# Baron SSO

**Baron SSO** is a white-labeled User Authentication Hub and Unified Launcher.
It leverages **Descope** for secure, passwordless authentication (Enchanted Link / Magic Link) and provides a custom Flutter UI for a seamless user experience. A Go (Fiber) backend manages Audit Logs via ClickHouse.

## 🏗 Architecture

### 1. Frontend (Flutter Web)
- **Framework**: Flutter 3.38.0+
- **Organization**: `kr.co.baroncs`
- **Key Packages**: `descope`, `flutter_riverpod`, `go_router`
- **Features**:
  - Login UI with Tabs (Email / SMS)
  - Descope SDK Integration (Enchanted Link, Magic Link)

### 2. Backend (Go Fiber)
- **Language**: Go 1.26.2+
- **Framework**: Fiber v2.25+
- **Database**:
  - **ClickHouse**: Audit Logs (High performance ingestion)
  - **PostgreSQL**: Metadata storage (Primary)
- **Features**:
  - `POST /api/v1/audit`: Endpoint to ingest audit logs.

### 3. Infrastructure (Docker)
- **Services**: `postgres`, `clickhouse` (defined in `compose.infra.yaml`)
- **App**: `userfront`, `backend` (defined in `docker-compose.yaml`)

---

## 🚀 Getting Started

### Prerequisites
- Docker & Docker Compose
- Flutter SDK (for local development, 3.38.0+)
- Go (for local backend development)

### Environment Setup
1. Copy the sample environment file.
   ```bash
   cp .env.sample .env
   ```

2. Set the **IDP priority and Ory admin endpoints**. The default is Ory first with Descope as fallback.
   ```env
   IDP_PROVIDER=ory,descope
   KRATOS_ADMIN_URL=http://kratos:4434
   HYDRA_ADMIN_URL=http://hydra:4445
   ```

### Running the Stack

#### 1. Start Infrastructure (Databases)
Start the persistent data layer first.
```bash
docker compose -f compose.infra.yaml up -d
```

#### 2. Start Applications
Start the userfront and backend services.
```bash
docker compose up
```

- **userfront**: Accessible at http://localhost:5000
- **backend**: API active at http://localhost:3000
- **ClickHouse**: http://localhost:8123

### Local Development (Manual)
If you prefer running without Docker for code editing:

**Backend:**
```bash
cd backend
go mod tidy
go run cmd/server/main.go
```

**userfront:**
```bash
cd userfront
flutter pub get
flutter run -d chrome
```

---

## 📂 Project Structure

```
baron_sso/
├── backend/            # Go Fiber Application
│   ├── cmd/server/     # Entry point
│   ├── internal/       # Domain, Handlers, Repository
│   └── Dockerfile
├── userfront/         # Flutter Application
│   ├── lib/            # UI & Logic
│   └── pubspec.yaml
├── compose.infra.yaml  # DB Services (Postgres, ClickHouse)
├── docker-compose.yaml # App Services
├── .env.sample         # Env Config Template
└── README.md           # This file
```

## 📝 Status & Roadmap
- [x] **Phase 1**: Initial Setup & Architecture (Done)
- [x] **Phase 2**: Backend Audit API (Done)
- [x] **Phase 3**: Frontend Login UI & Descope Auth Logic (Done)
- [ ] **Phase 4**: Connect Frontend to Audit API (Todo)
- [ ] **Phase 5**: Dashboard & Unified Launcher (Todo)