com', 'ACTIVE', '$COMPANY_UUID', 'LOCAL', '$HASHED_PASSWORD', false, NULL, false, false, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, NULL, 'EMPLOYEE', NULL, false);
"

if [ $? -eq 0 ]; then
    echo "User inserted successfully."
    echo "Demo login credentials:"
    echo "Email: demo@demo.com"
    echo "Password: DemoDemo"
else
    echo "Failed to insert user."
    exit 1
fi

echo "Demo database setup completed!"
```
### Troubleshooting
#### Pass email form:

```
curl -X POST http://localhost:8080/v1/im/auth/express-login \
  -H "Content-Type: application/json" \
  -d '{"email": "demo@demo.com"}'

```

#### Get Token and me

```
TOKEN=$(curl -X POST http://localhost:8080/v1/im/auth/login \\n  -H "Content-Type: application/json" \\n  -d '{"email": "demo@demo.com", "password": "DemoDemo" }' | jq -r '.data.access_token')    
echo $TOKEN  
curl http://localhost:8080/v1/im/me \\n  -H "Content-Type: application/json" \\n-H "Authorization: Bearer ${TOKEN}"  
```