mirror of
https://github.com/willchen96/mike.git
synced 2026-06-08 20:25:13 +02:00
OSS AI Legal Platform
eb4414092e
Resolves the issue where getSecret() silently fell back to the literal string "dev-secret" when neither DOWNLOAD_SIGNING_SECRET nor SUPABASE_SECRET_KEY was set. Because the codebase is public, that fallback let anyone forge valid /download/:token signatures against a mis-configured deployment. - Throw at first call instead of returning the hardcoded string, with a message pointing the operator at `openssl rand -hex 32`. - Document DOWNLOAD_SIGNING_SECRET in backend/.env.example so deployers following the README know to set it (and that it should be distinct from SUPABASE_SECRET_KEY). Closes #7 |
||
|---|---|---|
| backend | ||
| frontend | ||
| .gitignore | ||
| LICENSE | ||
| README.md | ||
Mike
Open-source release containing the Mike frontend and backend.
Contents
frontend/- Next.js applicationbackend/- Express API, Supabase access, document processing, and migrationsbackend/migrations/000_one_shot_schema.sql- one-shot Supabase schema for fresh databases
Setup
Install dependencies:
npm install --prefix backend
npm install --prefix frontend
Create local env files from the examples:
cp backend/.env.example backend/.env
cp frontend/.env.local.example frontend/.env.local
Run backend/migrations/000_one_shot_schema.sql in the Supabase SQL editor for a fresh database.
Start the backend:
npm run dev --prefix backend
Start the frontend:
npm run dev --prefix frontend
Open http://localhost:3000.
Required Services
- Supabase Auth and Postgres
- S3-compatible object storage, such as Cloudflare R2
- At least one supported model provider key, depending on which models you enable
- LibreOffice for DOC/DOCX to PDF conversion
Checks
npm run build --prefix backend
npm run build --prefix frontend
npm run lint --prefix frontend
License
AGPL-3.0-only. See LICENSE.