Skip to main content

Backoffice Launch Checklist

  • Auth

    • Google OAuth app: production status, callback https://bo.betoto.pet/api/auth/callback/google
    • NEXTAUTH_URL, NEXTAUTH_SECRET set in apphosting.prod.yaml

  • Secrets & env

    • GOOGLE_CLIENT_ID/SECRET, FIREBASE_WEB_API_KEY in Secret Manager; access granted to backend

  • Firestore

    • βœ… Composite indexes created (users, notifications, support_tickets)
    • βœ… Security rules deployed - Role-based access control (admin, guardian, user)
    • βœ… Production database cleaned - Ready for beta launch

  • Storage

    • βœ… Storage security rules deployed - Path-based permissions for file uploads
    • βœ… File organization structure - profile_images, case_images, documents, etc.

  • App Hosting

    • Build green, /api/health returns { status: "ok" }

  • Security

    • βœ… Firestore security rules - Comprehensive role-based access control
    • βœ… Storage security rules - Secure file upload/access permissions
    • Security headers enabled via middleware.ts (CSP report-only)
    • robots.txt disallow indexing
    • Rate limiting on write APIs

  • Features sanity

    • Collaborators CRUD + quick actions
    • Users list/actions/export
    • Support Hub tickets CRUD, filters, export
    • Notifications bell/modal

  • Post-launch

    • Flip CSP to enforce after 24h
    • Set uptime checks and error alerts