Phase 2: Tenants + Identity + Licensing #32
Reference in New Issue
Block a user
Delete Branch "feature/phase-2-tenants-identity-licensing"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
Phase 2 of the Cameleer SaaS platform — adds multi-tenancy, Logto OIDC identity integration, Ed25519 license token signing, Traefik reverse proxy, and a Docker Compose production stack.
Architecture Decisions (spec:
docs/superpowers/specs/2026-04-04-dual-deployment-architecture.md)What's New
POST/GET /api/tenants, slug-based lookup, tier management (LOW/MID/HIGH/BUSINESS), audit loggingPOST/GET /api/tenants/{id}/licenseorganization_idJWT claimGET /auth/verifyfor Traefik routing to cameleer3-serverWhat's Removed
AuthController,AuthService, login/register DTOs — Logto handles user auth nowAuthControllerTest,AuthServiceTest— replaced by JWT mock testsStats
Test Plan
./mvnw test -Bdocker compose upwith Logto configured, verify OIDC login flowRelated Issues
Closes #24
🤖 Generated with Claude Code
POST /api/tenants/{id}/license generates Ed25519-signed license JWT. GET /api/tenants/{id}/license returns active license. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>