feat(napta): client-credentials auth + real project listing

Napta uses Auth0 M2M, not a static token: exchange client_id/secret for a cached
JWT, then list non-archived projects via JSON:API (include client name). Falls back
to fixtures when NAPTA_CLIENT_ID/SECRET are unset. Member resolution still stubbed.
This commit is contained in:
Julien Calixte
2026-06-26 16:16:06 +01:00
parent fc039ac0fc
commit 9ded10f68e
5 changed files with 187 additions and 28 deletions

View File

@@ -15,8 +15,9 @@ services:
- PORT=8000
- DB_PATH=/app/data/app.db
# Set these as env vars on the Coolify app to switch from demo fixtures
# to live data. Empty -> the backend serves fixtures.
- NAPTA_API_TOKEN=${NAPTA_API_TOKEN:-}
# to live data. Empty Napta creds -> the backend serves fixtures.
- NAPTA_CLIENT_ID=${NAPTA_CLIENT_ID:-}
- NAPTA_CLIENT_SECRET=${NAPTA_CLIENT_SECRET:-}
- NAPTA_BASE_URL=${NAPTA_BASE_URL:-https://app.napta.io/api/v1}
- SLACK_BOT_TOKEN=${SLACK_BOT_TOKEN:-}
volumes: