AgileWebs/blueprint-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
feature/demo-auth-routing-runbook
blueprint-platform/docs/consumption/demo-auth-routing-validation.md

2.5 KiB
Raw Permalink Blame History

Demo Auth Routing Validation

Scope

Validate centralized auth routing and per-host API routing for demo stacks.

Prerequisites

  • Caddy is running on the VPS.
  • Demo stacks are running in Portainer.
  • DNS records point to the VPS for all demo hosts.

Caddy Validation

caddy validate --config /etc/caddy/Caddyfile

sudo systemctl reload caddy

Host Health Checks

Run from any machine that can resolve public demo hosts:

curl -i https://auth.dream-views.com/health
curl -i https://furniture-display-demo.dream-views.com/
curl -i https://furniture-admin-demo.dream-views.com/
curl -i https://kitchen-ops-demo.dream-views.com/
curl -i https://waiter-floor-demo.dream-views.com/
curl -i https://customer-orders-demo.dream-views.com/
curl -i https://pos-transactions-demo.dream-views.com/
curl -i https://restaurant-admin-demo.dream-views.com/

Identity Route Checks

curl -i https://furniture-display-demo.dream-views.com/api/identity/session/me
curl -i https://kitchen-ops-demo.dream-views.com/api/identity/session/me
curl -i https://restaurant-admin-demo.dream-views.com/api/identity/session/me

Expected outcomes:

  • 200 when an authenticated session cookie is present.
  • 401 when no session cookie is present.
  • No 404 on identity paths.

Domain API Route Checks

curl -i "https://furniture-display-demo.dream-views.com/api/furniture/demo-context/availability"
curl -i "https://kitchen-ops-demo.dream-views.com/api/kitchen/ops/board?contextId=demo-context"
curl -i "https://waiter-floor-demo.dream-views.com/api/waiter/floor/assignments?contextId=demo-context"
curl -i "https://customer-orders-demo.dream-views.com/api/customer/orders/status?contextId=demo-context"
curl -i "https://pos-transactions-demo.dream-views.com/api/pos/transactions/summary?contextId=demo-context"
curl -i "https://restaurant-admin-demo.dream-views.com/api/restaurant/admin/config?contextId=demo-context"

Expected outcomes:

  • Routed to the corresponding domain BFF.
  • No cross-domain path leakage.

Callback Journey Check

  1. Open one demo web host.
  2. Start Google login.
  3. Complete callback on auth.dream-views.com.
  4. Confirm return to same-origin route defined by THALOS_DEFAULT_RETURN_URL.

Expected outcomes:

  • Callback does not redirect to external origins.
  • Session-enabled API calls succeed after login.

Regression Guard

  • Re-run smoke scripts for greenfield/demo/furniture and greenfield/demo/restaurant after routing changes.
  • Re-check all web containers can still load runtime config values.