Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 15 additions & 21 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,22 @@
### REQUIRED SERVER ENVIRONMENT VARIABLES
### =================================

### Auth provider: supabase or ory
AUTH_PROVIDER=supabase

### Supabase configuration (required when AUTH_PROVIDER=supabase)
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your_supabase_anon_key

### Dashboard API admin token used for user bootstrap and creator email hydration
DASHBOARD_API_ADMIN_TOKEN=your_dashboard_api_admin_token

### Auth.js configuration
### Generate with `npx auth secret` or `openssl rand -hex 32`.
AUTH_SECRET=your_auth_secret

### Ory Network configuration
ORY_SDK_URL=https://your-project.projects.oryapis.com
ORY_OAUTH2_CLIENT_ID=your_ory_oauth2_client_id
ORY_OAUTH2_CLIENT_SECRET=your_ory_oauth2_client_secret
### Access-token audience requested from Ory. Must match the backend JWT audience configuration.
ORY_OAUTH2_AUDIENCE=https://api.e2b.dev
### Ory project admin API token used for IdentityApi lookups
ORY_PROJECT_API_TOKEN=your_ory_project_api_token

### Domain for the E2B cluster
# Resolves Infrastructure and Dashboard API + E2B SDK configuration
NEXT_PUBLIC_E2B_DOMAIN=e2b.dev
Expand All @@ -33,9 +39,8 @@ NEXT_PUBLIC_E2B_DOMAIN=e2b.dev
### page. Self-hosted: the Kratos public endpoint (harness default :4433).
### Ory Network: same value as ORY_SDK_URL.
# NEXT_PUBLIC_ORY_SDK_URL=http://localhost:4433
### Set to 1 to enable the custom @ory/elements-react login/registration UI
### (staging/preview and local dev). Leave unset in production to keep /sign-in.
# NEXT_PUBLIC_ORY_CUSTOM_UI=1
### The custom @ory/elements-react login/registration UI is gated by the PostHog
### `ory-custom-ui` feature flag (targeted by deploy environment), not an env var.
### OAuth2 client credentials issued by Ory for this dashboard deployment
# ORY_OAUTH2_CLIENT_ID=
# ORY_OAUTH2_CLIENT_SECRET=
Expand All @@ -47,14 +52,9 @@ NEXT_PUBLIC_E2B_DOMAIN=e2b.dev
### Set both when running self-hosted; leave unset to use Ory Network with the PAT above.
# ORY_KRATOS_ADMIN_URL=http://localhost:4434
# ORY_HYDRA_ADMIN_URL=http://localhost:4445
### Auth.js configuration (required when AUTH_PROVIDER=ory)
### Generate with `npx auth secret` or `openssl rand -hex 32`. Used to encrypt the JWT session cookie.
# AUTH_SECRET=
### Set to 1 outside Vercel-hosted production to allow Auth.js to trust the Host header
# AUTH_TRUST_HOST=1

### Legacy Supabase bootstrap fallback used by dashboard route team resolution.
### Ory sign-in bootstrap does not depend on this flag.
# ENABLE_USER_BOOTSTRAP=0

### Billing API URL (Required if NEXT_PUBLIC_INCLUDE_BILLING=1)
Expand All @@ -69,9 +69,6 @@ NEXT_PUBLIC_E2B_DOMAIN=e2b.dev
### Development infrastructure API domain
# DEVELOPMENT_INFRA_API_DOMAIN=

### ZeroBounce API key for email validation
# ZEROBOUNCE_API_KEY=

### Optional KV database configuration
### Required only for KV-backed capabilities such as alternate-email warning dedupe.
### Must be Vercel/Upstash Redis REST compatible; raw redis://localhost:6379 is not supported by @vercel/kv.
Expand Down Expand Up @@ -125,6 +122,3 @@ NEXT_PUBLIC_E2B_DOMAIN=e2b.dev

### Set to 1 to enable verbose logging
# NEXT_PUBLIC_VERBOSE=0

### Set to 1 to pause sign-ups and sign-ins during auth migration.
# NEXT_PUBLIC_AUTH_MIGRATION_IN_PROGRESS=0
9 changes: 6 additions & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,16 @@ jobs:
KV_REST_API_READ_ONLY_TOKEN: test-read-only-token
KV_REST_API_TOKEN: test-api-token
KV_REST_API_URL: https://test-kv-api.example.com
AUTH_PROVIDER: supabase
AUTH_SECRET: test-auth-secret
ORY_SDK_URL: https://test-ory.projects.oryapis.com
ORY_OAUTH2_CLIENT_ID: test-ory-client-id
ORY_OAUTH2_CLIENT_SECRET: test-ory-client-secret
ORY_OAUTH2_AUDIENCE: https://api.e2b-test.dev
ORY_PROJECT_API_TOKEN: test-ory-project-api-token
DASHBOARD_API_ADMIN_TOKEN: test-dashboard-admin-token
BILLING_API_URL: https://billing.e2b-test.dev
NEXT_PUBLIC_E2B_DOMAIN: e2b-test.dev
NEXT_PUBLIC_POSTHOG_KEY: test-posthog-key
NEXT_PUBLIC_SUPABASE_URL: https://test-supabase-url.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY: test-supabase-anon-key
NEXT_PUBLIC_STRIPE_BILLING_URL: https://test-stripe-billing.example.com
NEXT_PUBLIC_SCAN: 0
NEXT_PUBLIC_MOCK_DATA: 1
Expand Down
36 changes: 8 additions & 28 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ Our Dashboard is a modern, feature-rich web application built to manage and moni
## Features
- **Modern Stack**: Built with Next.js 16, React 19, and TypeScript
- **Real-time Analytics**: Monitor your sandbox usage and performance
- **Authentication**: Secure authentication powered by Supabase
- **Authentication**: Secure authentication powered by Auth.js and Ory
- **Type Safety**: Full TypeScript support throughout the codebase

## Getting Started
Expand All @@ -29,7 +29,7 @@ Our Dashboard is a modern, feature-rich web application built to manage and moni
- Node.js 20.9+
- Git
- Vercel account
- Supabase account
- Ory project or self-hosted Ory deployment

### Local Development Setup

Expand All @@ -56,36 +56,16 @@ cp .env.example .env.local

4. Set up required services:

#### a. Supabase Setup
1. Create a new Supabase project
2. Go to Project Settings > API
3. Copy the `anon key` & `service_role key` to populate `.env.local`
4. Configure authentication:
- Go to Authentication > URL Configuration
- Set Site URL to the hosting domain
- Add `http://localhost:3000/**` to Redirect URLs (for development)
5. Enable auth providers:
- Go to Authentication > Providers
- Enable the providers you want to use (GitHub, Google, E-Mail)
- Configure each provider with the appropriate credentials
6. Configure e-mail templates:
- Navigate to **Authentication → Templates** in the Supabase dashboard
- Update the URLs in the **Reset Password** and **Confirm Sign-Up** templates so that the CTA links point back to the dashboard's confirmation endpoint:

**Reset Password**
```
{{ .SiteURL }}/api/auth/confirm?token_hash={{ .TokenHash }}&type=recovery&next={{ .RedirectTo }}&confirmation_url={{ .ConfirmationURL }}
```

**Confirm Sign-Up**
```
{{ .SiteURL }}/api/auth/confirm?token_hash={{ .TokenHash }}&type=email&next={{ .RedirectTo }}&confirmation_url={{ .ConfirmationURL }}
```
#### a. Auth.js / Ory Setup
1. Configure an Ory OAuth2 client for the dashboard callback URL: `/api/auth/oauth/callback/ory`.
2. Populate `.env.local` with the Ory and Auth.js variables from `.env.example`.
3. Enable the upstream identity providers you want in Ory (GitHub, Google, email/password, etc.).
4. Ensure the Ory access-token audience matches the backend JWT audience setting.

#### b. Key-Value Store Setup (Optional)
Redis/KV is optional for standard dashboard deployments, including local, enterprise, and on-prem environments. The dashboard can boot and run core auth and dashboard workflows without KV configured.

KV is currently used for optional capability checks and for deduplicating ZeroBounce alternate-email warnings. If you need those capabilities, configure a Vercel/Upstash Redis REST-compatible store:
KV is currently used for optional health-check coverage. If you need that capability, configure a Vercel/Upstash Redis REST-compatible store:
```
KV_REST_API_URL=your_redis_rest_api_url
KV_REST_API_TOKEN=your_redis_api_write_token
Expand Down
Loading
Loading