feat: multi-Oracle server support with runtime switching

Complete implementation of multi-server Oracle database support:

Backend:
- Multi-pool Oracle with lazy loading per server
- Email-to-server cache for automatic server discovery
- JWT tokens include server_id claim
- /auth/check-identity and /auth/check-email endpoints
- /auth/my-servers endpoint for listing user's accessible servers
- Server switch with password re-authentication

Frontend:
- New ServerSelector component for header dropdown
- Multi-step login flow (identity → server → password)
- Server switching from header with password modal
- Mobile drawer menu with server selection
- Dark mode support for all new components
- URL bookmark support with ?server= query param

Scripts:
- Unified start.sh replacing start-prod.sh/start-test.sh
- Unified ssh-tunnel.sh with multi-server support
- Updated status.sh for new architecture

Tests:
- E2E tests for multi-server and single-server login flows
- Backend unit tests for all new endpoints
- Oracle multi-pool integration tests

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Claude Agent
2026-01-26 22:39:06 +00:00
parent 5f99ee2fd0
commit b137e80b71
102 changed files with 9398 additions and 2787 deletions

View File

@@ -17,22 +17,21 @@
# IMPORTANT: Never manually edit .env - edit .env.dev instead!
# ============================================================================
# ORACLE DATABASE CONFIGURATION (REQUIRED - Shared by all modules)
# ORACLE DATABASE CONFIGURATION
# ============================================================================
# Connection to CONTAFIN_ORACLE schema for authentication and user management
# Each company is a separate schema in Oracle Database
# Development: Through SSH tunnel (localhost:1521)
# Windows Production: Direct connection to Oracle server
# Single server: Use ORACLE_USER/HOST/PORT/SID
# Multi-server: Use ORACLE_SERVERS JSON (ignores single server vars)
# Passwords: secrets/{id}.oracle_pass
# SSH tunnels: ssh-tunnels.json (separate file)
ORACLE_USER=CONTAFIN_ORACLE
ORACLE_PASSWORD=SET_IN_PRODUCTION_ENV
ORACLE_PASSWORD=SET_IN_SECRETS_FILE
ORACLE_HOST=localhost
ORACLE_PORT=1521
ORACLE_SID=ROA
# Development Only: Start SSH tunnel before running backend
# ./ssh_tunnel.sh start
# ./ssh_tunnel.sh status
# Multi-server example (uncomment to use):
# ORACLE_SERVERS='[{"id":"server1","name":"Server 1","host":"localhost","port":1521,"user":"USER","sid":"ROA"}]'
# ============================================================================
# JWT AUTHENTICATION (REQUIRED - Shared by all modules)
@@ -120,11 +119,11 @@ DATA_ENTRY_MAX_UPLOAD_SIZE_MB=10
# Enable/disable PaddleOCR (set to 'false' to save ~800MB RAM)
# When disabled: 'paddleocr' engine unavailable
OCR_ENABLE_PADDLEOCR=true
OCR_ENABLE_PADDLEOCR=false
# Enable/disable Tesseract (set to 'false' to save ~50MB RAM)
# When disabled: 'tesseract' engine unavailable
OCR_ENABLE_TESSERACT=true
OCR_ENABLE_TESSERACT=false
# Default OCR engine when not specified in request
# Options: tesseract, doctr, doctr_plus, paddleocr