forked from baron/baron-sso
chan
f6cf261fd5
- adminfront: Update removeMutation to correctly pass 'isRemoveTenant: true' and the specific tenant slug instead of empty string - backend: Fix 'Move' operation (Normal Update) in UpdateUser to correctly remove the old primary company code from the 'companyCodes' array and sync the deletion to Keto, ensuring accurate member count aggregation
Baron SSO
Baron SSO is a white-labeled User Authentication Hub and Unified Launcher. It leverages Descope for secure, passwordless authentication (Enchanted Link / Magic Link) and provides a custom Flutter UI for a seamless user experience. A Go (Fiber) backend manages Audit Logs via ClickHouse.
🏗 Architecture
1. Frontend (Flutter Web)
- Framework: Flutter 3.38.0+
- Organization:
kr.co.baroncs - Key Packages:
descope,flutter_riverpod,go_router - Features:
- Login UI with Tabs (Email / SMS)
- Descope SDK Integration (Enchanted Link, Magic Link)
2. Backend (Go Fiber)
- Language: Go 1.26.2+
- Framework: Fiber v2.25+
- Database:
- ClickHouse: Audit Logs (High performance ingestion)
- PostgreSQL: Metadata storage (Primary)
- Features:
POST /api/v1/audit: Endpoint to ingest audit logs.
3. Infrastructure (Docker)
- Services:
postgres,clickhouse(defined incompose.infra.yaml) - App:
userfront,backend(defined indocker-compose.yaml)
🚀 Getting Started
Prerequisites
- Docker & Docker Compose
- Flutter SDK (for local development, 3.38.0+)
- Go (for local backend development)
Environment Setup
-
Copy the sample environment file.
cp .env.sample .env -
Set the IDP priority and Ory admin endpoints. The default is Ory first with Descope as fallback.
IDP_PROVIDER=ory,descope KRATOS_ADMIN_URL=http://kratos:4434 HYDRA_ADMIN_URL=http://hydra:4445
Running the Stack
1. Start Infrastructure (Databases)
Start the persistent data layer first.
docker compose -f compose.infra.yaml up -d
2. Start Applications
Start the userfront and backend services.
docker compose up
- userfront: Accessible at http://localhost:5000
- backend: API active at http://localhost:3000
- ClickHouse: http://localhost:8123
Local Development (Manual)
If you prefer running without Docker for code editing:
Backend:
cd backend
go mod tidy
go run cmd/server/main.go
userfront:
cd userfront
flutter pub get
flutter run -d chrome
📂 Project Structure
baron_sso/
├── backend/ # Go Fiber Application
│ ├── cmd/server/ # Entry point
│ ├── internal/ # Domain, Handlers, Repository
│ └── Dockerfile
├── userfront/ # Flutter Application
│ ├── lib/ # UI & Logic
│ └── pubspec.yaml
├── compose.infra.yaml # DB Services (Postgres, ClickHouse)
├── docker-compose.yaml # App Services
├── .env.sample # Env Config Template
└── README.md # This file
📝 Status & Roadmap
- Phase 1: Initial Setup & Architecture (Done)
- Phase 2: Backend Audit API (Done)
- Phase 3: Frontend Login UI & Descope Auth Logic (Done)
- Phase 4: Connect Frontend to Audit API (Todo)
- Phase 5: Dashboard & Unified Launcher (Todo)