SmartPro Server
БесплатноНе проверенA basic skeleton for building MCP servers with Supabase-based authentication, RBAC, and audit logging. It provides tool and resource implementations for hub and
Описание
A basic skeleton for building MCP servers with Supabase-based authentication, RBAC, and audit logging. It provides tool and resource implementations for hub and contracts platforms, enabling secure, tenant-isolated operations.
README
A basic skeleton for building an MCP (Model Context Protocol) server.
Setup
- Install dependencies:
npm install
Configure environment variables:
- Copy
.env.exampleto.env - Fill in the required environment variables:
SUPABASE_URL- Your Supabase project URL (required)SUPABASE_SERVICE_ROLE_KEY- Your Supabase service role key (required)MCP_PORT- Port number for MCP server (required)HUB_BASE_URL- Base URL for Hub API (optional)CONTRACTS_BASE_URL- Base URL for Contracts API (optional)
- Copy
Build the project:
npm run build
- Run in development mode:
npm run dev
- Run the built server:
npm start
Environment Variables
The server uses strict environment variable validation with Zod. The server will fail fast at startup if required environment variables are missing or invalid.
Required Variables
SUPABASE_URL- Supabase project URLSUPABASE_SERVICE_ROLE_KEY- Supabase service role key (server-side only)MCP_PORT- Port number for the MCP server
Optional Variables
HUB_BASE_URL- Base URL for Hub platform API callsCONTRACTS_BASE_URL- Base URL for Contracts platform API callsLOG_LEVEL- Logging level (debug, info, warn, error) - default:infoAUDIT_ENABLED- Enable audit logging (true/false) - default:trueNODE_ENV- Node environment (development, production, test) - default:development
Structure
src/index.ts- Main server file with handlers for tools, resources, and promptssrc/config/env.ts- Environment variable validation with Zodsrc/auth/- Authentication and context resolution (JWT verification, tenant/role extraction)src/rbac/- Role-based access control (permissions, authorization)src/audit/- Audit logging for tool callssrc/tools/- Tool implementations (hub, contracts)src/resources/- Resource implementations (hub, contracts, identity)src/common/- Common utilities (errors, schemas)migrations/- Database migrations (audit table)package.json- Project dependencies and scriptstsconfig.json- TypeScript configuration
Authentication & Authorization (DB-First)
The server uses Supabase JWT tokens for authentication with database-first resolution for security:
Token Source: The platform (Next.js API) passes Supabase access tokens via
Authorization: Bearer <token>header or in request metadata.Context Resolution (DB-First):
- Step 1: Verify JWT → extract
user_id(sub claim) - Step 2: Query database → resolve
tenant_idandrolefrom database (source of truth) - Step 3: Build context with
userId,tenantId(from DB),role(from DB), andpermissions
Security: tenant_id and role are never trusted from JWT claims in production. This prevents privilege escalation if JWT metadata is tampered with.
- Step 1: Verify JWT → extract
Database Configuration: Configure where tenant/role are stored via environment variables (see
.env.example). Defaults work for common Supabase patterns (profilestable).RBAC: Tools check permissions before execution using the
requirePermission()function.Development Fallback: In
NODE_ENV=development, if DB lookup fails, falls back to JWT claims with a warning. In production, DB lookup failure is an authentication error.
Audit Logging
All tool calls are logged to the mcp_tool_audit_logs table in Supabase:
- Tenant isolation: Logs are scoped by tenant_id
- Sensitive data redaction: Passwords, tokens, etc. are automatically redacted
- Entity references: Automatically extracts entity IDs (booking_id, invoice_id, etc.)
- Performance tracking: Latency is recorded for each call
- Error tracking: Failed calls are logged with error messages
Database Migration
Run the migration to create the audit table:
-- See migrations/001_create_mcp_tool_audit_logs.sql
Implementation
To implement your MCP server:
Environment Setup: Configure required environment variables (see
.env.example)Database Migration: Run the audit table migration in Supabase
Tools: Implement tool handlers in
src/tools/with proper permission checksResources: Implement resource handlers in
src/resources/with tenant isolationPrompts: Add prompt definitions in the
ListPromptsRequestSchemahandler
MCP Configuration
To use this server with Cursor or other MCP clients, add it to your MCP configuration file (e.g., ~/.cursor/mcp.json):
{
"mcpServers": {
"smartpro-mcp-server": {
"command": "node",
"args": ["path/to/smartpro-mcp-server/dist/index.js"]
}
}
}
Установка SmartPro Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/AbuAli85/smartpro-mcp-serverFAQ
SmartPro Server MCP бесплатный?
Да, SmartPro Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для SmartPro Server?
Нет, SmartPro Server работает без API-ключей и переменных окружения.
SmartPro Server — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить SmartPro Server в Claude Desktop, Claude Code или Cursor?
Открой SmartPro Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare SmartPro Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
