Multi-Tenant-Cafe-Application
Verified Safeby CharlieAtki
Overview
A multi-tenant cafe ordering platform integrating AI-powered shopping assistance and business analytics through a microservices architecture.
Installation
docker compose up --buildEnvironment Variables
- PORT
- MONGODB_URI
- JWT_SECRET
- JWT_REFRESH_SECRET
- JWT_EXPIRES_IN
- JWT_REFRESH_EXPIRES_IN
- FRONTEND_URL
- AGENT_SERVER_URL
- VITE_BACKEND_URL
- VITE_CLOUDINARY_UPLOAD_URL
- MCP_SERVER_URL
- OPENAI_API_KEY
- EXPRESS_BASE_URL
Security Notes
The application employs standard security practices such as JWT-based authentication with refresh tokens, password hashing via bcryptjs, and CORS configuration. Environment variables are used for sensitive data, preventing hardcoding. However, storing JWT tokens in localStorage on the frontend (as implied by `api.js`) is vulnerable to XSS attacks, making `httpOnly` cookies a more secure alternative for refresh tokens. The AI agent's interaction with the backend involves forwarding the user's JWT, relying on the LLM's adherence to instructions not to expose this token. No 'eval' or other directly exploitable dangerous patterns were found.
Similar Servers
mcpstore
Orchestrate Microservice Context Protocol (MCP) services and adapt them for integration with various AI frameworks like LangChain, managing tools and their lifecycle.
agentxsuite
A unified open-source platform for connecting, managing, and monitoring AI agents and tools across various Model Context Protocol (MCP) servers.
groceries-mcp
Orchestrates automated grocery shopping using an LLM agent that interacts with various grocery vendor APIs via Model Context Protocol (MCP) tools.
ai-agent-mcp-server
This project implements an MCP (Model Context Protocol) server and client using AMQP (RabbitMQ) for communication, enabling an LLM-powered agent to interact with internal tools and data resources.