Initial Commit

backend/README.md

@@ -15,9 +15,7 @@ Each feature is 100% self-contained in `src/features/[name]/`:
 
 ```bash
 # From project root directory
-# Copy environment variables
-cp .env.example .env
-# Update .env with your credentials
+# Ensure a valid .env exists at project root (production values provided by your team)
 
 # Build and start all services (including backend)
 make setup
@@ -35,14 +33,13 @@ make test
 ## Available Commands (Containerized)
 
 **From project root:**
-- `make dev` - Start all services in development mode
+- `make start` - Build and start all services (production)
 - `make test` - Run tests in containers  
 - `make migrate` - Run database migrations
 - `make logs-backend` - View backend logs
 - `make shell-backend` - Open shell in backend container
 
 **Inside container (via make shell-backend):**
-- `npm run dev` - Start development server with hot reload
 - `npm run build` - Build for production
 - `npm start` - Run production build
 - `npm test` - Run all tests
@@ -57,7 +54,7 @@ make test
 - `redis.ts` - Redis client and cache service
 
 ### Security (Fastify Plugin)
-- `src/core/plugins/auth.plugin.ts` - Auth plugin (mock user in dev; plan for Auth0 JWT)
+- `src/core/plugins/auth.plugin.ts` - Auth plugin (Auth0 JWT via JWKS; tokens required in all environments)
 
 ### Logging (`src/core/logging/`)
 - `logger.ts` - Structured logging with Winston
@@ -97,8 +94,8 @@ npm run test:watch
 
 ## Environment Variables
 
-See `.env.example` for required variables. Key variables:
+Ensure `.env` includes these key variables:
 - Database connection (DB_*)
 - Redis connection (REDIS_*)
-- Auth0 configuration (AUTH0_*) — backend currently uses mock auth; JWT enforcement planned
+- Auth0 configuration (AUTH0_*) — backend validates JWTs via Auth0 JWKS (@fastify/jwt + get-jwks)
 - External API keys