rede5/core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
core/crm-core/README.md
Tiago Yamamoto 21f37a2d35 Add crm-core Go backend skeleton
2025-12-27 14:32:00 -03:00

1.4 KiB
Raw Blame History

crm-core

Enterprise-ready CRM backend for B2B SaaS platforms. crm-core handles CRM data only—no billing, deploys, or ERP workloads.

Scope & Limits

  • Accounts, contacts, deals, pipelines/stages, activities, notes, tags
  • Multi-tenant by design (tenant_id on every table and query)
  • JWT validation via JWKS (trusted identity-gateway)
  • No billing data or payment secrets
  • No deployment or ERP features

Authentication

crm-core trusts JWTs issued by identity-gateway.

Required claims:

  • sub (user ID)
  • tenantId
  • roles (must include crm.read, crm.write, or crm.admin)

Domain Model

See docs/domain-model.md.

Multi-tenant Enforcement

Every request reads tenantId from the JWT and filters all reads/writes with tenant_id. This prevents data leakage across tenants.

Running Locally

cp .env.example .env
make run

Docker (API + Postgres):

docker-compose up --build

Migrations & sqlc

make migrate-up
make sqlc

Example cURL

curl -X POST http://localhost:8080/api/v1/accounts \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{"name":"Acme Corp"}'

curl -X POST http://localhost:8080/api/v1/deals \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{"title":"Upgrade","pipeline_id":"<pipeline>","stage_id":"<stage>","value_cents":500000}'