santhoshj/headroom
1
0
Fork 0
Code Issues 18 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: santhoshj:b9cb5170dad6523e149e9ec007d9e4b0004f7091
Branches Tags
santhoshj:main santhoshj:tdd-headroom
...
compare: santhoshj:3e36ea8888c9fc1693ead967a0fc6df38da03157
Branches Tags
santhoshj:tdd-headroom santhoshj:main

2 Commits
b9cb5170da ... 3e36ea8888

Author SHA1 Message Date
Santhosh Janardhanan
3e36ea8888 docs(ui): Add UI layout refactor plan and OpenSpec changes 
- Update decision-log with UI layout decisions (Feb 18, 2026)
- Update architecture with frontend layout patterns
- Update config.yaml with TDD, documentation, UI standards rules
- Create p00-api-documentation change (Scribe annotations)
- Create p01-ui-foundation change (types, stores, Lucide)
- Create p02-app-layout change (AppLayout, Sidebar, TopBar)
- Create p03-dashboard-enhancement change (PageHeader, StatCard)
- Create p04-content-patterns change (DataTable, FilterBar)
- Create p05-page-migrations change (page migrations)
- Fix E2E auth tests (11/11 passing)
- Add JWT expiry validation to dashboard guard
 2026-02-18 13:03:08 -05:00
Santhosh Janardhanan
f935754df4 feat: Reinitialize frontend with SvelteKit and TypeScript 
- Delete old Vite+Svelte frontend
- Initialize new SvelteKit project with TypeScript
- Configure Tailwind CSS v4 + DaisyUI
- Implement JWT authentication with auto-refresh
- Create login page with form validation (Zod)
- Add protected route guards
- Update Docker configuration for single-stage build
- Add E2E tests with Playwright (6/11 passing)
- Fix Svelte 5 reactivity with $state() runes

Known issues:
- 5 E2E tests failing (timing/async issues)
- Token refresh implementation needs debugging
- Validation error display timing
 2026-02-17 16:19:59 -05:00
143 changed files with 25057 additions and 93 deletions
Expand all files Collapse all files

18
backend/.editorconfig Normal file
View File

@@ -0,0 +1,18 @@
root = true
[*]
charset = utf-8
end_of_line = lf
indent_size = 4
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
[*.{yml,yaml}]
indent_size = 2
[compose.yaml]
indent_size = 4

65
backend/.env.example Normal file
View File

@@ -0,0 +1,65 @@
APP_NAME=Laravel
APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US
APP_MAINTENANCE_DRIVER=file
# APP_MAINTENANCE_STORE=database
# PHP_CLI_SERVER_WORKERS=4
BCRYPT_ROUNDS=12
LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=sqlite
# DB_HOST=127.0.0.1
# DB_PORT=3306
# DB_DATABASE=laravel
# DB_USERNAME=root
# DB_PASSWORD=
SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=null
BROADCAST_CONNECTION=log
FILESYSTEM_DISK=local
QUEUE_CONNECTION=database
CACHE_STORE=database
# CACHE_PREFIX=
MEMCACHED_HOST=127.0.0.1
REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER=log
MAIL_SCHEME=null
MAIL_HOST=127.0.0.1
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_FROM_ADDRESS="hello@example.com"
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false
VITE_APP_NAME="${APP_NAME}"

11
backend/.gitattributes vendored Normal file
View File

@@ -0,0 +1,11 @@
* text=auto eol=lf
*.blade.php diff=html
*.css diff=css
*.html diff=html
*.md diff=markdown
*.php diff=php
/.github export-ignore
CHANGELOG.md export-ignore
.styleci.yml export-ignore

24
backend/.gitignore vendored Normal file
View File

@@ -0,0 +1,24 @@
*.log
.DS_Store
.env
.env.backup
.env.production
.phpactor.json
.phpunit.result.cache
/.fleet
/.idea
/.nova
/.phpunit.cache
/.vscode
/.zed
/auth.json
/node_modules
/public/build
/public/hot
/public/storage
/storage/*.key
/storage/pail
/vendor
Homestead.json
Homestead.yaml
Thumbs.db

37
backend/Dockerfile Normal file
View File

@@ -0,0 +1,37 @@
FROM php:8.4-cli
# Install system dependencies
RUN apt-get update && apt-get install -y \
git \
curl \
libpng-dev \
libonig-dev \
libxml2-dev \
zip \
unzip \
libpq-dev \
libzip-dev \
&& docker-php-ext-install pdo pdo_pgsql mbstring exif pcntl bcmath gd zip
# Install Redis extension
RUN pecl install redis && docker-php-ext-enable redis
# Install Composer
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
# Set working directory
WORKDIR /var/www/html
# Copy existing application directory contents
COPY . .
# Install PHP dependencies
RUN composer install --no-interaction --optimize-autoloader
# Set permissions
RUN chmod -R 755 /var/www/html/storage
EXPOSE 3000
# Run Laravel development server
CMD ["php", "artisan", "serve", "--host=0.0.0.0", "--port=3000"]

59
backend/README.md Normal file
View File

@@ -0,0 +1,59 @@
<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>
<p align="center">
<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
</p>
## About Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- [Simple, fast routing engine](https://laravel.com/docs/routing).
- [Powerful dependency injection container](https://laravel.com/docs/container).
- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
- [Robust background job processing](https://laravel.com/docs/queues).
- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).
Laravel is accessible, powerful, and provides tools required for large, robust applications.
## Learning Laravel
Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. You can also check out [Laravel Learn](https://laravel.com/learn), where you will be guided through building a modern Laravel application.
If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
## Laravel Sponsors
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the [Laravel Partners program](https://partners.laravel.com).
### Premium Partners
- **[Vehikl](https://vehikl.com)**
- **[Tighten Co.](https://tighten.co)**
- **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)**
- **[64 Robots](https://64robots.com)**
- **[Curotec](https://www.curotec.com/services/technologies/laravel)**
- **[DevSquad](https://devsquad.com/hire-laravel-developers)**
- **[Redberry](https://redberry.international/laravel-development)**
- **[Active Logic](https://activelogic.com)**
## Contributing
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
## Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
## Security Vulnerabilities
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.
## License
The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).

193
backend/app/Http/Controllers/Api/AuthController.php Normal file
View File

@@ -0,0 +1,193 @@
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Redis;
use Illuminate\Support\Facades\Validator;
class AuthController extends Controller
{
public function login(Request $request): JsonResponse
{
$validator = Validator::make($request->all(), [
'email' => 'required|string|email',
'password' => 'required|string',
]);
if ($validator->fails()) {
return response()->json([
'errors' => $validator->errors(),
], 422);
}
$user = User::where('email', $request->email)->first();
if (! $user || ! Hash::check($request->password, $user->password)) {
return response()->json([
'message' => 'Invalid credentials',
], 401);
}
if (! $user->active) {
return response()->json([
'message' => 'Account is inactive',
], 403);
}
$accessToken = $this->generateAccessToken($user);
$refreshToken = $this->generateRefreshToken($user);
return response()->json([
'access_token' => $accessToken,
'refresh_token' => $refreshToken,
'token_type' => 'bearer',
'expires_in' => 3600,
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'role' => $user->role,
],
]);
}
public function refresh(Request $request): JsonResponse
{
$refreshToken = $request->input('refresh_token');
$userId = $this->getUserIdFromRefreshToken($refreshToken);
if (! $userId) {
return response()->json([
'message' => 'Invalid or expired refresh token',
], 401);
}
$user = User::find($userId);
if (! $user) {
return response()->json([
'message' => 'Invalid or expired refresh token',
], 401);
}
$this->invalidateRefreshToken($refreshToken, $userId);
$accessToken = $this->generateAccessToken($user);
$newRefreshToken = $this->generateRefreshToken($user);
return response()->json([
'access_token' => $accessToken,
'refresh_token' => $newRefreshToken,
'token_type' => 'bearer',
'expires_in' => 3600,
]);
}
public function logout(Request $request): JsonResponse
{
$user = $request->user();
$refreshToken = $request->input('refresh_token');
if ($refreshToken) {
$this->invalidateRefreshToken($refreshToken, $user->id);
}
return response()->json([
'message' => 'Logged out successfully',
]);
}
protected function generateAccessToken(User $user): string
{
$payload = [
'iss' => config('app.url', 'headroom'),
'sub' => $user->id,
'iat' => time(),
'exp' => time() + 3600,
'role' => $user->role,
'permissions' => $this->getPermissions($user->role),
'jti' => uniqid('token_', true),
];
return $this->encodeJWT($payload);
}
protected function generateRefreshToken(User $user): string
{
$token = bin2hex(random_bytes(32));
// Store with token as the key part for easy lookup
$key = "refresh_token:{$token}";
Redis::setex($key, 604800, $user->id);
return $token;
}
protected function getUserIdFromRefreshToken(string $token): ?string
{
return Redis::get("refresh_token:{$token}") ?: null;
}
protected function invalidateRefreshToken(string $token, string $userId): void
{
Redis::del("refresh_token:{$token}");
}
protected function getPermissions(string $role): array
{
return match ($role) {
'superuser' => [
'manage_users',
'manage_team_members',
'manage_projects',
'manage_allocations',
'manage_actuals',
'view_reports',
'configure_system',
'view_audit_logs',
],
'manager' => [
'manage_projects',
'manage_allocations',
'manage_actuals',
'view_reports',
'manage_team_members',
],
'developer' => [
'manage_actuals',
'view_own_allocations',
'view_own_actuals',
'log_hours',
],
'top_brass' => [
'view_reports',
'view_allocations',
'view_actuals',
'view_capacity',
],
default => [],
};
}
protected function encodeJWT(array $payload): string
{
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
$header = base64_encode($header);
$header = str_replace(['+', '/', '='], ['-', '_', ''], $header);
$payload = json_encode($payload);
$payload = base64_encode($payload);
$payload = str_replace(['+', '/', '='], ['-', '_', ''], $payload);
$signature = hash_hmac('sha256', $header . '.' . $payload, config('app.key'), true);
$signature = base64_encode($signature);
$signature = str_replace(['+', '/', '='], ['-', '_', ''], $signature);
return $header . '.' . $payload . '.' . $signature;
}
}

8
backend/app/Http/Controllers/Controller.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

82
backend/app/Http/Middleware/JwtAuth.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class JwtAuth
{
public function handle(Request $request, Closure $next): Response
{
$token = $this->extractToken($request);
if (! $token) {
return response()->json([
'message' => 'Authentication required',
], 401);
}
$payload = $this->decodeJWT($token);
if (! $payload) {
return response()->json([
'message' => 'Invalid token',
], 401);
}
if ($payload->exp < time()) {
return response()->json([
'message' => 'Token expired',
], 401);
}
$user = \App\Models\User::find($payload->sub);
if (! $user) {
return response()->json([
'message' => 'User not found',
], 401);
}
auth()->setUser($user);
$request->setUserResolver(fn () => $user);
return $next($request);
}
protected function extractToken(Request $request): ?string
{
$header = $request->header('Authorization');
if (! $header || ! str_starts_with($header, 'Bearer ')) {
return null;
}
return substr($header, 7);
}
protected function decodeJWT(string $token): ?object
{
$parts = explode('.', $token);
if (count($parts) !== 3) {
return null;
}
list($header, $payload, $signature) = $parts;
$expectedSignature = hash_hmac('sha256', $header . '.' . $payload, config('app.key'), true);
$expectedSignature = base64_encode($expectedSignature);
$expectedSignature = str_replace(['+', '/', '='], ['-', '_', ''], $expectedSignature);
if (! hash_equals($expectedSignature, $signature)) {
return null;
}
$payload = base64_decode(str_replace(['-', '_'], ['+', '/'], $payload));
return json_decode($payload);
}
}

46
backend/app/Models/Actual.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class Actual extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $table = 'actuals';
protected $fillable = [
'project_id',
'team_member_id',
'month',
'hours_logged',
];
protected $casts = [
'month' => 'date',
'hours_logged' => 'decimal:2',
];
/**
* Get the project that owns the actual.
*/
public function project()
{
return $this->belongsTo(Project::class);
}
/**
* Get the team member that owns the actual.
*/
public function teamMember()
{
return $this->belongsTo(TeamMember::class);
}
}

44
backend/app/Models/Allocation.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class Allocation extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $fillable = [
'project_id',
'team_member_id',
'month',
'allocated_hours',
];
protected $casts = [
'month' => 'date',
'allocated_hours' => 'decimal:2',
];
/**
* Get the project that owns the allocation.
*/
public function project()
{
return $this->belongsTo(Project::class);
}
/**
* Get the team member that owns the allocation.
*/
public function teamMember()
{
return $this->belongsTo(TeamMember::class);
}
}

26
backend/app/Models/Holiday.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class Holiday extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $fillable = [
'date',
'name',
'description',
];
protected $casts = [
'date' => 'date',
];
}

63
backend/app/Models/Project.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class Project extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $fillable = [
'code',
'title',
'status_id',
'type_id',
'approved_estimate',
'forecasted_effort',
];
protected $casts = [
'approved_estimate' => 'decimal:2',
'forecasted_effort' => 'array',
];
/**
* Get the status that owns the project.
*/
public function status()
{
return $this->belongsTo(ProjectStatus::class, 'status_id');
}
/**
* Get the type that owns the project.
*/
public function type()
{
return $this->belongsTo(ProjectType::class, 'type_id');
}
/**
* Get the allocations for the project.
*/
public function allocations(): HasMany
{
return $this->hasMany(Allocation::class);
}
/**
* Get the actuals for the project.
*/
public function actuals(): HasMany
{
return $this->hasMany(Actual::class);
}
}

33
backend/app/Models/ProjectStatus.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
class ProjectStatus extends Model
{
use HasFactory;
protected $fillable = [
'name',
'order',
'is_active',
'is_billable',
];
protected $casts = [
'order' => 'integer',
'is_active' => 'boolean',
'is_billable' => 'boolean',
];
/**
* Get the projects for the status.
*/
public function projects(): HasMany
{
return $this->hasMany(Project::class, 'status_id');
}
}

25
backend/app/Models/ProjectType.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
class ProjectType extends Model
{
use HasFactory;
protected $fillable = [
'name',
'description',
];
/**
* Get the projects for the type.
*/
public function projects(): HasMany
{
return $this->hasMany(Project::class, 'type_id');
}
}

39
backend/app/Models/Pto.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class Pto extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $table = 'ptos';
protected $fillable = [
'team_member_id',
'start_date',
'end_date',
'reason',
'status',
];
protected $casts = [
'start_date' => 'date',
'end_date' => 'date',
];
/**
* Get the team member that owns the PTO.
*/
public function teamMember()
{
return $this->belongsTo(TeamMember::class);
}
}

25
backend/app/Models/Role.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
class Role extends Model
{
use HasFactory;
protected $fillable = [
'name',
'description',
];
/**
* Get the team members for the role.
*/
public function teamMembers(): HasMany
{
return $this->hasMany(TeamMember::class);
}
}

61
backend/app/Models/TeamMember.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
class TeamMember extends Model
{
use HasFactory, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
protected $fillable = [
'name',
'role_id',
'hourly_rate',
'active',
];
protected $casts = [
'hourly_rate' => 'decimal:2',
'active' => 'boolean',
];
/**
* Get the role that owns the team member.
*/
public function role()
{
return $this->belongsTo(Role::class);
}
/**
* Get the allocations for the team member.
*/
public function allocations(): HasMany
{
return $this->hasMany(Allocation::class);
}
/**
* Get the actuals for the team member.
*/
public function actuals(): HasMany
{
return $this->hasMany(Actual::class);
}
/**
* Get the PTOs for the team member.
*/
public function ptos(): HasMany
{
return $this->hasMany(Pto::class);
}
}

78
backend/app/Models/User.php Normal file
View File

@@ -0,0 +1,78 @@
<?php
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
use Tymon\JWTAuth\Contracts\JWTSubject;
class User extends Authenticatable implements JWTSubject
{
/** @use HasFactory<\Database\Factories\UserFactory> */
use HasFactory, Notifiable, HasUuids;
protected $primaryKey = 'id';
public $incrementing = false;
protected $keyType = 'string';
/**
* The attributes that are mass assignable.
*
* @var list<string>
*/
protected $fillable = [
'name',
'email',
'password',
'role',
];
/**
* The attributes that should be hidden for serialization.
*
* @var list<string>
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* Get the attributes that should be cast.
*
* @return array<string, string>
*/
protected function casts(): array
{
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
}
/**
* Get the identifier that will be stored in the subject claim of the JWT.
*
* @return mixed
*/
public function getJWTIdentifier()
{
return $this->getKey();
}
/**
* Return a key value array, containing any custom claims to be added to the JWT.
*
* @return array
*/
public function getJWTCustomClaims()
{
return [
'role' => $this->role,
'email' => $this->email,
];
}
}

24
backend/app/Providers/AppServiceProvider.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
//
}
}

18
backend/artisan Normal file
View File

@@ -0,0 +1,18 @@
#!/usr/bin/env php
<?php
use Illuminate\Foundation\Application;
use Symfony\Component\Console\Input\ArgvInput;
define('LARAVEL_START', microtime(true));
// Register the Composer autoloader...
require __DIR__.'/vendor/autoload.php';
// Bootstrap Laravel and handle the command...
/** @var Application $app */
$app = require_once __DIR__.'/bootstrap/app.php';
$status = $app->handleCommand(new ArgvInput);
exit($status);

19
backend/bootstrap/app.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
api: __DIR__.'/../routes/api.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware): void {
//
})
->withExceptions(function (Exceptions $exceptions): void {
//
})->create();

2
backend/bootstrap/cache/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

5
backend/bootstrap/providers.php Normal file
View File

@@ -0,0 +1,5 @@
<?php
return [
App\Providers\AppServiceProvider::class,
];

90
backend/composer.json Normal file
View File

@@ -0,0 +1,90 @@
{
"$schema": "https://getcomposer.org/schema.json",
"name": "laravel/laravel",
"type": "project",
"description": "The skeleton application for the Laravel framework.",
"keywords": ["laravel", "framework"],
"license": "MIT",
"require": {
"php": "^8.2",
"laravel/framework": "^12.0",
"laravel/tinker": "^2.10.1",
"predis/predis": "^2.0",
"tymon/jwt-auth": "^2.0"
},
"require-dev": {
"fakerphp/faker": "^1.23",
"laravel/pail": "^1.2.2",
"laravel/pint": "^1.24",
"laravel/sail": "^1.41",
"mockery/mockery": "^1.6",
"nunomaduro/collision": "^8.6",
"pestphp/pest": "^3.8",
"pestphp/pest-plugin-laravel": "^3.0",
"phpunit/phpunit": "^11.5.3"
},
"autoload": {
"psr-4": {
"App\\": "app/",
"Database\\Factories\\": "database/factories/",
"Database\\Seeders\\": "database/seeders/"
}
},
"autoload-dev": {
"psr-4": {
"Tests\\": "tests/"
}
},
"scripts": {
"setup": [
"composer install",
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\"",
"@php artisan key:generate",
"@php artisan migrate --force",
"npm install",
"npm run build"
],
"dev": [
"Composer\\Config::disableProcessTimeout",
"npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185,#fdba74\" \"php artisan serve\" \"php artisan queue:listen --tries=1 --timeout=0\" \"php artisan pail --timeout=0\" \"npm run dev\" --names=server,queue,logs,vite --kill-others"
],
"test": [
"@php artisan config:clear --ansi",
"@php artisan test"
],
"post-autoload-dump": [
"Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
"@php artisan package:discover --ansi"
],
"post-update-cmd": [
"@php artisan vendor:publish --tag=laravel-assets --ansi --force"
],
"post-root-package-install": [
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
],
"post-create-project-cmd": [
"@php artisan key:generate --ansi",
"@php -r \"file_exists('database/database.sqlite') || touch('database/database.sqlite');\"",
"@php artisan migrate --graceful --ansi"
],
"pre-package-uninstall": [
"Illuminate\\Foundation\\ComposerScripts::prePackageUninstall"
]
},
"extra": {
"laravel": {
"dont-discover": []
}
},
"config": {
"optimize-autoloader": true,
"preferred-install": "dist",
"sort-packages": true,
"allow-plugins": {
"pestphp/pest-plugin": true,
"php-http/discovery": true
}
},
"minimum-stability": "stable",
"prefer-stable": true
}

9717
backend/composer.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

126
backend/config/app.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Application Name
|--------------------------------------------------------------------------
|
| This value is the name of your application, which will be used when the
| framework needs to place the application's name in a notification or
| other UI elements where an application name needs to be displayed.
|
*/
'name' => env('APP_NAME', 'Laravel'),
/*
|--------------------------------------------------------------------------
| Application Environment
|--------------------------------------------------------------------------
|
| This value determines the "environment" your application is currently
| running in. This may determine how you prefer to configure various
| services the application utilizes. Set this in your ".env" file.
|
*/
'env' => env('APP_ENV', 'production'),
/*
|--------------------------------------------------------------------------
| Application Debug Mode
|--------------------------------------------------------------------------
|
| When your application is in debug mode, detailed error messages with
| stack traces will be shown on every error that occurs within your
| application. If disabled, a simple generic error page is shown.
|
*/
'debug' => (bool) env('APP_DEBUG', false),
/*
|--------------------------------------------------------------------------
| Application URL
|--------------------------------------------------------------------------
|
| This URL is used by the console to properly generate URLs when using
| the Artisan command line tool. You should set this to the root of
| the application so that it's available within Artisan commands.
|
*/
'url' => env('APP_URL', 'http://localhost'),
/*
|--------------------------------------------------------------------------
| Application Timezone
|--------------------------------------------------------------------------
|
| Here you may specify the default timezone for your application, which
| will be used by the PHP date and date-time functions. The timezone
| is set to "UTC" by default as it is suitable for most use cases.
|
*/
'timezone' => 'UTC',
/*
|--------------------------------------------------------------------------
| Application Locale Configuration
|--------------------------------------------------------------------------
|
| The application locale determines the default locale that will be used
| by Laravel's translation / localization methods. This option can be
| set to any locale for which you plan to have translation strings.
|
*/
'locale' => env('APP_LOCALE', 'en'),
'fallback_locale' => env('APP_FALLBACK_LOCALE', 'en'),
'faker_locale' => env('APP_FAKER_LOCALE', 'en_US'),
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| This key is utilized by Laravel's encryption services and should be set
| to a random, 32 character string to ensure that all encrypted values
| are secure. You should do this prior to deploying the application.
|
*/
'cipher' => 'AES-256-CBC',
'key' => env('APP_KEY'),
'previous_keys' => [
...array_filter(
explode(',', (string) env('APP_PREVIOUS_KEYS', ''))
),
],
/*
|--------------------------------------------------------------------------
| Maintenance Mode Driver
|--------------------------------------------------------------------------
|
| These configuration options determine the driver used to determine and
| manage Laravel's "maintenance mode" status. The "cache" driver will
| allow maintenance mode to be controlled across multiple machines.
|
| Supported drivers: "file", "cache"
|
*/
'maintenance' => [
'driver' => env('APP_MAINTENANCE_DRIVER', 'file'),
'store' => env('APP_MAINTENANCE_STORE', 'database'),
],
];

115
backend/config/auth.php Normal file
View File

@@ -0,0 +1,115 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option defines the default authentication "guard" and password
| reset "broker" for your application. You may change these values
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => env('AUTH_GUARD', 'web'),
'passwords' => env('AUTH_PASSWORD_BROKER', 'users'),
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| which utilizes session storage plus the Eloquent user provider.
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| If you have multiple user tables or models you may configure multiple
| providers to represent the model / table. These providers may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class),
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| These configuration options specify the behavior of Laravel's password
| reset functionality, including the table utilized for token storage
| and the user provider that is invoked to actually retrieve users.
|
| The expiry time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
| The throttle setting is the number of seconds a user must wait before
| generating more password reset tokens. This prevents the user from
| quickly generating a very large amount of password reset tokens.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => env('AUTH_PASSWORD_RESET_TOKEN_TABLE', 'password_reset_tokens'),
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the number of seconds before a password confirmation
| window expires and users are asked to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800),
];

117
backend/config/cache.php Normal file
View File

@@ -0,0 +1,117 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Cache Store
|--------------------------------------------------------------------------
|
| This option controls the default cache store that will be used by the
| framework. This connection is utilized if another isn't explicitly
| specified when running a cache operation inside the application.
|
*/
'default' => env('CACHE_STORE', 'database'),
/*
|--------------------------------------------------------------------------
| Cache Stores
|--------------------------------------------------------------------------
|
| Here you may define all of the cache "stores" for your application as
| well as their drivers. You may even define multiple stores for the
| same cache driver to group types of items stored in your caches.
|
| Supported drivers: "array", "database", "file", "memcached",
| "redis", "dynamodb", "octane",
| "failover", "null"
|
*/
'stores' => [
'array' => [
'driver' => 'array',
'serialize' => false,
],
'database' => [
'driver' => 'database',
'connection' => env('DB_CACHE_CONNECTION'),
'table' => env('DB_CACHE_TABLE', 'cache'),
'lock_connection' => env('DB_CACHE_LOCK_CONNECTION'),
'lock_table' => env('DB_CACHE_LOCK_TABLE'),
],
'file' => [
'driver' => 'file',
'path' => storage_path('framework/cache/data'),
'lock_path' => storage_path('framework/cache/data'),
],
'memcached' => [
'driver' => 'memcached',
'persistent_id' => env('MEMCACHED_PERSISTENT_ID'),
'sasl' => [
env('MEMCACHED_USERNAME'),
env('MEMCACHED_PASSWORD'),
],
'options' => [
// Memcached::OPT_CONNECT_TIMEOUT => 2000,
],
'servers' => [
[
'host' => env('MEMCACHED_HOST', '127.0.0.1'),
'port' => env('MEMCACHED_PORT', 11211),
'weight' => 100,
],
],
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_CACHE_CONNECTION', 'cache'),
'lock_connection' => env('REDIS_CACHE_LOCK_CONNECTION', 'default'),
],
'dynamodb' => [
'driver' => 'dynamodb',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'table' => env('DYNAMODB_CACHE_TABLE', 'cache'),
'endpoint' => env('DYNAMODB_ENDPOINT'),
],
'octane' => [
'driver' => 'octane',
],
'failover' => [
'driver' => 'failover',
'stores' => [
'database',
'array',
],
],
],
/*
|--------------------------------------------------------------------------
| Cache Key Prefix
|--------------------------------------------------------------------------
|
| When utilizing the APC, database, memcached, Redis, and DynamoDB cache
| stores, there might be other applications using the same cache. For
| that reason, you may prefix every cache key to avoid collisions.
|
*/
'prefix' => env('CACHE_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-cache-'),
];

183
backend/config/database.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Database Connection Name
|--------------------------------------------------------------------------
|
| Here you may specify which of the database connections below you wish
| to use as your default connection for database operations. This is
| the connection which will be utilized unless another connection
| is explicitly specified when you execute a query / statement.
|
*/
'default' => env('DB_CONNECTION', 'sqlite'),
/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Below are all of the database connections defined for your application.
| An example configuration is provided for each database system which
| is supported by Laravel. You're free to add / remove connections.
|
*/
'connections' => [
'sqlite' => [
'driver' => 'sqlite',
'url' => env('DB_URL'),
'database' => env('DB_DATABASE', database_path('database.sqlite')),
'prefix' => '',
'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true),
'busy_timeout' => null,
'journal_mode' => null,
'synchronous' => null,
'transaction_mode' => 'DEFERRED',
],
'mysql' => [
'driver' => 'mysql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? \Pdo\Mysql::ATTR_SSL_CA : \PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'mariadb' => [
'driver' => 'mariadb',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? \Pdo\Mysql::ATTR_SSL_CA : \PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'pgsql' => [
'driver' => 'pgsql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '5432'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
'search_path' => 'public',
'sslmode' => env('DB_SSLMODE', 'prefer'),
],
'sqlsrv' => [
'driver' => 'sqlsrv',
'url' => env('DB_URL'),
'host' => env('DB_HOST', 'localhost'),
'port' => env('DB_PORT', '1433'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
// 'encrypt' => env('DB_ENCRYPT', 'yes'),
// 'trust_server_certificate' => env('DB_TRUST_SERVER_CERTIFICATE', 'false'),
],
],
/*
|--------------------------------------------------------------------------
| Migration Repository Table
|--------------------------------------------------------------------------
|
| This table keeps track of all the migrations that have already run for
| your application. Using this information, we can determine which of
| the migrations on disk haven't actually been run on the database.
|
*/
'migrations' => [
'table' => 'migrations',
'update_date_on_publish' => true,
],
/*
|--------------------------------------------------------------------------
| Redis Databases
|--------------------------------------------------------------------------
|
| Redis is an open source, fast, and advanced key-value store that also
| provides a richer body of commands than a typical key-value system
| such as Memcached. You may define your connection settings here.
|
*/
'redis' => [
'client' => env('REDIS_CLIENT', 'phpredis'),
'options' => [
'cluster' => env('REDIS_CLUSTER', 'redis'),
'prefix' => env('REDIS_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-database-'),
'persistent' => env('REDIS_PERSISTENT', false),
],
'default' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_DB', '0'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
'cache' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_CACHE_DB', '1'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
],
];

80
backend/config/filesystems.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application for file storage.
|
*/
'default' => env('FILESYSTEM_DISK', 'local'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Below you may configure as many filesystem disks as necessary, and you
| may even configure multiple disks for the same driver. Examples for
| most supported storage drivers are configured here for reference.
|
| Supported drivers: "local", "ftp", "sftp", "s3"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app/private'),
'serve' => true,
'throw' => false,
'report' => false,
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'url' => rtrim(env('APP_URL', 'http://localhost'), '/').'/storage',
'visibility' => 'public',
'throw' => false,
'report' => false,
],
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => false,
'report' => false,
],
],
/*
|--------------------------------------------------------------------------
| Symbolic Links
|--------------------------------------------------------------------------
|
| Here you may configure the symbolic links that will be created when the
| `storage:link` Artisan command is executed. The array keys should be
| the locations of the links and the values should be their targets.
|
*/
'links' => [
public_path('storage') => storage_path('app/public'),
],
];

301
backend/config/jwt.php Normal file
View File

@@ -0,0 +1,301 @@
<?php
/*
* This file is part of jwt-auth.
*
* (c) Sean Tymon <tymon148@gmail.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
return [
/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this in your .env file, as it will be used to sign
| your tokens. A helper command is provided for this:
| `php artisan jwt:secret`
|
| Note: This will be used for Symmetric algorithms only (HMAC),
| since RSA and ECDSA use a private/public key combo (See below).
|
*/
'secret' => env('JWT_SECRET'),
/*
|--------------------------------------------------------------------------
| JWT Authentication Keys
|--------------------------------------------------------------------------
|
| The algorithm you are using, will determine whether your tokens are
| signed with a random string (defined in `JWT_SECRET`) or using the
| following public & private keys.
|
| Symmetric Algorithms:
| HS256, HS384 & HS512 will use `JWT_SECRET`.
|
| Asymmetric Algorithms:
| RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
|
*/
'keys' => [
/*
|--------------------------------------------------------------------------
| Public Key
|--------------------------------------------------------------------------
|
| A path or resource to your public key.
|
| E.g. 'file://path/to/public/key'
|
*/
'public' => env('JWT_PUBLIC_KEY'),
/*
|--------------------------------------------------------------------------
| Private Key
|--------------------------------------------------------------------------
|
| A path or resource to your private key.
|
| E.g. 'file://path/to/private/key'
|
*/
'private' => env('JWT_PRIVATE_KEY'),
/*
|--------------------------------------------------------------------------
| Passphrase
|--------------------------------------------------------------------------
|
| The passphrase for your private key. Can be null if none set.
|
*/
'passphrase' => env('JWT_PASSPHRASE'),
],
/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour.
|
| You can also set this to null, to yield a never expiring token.
| Some people may want this behaviour for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
| Notice: If you set this to null you should remove 'exp' element from 'required_claims' list.
|
*/
'ttl' => env('JWT_TTL', 60),
/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks.
|
| You can also set this to null, to yield an infinite refresh time.
| Some may want this instead of never expiring tokens for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
|
*/
'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),
/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
*/
'algo' => env('JWT_ALGO', Tymon\JWTAuth\Providers\JWT\Provider::ALGO_HS256),
/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/
'required_claims' => [
'iss',
'iat',
'exp',
'nbf',
'sub',
'jti',
],
/*
|--------------------------------------------------------------------------
| Persistent Claims
|--------------------------------------------------------------------------
|
| Specify the claim keys to be persisted when refreshing a token.
| `sub` and `iat` will automatically be persisted, in
| addition to the these claims.
|
| Note: If a claim does not exist then it will be ignored.
|
*/
'persistent_claims' => [
// 'foo',
// 'bar',
],
/*
|--------------------------------------------------------------------------
| Lock Subject
|--------------------------------------------------------------------------
|
| This will determine whether a `prv` claim is automatically added to
| the token. The purpose of this is to ensure that if you have multiple
| authentication models e.g. `App\User` & `App\OtherPerson`, then we
| should prevent one authentication request from impersonating another,
| if 2 tokens happen to have the same id across the 2 different models.
|
| Under specific circumstances, you may want to disable this behaviour
| e.g. if you only have one authentication model, then you would save
| a little on token size.
|
*/
'lock_subject' => true,
/*
|--------------------------------------------------------------------------
| Leeway
|--------------------------------------------------------------------------
|
| This property gives the jwt timestamp claims some "leeway".
| Meaning that if you have any unavoidable slight clock skew on
| any of your servers then this will afford you some level of cushioning.
|
| This applies to the claims `iat`, `nbf` and `exp`.
|
| Specify in seconds - only if you know you need it.
|
*/
'leeway' => env('JWT_LEEWAY', 0),
/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/
'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
/*
| -------------------------------------------------------------------------
| Blacklist Grace Period
| -------------------------------------------------------------------------
|
| When multiple concurrent requests are made with the same JWT,
| it is possible that some of them fail, due to token regeneration
| on every request.
|
| Set grace period in seconds to prevent parallel request failure.
|
*/
'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),
/*
|--------------------------------------------------------------------------
| Cookies encryption
|--------------------------------------------------------------------------
|
| By default Laravel encrypt cookies for security reason.
| If you decide to not decrypt cookies, you will have to configure Laravel
| to not encrypt your cookie token by adding its name into the $except
| array available in the middleware "EncryptCookies" provided by Laravel.
| see https://laravel.com/docs/master/responses#cookies-and-encryption
| for details.
|
| Set it to true if you want to decrypt cookies.
|
*/
'decrypt_cookies' => false,
/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/
'providers' => [
/*
|--------------------------------------------------------------------------
| JWT Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to create and decode the tokens.
|
*/
'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class,
/*
|--------------------------------------------------------------------------
| Authentication Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to authenticate users.
|
*/
'auth' => Tymon\JWTAuth\Providers\Auth\Illuminate::class,
/*
|--------------------------------------------------------------------------
| Storage Provider
|--------------------------------------------------------------------------
|
| Specify the provider that is used to store tokens in the blacklist.
|
*/
'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class,
],
];

132
backend/config/logging.php Normal file
View File

@@ -0,0 +1,132 @@
<?php
use Monolog\Handler\NullHandler;
use Monolog\Handler\StreamHandler;
use Monolog\Handler\SyslogUdpHandler;
use Monolog\Processor\PsrLogMessageProcessor;
return [
/*
|--------------------------------------------------------------------------
| Default Log Channel
|--------------------------------------------------------------------------
|
| This option defines the default log channel that is utilized to write
| messages to your logs. The value provided here should match one of
| the channels present in the list of "channels" configured below.
|
*/
'default' => env('LOG_CHANNEL', 'stack'),
/*
|--------------------------------------------------------------------------
| Deprecations Log Channel
|--------------------------------------------------------------------------
|
| This option controls the log channel that should be used to log warnings
| regarding deprecated PHP and library features. This allows you to get
| your application ready for upcoming major versions of dependencies.
|
*/
'deprecations' => [
'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'),
'trace' => env('LOG_DEPRECATIONS_TRACE', false),
],
/*
|--------------------------------------------------------------------------
| Log Channels
|--------------------------------------------------------------------------
|
| Here you may configure the log channels for your application. Laravel
| utilizes the Monolog PHP logging library, which includes a variety
| of powerful log handlers and formatters that you're free to use.
|
| Available drivers: "single", "daily", "slack", "syslog",
| "errorlog", "monolog", "custom", "stack"
|
*/
'channels' => [
'stack' => [
'driver' => 'stack',
'channels' => explode(',', (string) env('LOG_STACK', 'single')),
'ignore_exceptions' => false,
],
'single' => [
'driver' => 'single',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'days' => env('LOG_DAILY_DAYS', 14),
'replace_placeholders' => true,
],
'slack' => [
'driver' => 'slack',
'url' => env('LOG_SLACK_WEBHOOK_URL'),
'username' => env('LOG_SLACK_USERNAME', 'Laravel Log'),
'emoji' => env('LOG_SLACK_EMOJI', ':boom:'),
'level' => env('LOG_LEVEL', 'critical'),
'replace_placeholders' => true,
],
'papertrail' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class),
'handler_with' => [
'host' => env('PAPERTRAIL_URL'),
'port' => env('PAPERTRAIL_PORT'),
'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'),
],
'processors' => [PsrLogMessageProcessor::class],
],
'stderr' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => StreamHandler::class,
'handler_with' => [
'stream' => 'php://stderr',
],
'formatter' => env('LOG_STDERR_FORMATTER'),
'processors' => [PsrLogMessageProcessor::class],
],
'syslog' => [
'driver' => 'syslog',
'level' => env('LOG_LEVEL', 'debug'),
'facility' => env('LOG_SYSLOG_FACILITY', LOG_USER),
'replace_placeholders' => true,
],
'errorlog' => [
'driver' => 'errorlog',
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'null' => [
'driver' => 'monolog',
'handler' => NullHandler::class,
],
'emergency' => [
'path' => storage_path('logs/laravel.log'),
],
],
];

118
backend/config/mail.php Normal file
View File

@@ -0,0 +1,118 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Mailer
|--------------------------------------------------------------------------
|
| This option controls the default mailer that is used to send all email
| messages unless another mailer is explicitly specified when sending
| the message. All additional mailers can be configured within the
| "mailers" array. Examples of each type of mailer are provided.
|
*/
'default' => env('MAIL_MAILER', 'log'),
/*
|--------------------------------------------------------------------------
| Mailer Configurations
|--------------------------------------------------------------------------
|
| Here you may configure all of the mailers used by your application plus
| their respective settings. Several examples have been configured for
| you and you are free to add your own as your application requires.
|
| Laravel supports a variety of mail "transport" drivers that can be used
| when delivering an email. You may specify which one you're using for
| your mailers below. You may also add additional mailers if needed.
|
| Supported: "smtp", "sendmail", "mailgun", "ses", "ses-v2",
| "postmark", "resend", "log", "array",
| "failover", "roundrobin"
|
*/
'mailers' => [
'smtp' => [
'transport' => 'smtp',
'scheme' => env('MAIL_SCHEME'),
'url' => env('MAIL_URL'),
'host' => env('MAIL_HOST', '127.0.0.1'),
'port' => env('MAIL_PORT', 2525),
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'timeout' => null,
'local_domain' => env('MAIL_EHLO_DOMAIN', parse_url((string) env('APP_URL', 'http://localhost'), PHP_URL_HOST)),
],
'ses' => [
'transport' => 'ses',
],
'postmark' => [
'transport' => 'postmark',
// 'message_stream_id' => env('POSTMARK_MESSAGE_STREAM_ID'),
// 'client' => [
// 'timeout' => 5,
// ],
],
'resend' => [
'transport' => 'resend',
],
'sendmail' => [
'transport' => 'sendmail',
'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -bs -i'),
],
'log' => [
'transport' => 'log',
'channel' => env('MAIL_LOG_CHANNEL'),
],
'array' => [
'transport' => 'array',
],
'failover' => [
'transport' => 'failover',
'mailers' => [
'smtp',
'log',
],
'retry_after' => 60,
],
'roundrobin' => [
'transport' => 'roundrobin',
'mailers' => [
'ses',
'postmark',
],
'retry_after' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Global "From" Address
|--------------------------------------------------------------------------
|
| You may wish for all emails sent by your application to be sent from
| the same address. Here you may specify a name and address that is
| used globally for all emails that are sent by your application.
|
*/
'from' => [
'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'),
'name' => env('MAIL_FROM_NAME', 'Example'),
],
];

129
backend/config/queue.php Normal file
View File

@@ -0,0 +1,129 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Queue Connection Name
|--------------------------------------------------------------------------
|
| Laravel's queue supports a variety of backends via a single, unified
| API, giving you convenient access to each backend using identical
| syntax for each. The default queue connection is defined below.
|
*/
'default' => env('QUEUE_CONNECTION', 'database'),
/*
|--------------------------------------------------------------------------
| Queue Connections
|--------------------------------------------------------------------------
|
| Here you may configure the connection options for every queue backend
| used by your application. An example configuration is provided for
| each backend supported by Laravel. You're also free to add more.
|
| Drivers: "sync", "database", "beanstalkd", "sqs", "redis",
| "deferred", "background", "failover", "null"
|
*/
'connections' => [
'sync' => [
'driver' => 'sync',
],
'database' => [
'driver' => 'database',
'connection' => env('DB_QUEUE_CONNECTION'),
'table' => env('DB_QUEUE_TABLE', 'jobs'),
'queue' => env('DB_QUEUE', 'default'),
'retry_after' => (int) env('DB_QUEUE_RETRY_AFTER', 90),
'after_commit' => false,
],
'beanstalkd' => [
'driver' => 'beanstalkd',
'host' => env('BEANSTALKD_QUEUE_HOST', 'localhost'),
'queue' => env('BEANSTALKD_QUEUE', 'default'),
'retry_after' => (int) env('BEANSTALKD_QUEUE_RETRY_AFTER', 90),
'block_for' => 0,
'after_commit' => false,
],
'sqs' => [
'driver' => 'sqs',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
'queue' => env('SQS_QUEUE', 'default'),
'suffix' => env('SQS_SUFFIX'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'after_commit' => false,
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_QUEUE_CONNECTION', 'default'),
'queue' => env('REDIS_QUEUE', 'default'),
'retry_after' => (int) env('REDIS_QUEUE_RETRY_AFTER', 90),
'block_for' => null,
'after_commit' => false,
],
'deferred' => [
'driver' => 'deferred',
],
'background' => [
'driver' => 'background',
],
'failover' => [
'driver' => 'failover',
'connections' => [
'database',
'deferred',
],
],
],
/*
|--------------------------------------------------------------------------
| Job Batching
|--------------------------------------------------------------------------
|
| The following options configure the database and table that store job
| batching information. These options can be updated to any database
| connection and table which has been defined by your application.
|
*/
'batching' => [
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'job_batches',
],
/*
|--------------------------------------------------------------------------
| Failed Queue Jobs
|--------------------------------------------------------------------------
|
| These options configure the behavior of failed queue job logging so you
| can control how and where failed jobs are stored. Laravel ships with
| support for storing failed jobs in a simple file or in a database.
|
| Supported drivers: "database-uuids", "dynamodb", "file", "null"
|
*/
'failed' => [
'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'),
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'failed_jobs',
],
];

38
backend/config/services.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Third Party Services
|--------------------------------------------------------------------------
|
| This file is for storing the credentials for third party services such
| as Mailgun, Postmark, AWS and more. This file provides the de facto
| location for this type of information, allowing packages to have
| a conventional file to locate the various service credentials.
|
*/
'postmark' => [
'key' => env('POSTMARK_API_KEY'),
],
'resend' => [
'key' => env('RESEND_API_KEY'),
],
'ses' => [
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
],
'slack' => [
'notifications' => [
'bot_user_oauth_token' => env('SLACK_BOT_USER_OAUTH_TOKEN'),
'channel' => env('SLACK_BOT_USER_DEFAULT_CHANNEL'),
],
],
];

217
backend/config/session.php Normal file
View File

@@ -0,0 +1,217 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Session Driver
|--------------------------------------------------------------------------
|
| This option determines the default session driver that is utilized for
| incoming requests. Laravel supports a variety of storage options to
| persist session data. Database storage is a great default choice.
|
| Supported: "file", "cookie", "database", "memcached",
| "redis", "dynamodb", "array"
|
*/
'driver' => env('SESSION_DRIVER', 'database'),
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to expire immediately when the browser is closed then you may
| indicate that via the expire_on_close configuration option.
|
*/
'lifetime' => (int) env('SESSION_LIFETIME', 120),
'expire_on_close' => env('SESSION_EXPIRE_ON_CLOSE', false),
/*
|--------------------------------------------------------------------------
| Session Encryption
|--------------------------------------------------------------------------
|
| This option allows you to easily specify that all of your session data
| should be encrypted before it's stored. All encryption is performed
| automatically by Laravel and you may use the session like normal.
|
*/
'encrypt' => env('SESSION_ENCRYPT', false),
/*
|--------------------------------------------------------------------------
| Session File Location
|--------------------------------------------------------------------------
|
| When utilizing the "file" session driver, the session files are placed
| on disk. The default storage location is defined here; however, you
| are free to provide another location where they should be stored.
|
*/
'files' => storage_path('framework/sessions'),
/*
|--------------------------------------------------------------------------
| Session Database Connection
|--------------------------------------------------------------------------
|
| When using the "database" or "redis" session drivers, you may specify a
| connection that should be used to manage these sessions. This should
| correspond to a connection in your database configuration options.
|
*/
'connection' => env('SESSION_CONNECTION'),
/*
|--------------------------------------------------------------------------
| Session Database Table
|--------------------------------------------------------------------------
|
| When using the "database" session driver, you may specify the table to
| be used to store sessions. Of course, a sensible default is defined
| for you; however, you're welcome to change this to another table.
|
*/
'table' => env('SESSION_TABLE', 'sessions'),
/*
|--------------------------------------------------------------------------
| Session Cache Store
|--------------------------------------------------------------------------
|
| When using one of the framework's cache driven session backends, you may
| define the cache store which should be used to store the session data
| between requests. This must match one of your defined cache stores.
|
| Affects: "dynamodb", "memcached", "redis"
|
*/
'store' => env('SESSION_STORE'),
/*
|--------------------------------------------------------------------------
| Session Sweeping Lottery
|--------------------------------------------------------------------------
|
| Some session drivers must manually sweep their storage location to get
| rid of old sessions from storage. Here are the chances that it will
| happen on a given request. By default, the odds are 2 out of 100.
|
*/
'lottery' => [2, 100],
/*
|--------------------------------------------------------------------------
| Session Cookie Name
|--------------------------------------------------------------------------
|
| Here you may change the name of the session cookie that is created by
| the framework. Typically, you should not need to change this value
| since doing so does not grant a meaningful security improvement.
|
*/
'cookie' => env(
'SESSION_COOKIE',
Str::slug((string) env('APP_NAME', 'laravel')).'-session'
),
/*
|--------------------------------------------------------------------------
| Session Cookie Path
|--------------------------------------------------------------------------
|
| The session cookie path determines the path for which the cookie will
| be regarded as available. Typically, this will be the root path of
| your application, but you're free to change this when necessary.
|
*/
'path' => env('SESSION_PATH', '/'),
/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| This value determines the domain and subdomains the session cookie is
| available to. By default, the cookie will be available to the root
| domain without subdomains. Typically, this shouldn't be changed.
|
*/
'domain' => env('SESSION_DOMAIN'),
/*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you when it can't be done securely.
|
*/
'secure' => env('SESSION_SECURE_COOKIE'),
/*
|--------------------------------------------------------------------------
| HTTP Access Only
|--------------------------------------------------------------------------
|
| Setting this value to true will prevent JavaScript from accessing the
| value of the cookie and the cookie will only be accessible through
| the HTTP protocol. It's unlikely you should disable this option.
|
*/
'http_only' => env('SESSION_HTTP_ONLY', true),
/*
|--------------------------------------------------------------------------
| Same-Site Cookies
|--------------------------------------------------------------------------
|
| This option determines how your cookies behave when cross-site requests
| take place, and can be used to mitigate CSRF attacks. By default, we
| will set this value to "lax" to permit secure cross-site requests.
|
| See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value
|
| Supported: "lax", "strict", "none", null
|
*/
'same_site' => env('SESSION_SAME_SITE', 'lax'),
/*
|--------------------------------------------------------------------------
| Partitioned Cookies
|--------------------------------------------------------------------------
|
| Setting this value to true will tie the cookie to the top-level site for
| a cross-site context. Partitioned cookies are accepted by the browser
| when flagged "secure" and the Same-Site attribute is set to "none".
|
*/
'partitioned' => env('SESSION_PARTITIONED_COOKIE', false),
];

1
backend/database/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
*.sqlite*

28
backend/database/factories/ActualFactory.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
use App\Models\Actual;
use App\Models\Project;
use App\Models\TeamMember;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\Actual>
*/
class ActualFactory extends Factory
{
protected $model = Actual::class;
public function definition(): array
{
return [
'id' => (string) Str::uuid(),
'project_id' => Project::factory(),
'team_member_id' => TeamMember::factory(),
'month' => fake()->dateTimeBetween('-6 months', 'now')->format('Y-m-01'),
'hours_logged' => fake()->randomFloat(2, 0, 160),
];
}
}

28
backend/database/factories/AllocationFactory.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
use App\Models\Allocation;
use App\Models\Project;
use App\Models\TeamMember;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\Allocation>
*/
class AllocationFactory extends Factory
{
protected $model = Allocation::class;
public function definition(): array
{
return [
'id' => (string) Str::uuid(),
'project_id' => Project::factory(),
'team_member_id' => TeamMember::factory(),
'month' => fake()->dateTimeBetween('-6 months', '+6 months')->format('Y-m-01'),
'allocated_hours' => fake()->randomFloat(2, 0, 160),
];
}
}

42
backend/database/factories/ProjectFactory.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
use App\Models\Project;
use App\Models\ProjectStatus;
use App\Models\ProjectType;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\Project>
*/
class ProjectFactory extends Factory
{
protected $model = Project::class;
public function definition(): array
{
return [
'id' => (string) Str::uuid(),
'code' => strtoupper(fake()->unique()->bothify('PRJ-####')),
'title' => fake()->sentence(3),
'status_id' => ProjectStatus::factory(),
'type_id' => ProjectType::factory(),
'approved_estimate' => null,
'forecasted_effort' => null,
];
}
public function approved(): static
{
return $this->state(fn (array $attributes) => [
'approved_estimate' => fake()->randomFloat(2, 5000, 50000),
'forecasted_effort' => [
'frontend' => fake()->numberBetween(40, 200),
'backend' => fake()->numberBetween(60, 300),
'qa' => fake()->numberBetween(20, 100),
],
]);
}
}

24
backend/database/factories/ProjectStatusFactory.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use App\Models\ProjectStatus;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\ProjectStatus>
*/
class ProjectStatusFactory extends Factory
{
protected $model = ProjectStatus::class;
public function definition(): array
{
return [
'name' => fake()->unique()->words(2, true),
'order' => fake()->numberBetween(1, 20),
'is_active' => fake()->boolean(),
'is_billable' => fake()->boolean(),
];
}
}

22
backend/database/factories/ProjectTypeFactory.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use App\Models\ProjectType;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\ProjectType>
*/
class ProjectTypeFactory extends Factory
{
protected $model = ProjectType::class;
public function definition(): array
{
return [
'name' => fake()->unique()->word(),
'description' => fake()->sentence(),
];
}
}

23
backend/database/factories/RoleFactory.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
use App\Models\Role;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\Role>
*/
class RoleFactory extends Factory
{
protected $model = Role::class;
public function definition(): array
{
return [
'name' => fake()->unique()->jobTitle(),
'description' => fake()->sentence(),
];
}
}

34
backend/database/factories/TeamMemberFactory.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
use App\Models\TeamMember;
use App\Models\Role;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory\u003c\App\Models\TeamMember>
*/
class TeamMemberFactory extends Factory
{
protected $model = TeamMember::class;
public function definition(): array
{
return [
'id' => (string) Str::uuid(),
'name' => fake()->name(),
'role_id' => Role::factory(),
'hourly_rate' => fake()->randomFloat(2, 20, 150),
'active' => true,
];
}
public function inactive(): static
{
return $this->state(fn (array $attributes) => [
'active' => false,
]);
}
}

45
backend/database/factories/UserFactory.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\User>
*/
class UserFactory extends Factory
{
/**
* The current password being used by the factory.
*/
protected static ?string $password;
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'name' => fake()->name(),
'email' => fake()->unique()->safeEmail(),
'email_verified_at' => now(),
'password' => static::$password ??= Hash::make('password'),
'role' => fake()->randomElement(['superuser', 'manager', 'developer', 'top_brass']),
'remember_token' => Str::random(10),
];
}
/**
* Indicate that the model's email address should be unverified.
*/
public function unverified(): static
{
return $this->state(fn (array $attributes) => [
'email_verified_at' => null,
]);
}
}

49
backend/database/migrations/0001_01_01_000000_create_users_table.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
Schema::create('password_reset_tokens', function (Blueprint $table) {
$table->string('email')->primary();
$table->string('token');
$table->timestamp('created_at')->nullable();
});
Schema::create('sessions', function (Blueprint $table) {
$table->string('id')->primary();
$table->foreignId('user_id')->nullable()->index();
$table->string('ip_address', 45)->nullable();
$table->text('user_agent')->nullable();
$table->longText('payload');
$table->integer('last_activity')->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('users');
Schema::dropIfExists('password_reset_tokens');
Schema::dropIfExists('sessions');
}
};

35
backend/database/migrations/0001_01_01_000001_create_cache_table.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('cache', function (Blueprint $table) {
$table->string('key')->primary();
$table->mediumText('value');
$table->integer('expiration')->index();
});
Schema::create('cache_locks', function (Blueprint $table) {
$table->string('key')->primary();
$table->string('owner');
$table->integer('expiration')->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('cache');
Schema::dropIfExists('cache_locks');
}
};

57
backend/database/migrations/0001_01_01_000002_create_jobs_table.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('jobs', function (Blueprint $table) {
$table->id();
$table->string('queue')->index();
$table->longText('payload');
$table->unsignedTinyInteger('attempts');
$table->unsignedInteger('reserved_at')->nullable();
$table->unsignedInteger('available_at');
$table->unsignedInteger('created_at');
});
Schema::create('job_batches', function (Blueprint $table) {
$table->string('id')->primary();
$table->string('name');
$table->integer('total_jobs');
$table->integer('pending_jobs');
$table->integer('failed_jobs');
$table->longText('failed_job_ids');
$table->mediumText('options')->nullable();
$table->integer('cancelled_at')->nullable();
$table->integer('created_at');
$table->integer('finished_at')->nullable();
});
Schema::create('failed_jobs', function (Blueprint $table) {
$table->id();
$table->string('uuid')->unique();
$table->text('connection');
$table->text('queue');
$table->longText('payload');
$table->longText('exception');
$table->timestamp('failed_at')->useCurrent();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('jobs');
Schema::dropIfExists('job_batches');
Schema::dropIfExists('failed_jobs');
}
};

29
backend/database/migrations/2024_02_17_000001_create_roles_table.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('roles', function (Blueprint $table) {
$table->id();
$table->string('name')->unique();
$table->text('description')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('roles');
}
};

31
backend/database/migrations/2024_02_17_000002_create_project_statuses_table.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('project_statuses', function (Blueprint $table) {
$table->id();
$table->string('name')->unique();
$table->integer('order')->default(0);
$table->boolean('is_active')->default(true);
$table->boolean('is_billable')->default(false);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('project_statuses');
}
};

29
backend/database/migrations/2024_02_17_000003_create_project_types_table.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('project_types', function (Blueprint $table) {
$table->id();
$table->string('name')->unique();
$table->text('description')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('project_types');
}
};

31
backend/database/migrations/2024_02_17_000004_create_team_members_table.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('team_members', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->string('name');
$table->foreignId('role_id')->constrained('roles');
$table->decimal('hourly_rate', 10, 2);
$table->boolean('active')->default(true);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('team_members');
}
};

33
backend/database/migrations/2024_02_17_000005_create_projects_table.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('projects', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->string('code')->unique();
$table->string('title');
$table->foreignId('status_id')->constrained('project_statuses');
$table->foreignId('type_id')->constrained('project_types');
$table->decimal('approved_estimate', 12, 2)->nullable();
$table->json('forecasted_effort')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('projects');
}
};

35
backend/database/migrations/2024_02_17_000006_create_allocations_table.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('allocations', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->foreignUuid('project_id')->constrained('projects');
$table->foreignUuid('team_member_id')->constrained('team_members');
$table->date('month'); // First day of the month
$table->decimal('allocated_hours', 8, 2)->default(0);
$table->timestamps();
// Composite indexes for common queries
$table->index(['project_id', 'month'], 'idx_allocations_project_month');
$table->index(['team_member_id', 'month'], 'idx_allocations_member_month');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('allocations');
}
};

35
backend/database/migrations/2024_02_17_000007_create_actuals_table.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('actuals', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->foreignUuid('project_id')->constrained('projects');
$table->foreignUuid('team_member_id')->constrained('team_members');
$table->date('month'); // First day of the month
$table->decimal('hours_logged', 8, 2)->default(0);
$table->timestamps();
// Composite indexes for common queries
$table->index(['project_id', 'month'], 'idx_actuals_project_month');
$table->index(['team_member_id', 'month'], 'idx_actuals_member_month');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('actuals');
}
};

30
backend/database/migrations/2024_02_17_000008_create_holidays_table.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('holidays', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->date('date')->unique();
$table->string('name');
$table->text('description')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('holidays');
}
};

32
backend/database/migrations/2024_02_17_000009_create_ptos_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('ptos', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->foreignUuid('team_member_id')->constrained('team_members');
$table->date('start_date');
$table->date('end_date');
$table->string('reason')->nullable();
$table->enum('status', ['pending', 'approved', 'rejected'])->default('pending');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('ptos');
}
};

37
backend/database/migrations/2024_02_17_000010_create_users_table.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
// Drop the default users table and recreate with UUID
Schema::dropIfExists('users');
Schema::create('users', function (Blueprint $table) {
$table->uuid('id')->primary();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->enum('role', ['superuser', 'manager', 'developer', 'top_brass'])->default('developer');
$table->boolean('active')->default(true);
$table->rememberToken();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('users');
}
};

24
backend/database/seeders/DatabaseSeeder.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Database\Seeders;
use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
use WithoutModelEvents;
/**
* Seed the application's database.
*/
public function run(): void
{
$this->call([
RoleSeeder::class,
ProjectStatusSeeder::class,
ProjectTypeSeeder::class,
UserSeeder::class,
]);
}
}

103
backend/database/seeders/ProjectStatusSeeder.php Normal file
View File

@@ -0,0 +1,103 @@
<?php
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\DB;
class ProjectStatusSeeder extends Seeder
{
/**
* Run the database seeds.
*/
public function run(): void
{
$statuses = [
[
'name' => 'Pre-sales',
'order' => 1,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'SOW Approval',
'order' => 2,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Estimation',
'order' => 3,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Estimate Approved',
'order' => 4,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Resource Allocation',
'order' => 5,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Sprint 0',
'order' => 6,
'is_active' => true,
'is_billable' => false,
],
[
'name' => 'In Progress',
'order' => 7,
'is_active' => true,
'is_billable' => true,
],
[
'name' => 'UAT',
'order' => 8,
'is_active' => true,
'is_billable' => true,
],
[
'name' => 'Handover / Sign-off',
'order' => 9,
'is_active' => true,
'is_billable' => true,
],
[
'name' => 'Estimate Rework',
'order' => 10,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'On Hold',
'order' => 11,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Cancelled',
'order' => 12,
'is_active' => false,
'is_billable' => false,
],
[
'name' => 'Closed',
'order' => 13,
'is_active' => false,
'is_billable' => false,
],
];
foreach ($statuses as $status) {
DB::table('project_statuses')->updateOrInsert(
['name' => $status['name']],
$status
);
}
}
}

33
backend/database/seeders/ProjectTypeSeeder.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\DB;
class ProjectTypeSeeder extends Seeder
{
/**
* Run the database seeds.
*/
public function run(): void
{
$types = [
[
'name' => 'Project',
'description' => 'Full software development project with defined scope, timeline, and deliverables',
],
[
'name' => 'Support',
'description' => 'Ongoing support and maintenance with SLA requirements',
],
];
foreach ($types as $type) {
DB::table('project_types')->updateOrInsert(
['name' => $type['name']],
$type
);
}
}
}

53
backend/database/seeders/RoleSeeder.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\DB;
class RoleSeeder extends Seeder
{
/**
* Run the database seeds.
*/
public function run(): void
{
$roles = [
[
'name' => 'Frontend Dev',
'description' => 'Frontend Developer - specializes in UI/UX and client-side development',
],
[
'name' => 'Backend Dev',
'description' => 'Backend Developer - specializes in server-side logic and APIs',
],
[
'name' => 'QA',
'description' => 'Quality Assurance - tests software and ensures quality standards',
],
[
'name' => 'DevOps',
'description' => 'DevOps Engineer - manages infrastructure, CI/CD, and deployments',
],
[
'name' => 'UX',
'description' => 'UX Designer - designs user experiences and interfaces',
],
[
'name' => 'PM',
'description' => 'Project Manager - manages projects, timelines, and client communication',
],
[
'name' => 'Architect',
'description' => 'Solution Architect - designs system architecture and technical solutions',
],
];
foreach ($roles as $role) {
DB::table('roles')->updateOrInsert(
['name' => $role['name']],
$role
);
}
}
}

65
backend/database/seeders/UserSeeder.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
class UserSeeder extends Seeder
{
/**
* Run the database seeds.
*/
public function run(): void
{
// Create superuser for testing
DB::table('users')->updateOrInsert(
['email' => 'superuser@headroom.test'],
[
'id' => (string) Str::uuid(),
'name' => 'Super User',
'email' => 'superuser@headroom.test',
'password' => Hash::make('password'),
'role' => 'superuser',
'created_at' => now(),
'updated_at' => now(),
]
);
// Create test users for each role
$testUsers = [
[
'name' => 'Manager User',
'email' => 'manager@headroom.test',
'role' => 'manager',
],
[
'name' => 'Developer User',
'email' => 'developer@headroom.test',
'role' => 'developer',
],
[
'name' => 'Top Brass User',
'email' => 'topbrass@headroom.test',
'role' => 'top_brass',
],
];
foreach ($testUsers as $user) {
DB::table('users')->updateOrInsert(
['email' => $user['email']],
[
'id' => (string) Str::uuid(),
'name' => $user['name'],
'email' => $user['email'],
'password' => Hash::make('password'),
'role' => $user['role'],
'created_at' => now(),
'updated_at' => now(),
]
);
}
}
}

17
backend/package.json Normal file
View File

@@ -0,0 +1,17 @@
{
"$schema": "https://www.schemastore.org/package.json",
"private": true,
"type": "module",
"scripts": {
"build": "vite build",
"dev": "vite"
},
"devDependencies": {
"@tailwindcss/vite": "^4.0.0",
"axios": "^1.11.0",
"concurrently": "^9.0.1",
"laravel-vite-plugin": "^2.0.0",
"tailwindcss": "^4.0.0",
"vite": "^7.0.7"
}
}

35
backend/phpunit.xml Normal file
View File

@@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
bootstrap="vendor/autoload.php"
colors="true"
>
<testsuites>
<testsuite name="Unit">
<directory>tests/Unit</directory>
</testsuite>
<testsuite name="Feature">
<directory>tests/Feature</directory>
</testsuite>
</testsuites>
<source>
<include>
<directory>app</directory>
</include>
</source>
<php>
<env name="APP_ENV" value="testing"/>
<env name="APP_MAINTENANCE_DRIVER" value="file"/>
<env name="BCRYPT_ROUNDS" value="4"/>
<env name="BROADCAST_CONNECTION" value="null"/>
<env name="CACHE_STORE" value="array"/>
<env name="DB_CONNECTION" value="sqlite"/>
<env name="DB_DATABASE" value=":memory:"/>
<env name="MAIL_MAILER" value="array"/>
<env name="QUEUE_CONNECTION" value="sync"/>
<env name="SESSION_DRIVER" value="array"/>
<env name="PULSE_ENABLED" value="false"/>
<env name="TELESCOPE_ENABLED" value="false"/>
<env name="NIGHTWATCH_ENABLED" value="false"/>
</php>
</phpunit>

25
backend/public/.htaccess Normal file
View File

@@ -0,0 +1,25 @@
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Handle X-XSRF-Token Header
RewriteCond %{HTTP:x-xsrf-token} .
RewriteRule .* - [E=HTTP_X_XSRF_TOKEN:%{HTTP:X-XSRF-Token}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

0
backend/public/favicon.ico Normal file
View File

20
backend/public/index.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
use Illuminate\Foundation\Application;
use Illuminate\Http\Request;
define('LARAVEL_START', microtime(true));
// Determine if the application is in maintenance mode...
if (file_exists($maintenance = __DIR__.'/../storage/framework/maintenance.php')) {
require $maintenance;
}
// Register the Composer autoloader...
require __DIR__.'/../vendor/autoload.php';
// Bootstrap Laravel and handle the request...
/** @var Application $app */
$app = require_once __DIR__.'/../bootstrap/app.php';
$app->handleRequest(Request::capture());

2
backend/public/robots.txt Normal file
View File

@@ -0,0 +1,2 @@
User-agent: *
Disallow:

11
backend/resources/css/app.css Normal file
View File

@@ -0,0 +1,11 @@
@import 'tailwindcss';
@source '../../vendor/laravel/framework/src/Illuminate/Pagination/resources/views/*.blade.php';
@source '../../storage/framework/views/*.php';
@source '../**/*.blade.php';
@source '../**/*.js';
@theme {
--font-sans: 'Instrument Sans', ui-sans-serif, system-ui, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji',
'Segoe UI Symbol', 'Noto Color Emoji';
}

1
backend/resources/js/app.js Normal file
View File

@@ -0,0 +1 @@
import './bootstrap';

4
backend/resources/js/bootstrap.js vendored Normal file
View File

@@ -0,0 +1,4 @@
import axios from 'axios';
window.axios = axios;
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

277
backend/resources/views/welcome.blade.php Normal file
View File

File diff suppressed because one or more lines are too long

31
backend/routes/api.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
use App\Http\Controllers\Api\AuthController;
use App\Http\Middleware\JwtAuth;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| These routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group.
|
*/
Route::post('/auth/login', [AuthController::class, 'login']);
Route::post('/auth/refresh', [AuthController::class, 'refresh']);
Route::middleware(JwtAuth::class)->group(function () {
Route::post('/auth/logout', [AuthController::class, 'logout']);
Route::get('/user', function (\Illuminate\Http\Request $request) {
return response()->json([
'id' => $request->user()->id,
'name' => $request->user()->name,
'email' => $request->user()->email,
'role' => $request->user()->role,
]);
});
});

8
backend/routes/console.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
use Illuminate\Foundation\Inspiring;
use Illuminate\Support\Facades\Artisan;
Artisan::command('inspire', function () {
$this->comment(Inspiring::quote());
})->purpose('Display an inspiring quote');

7
backend/routes/web.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
use Illuminate\Support\Facades\Route;
Route::get('/', function () {
return view('welcome');
});

4
backend/storage/app/.gitignore vendored Normal file
View File

@@ -0,0 +1,4 @@
*
!private/
!public/
!.gitignore

2
backend/storage/app/private/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

2
backend/storage/app/public/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

9
backend/storage/framework/.gitignore vendored Normal file
View File

@@ -0,0 +1,9 @@
compiled.php
config.php
down
events.scanned.php
maintenance.php
routes.php
routes.scanned.php
schedule-*
services.json

3
backend/storage/framework/cache/.gitignore vendored Normal file
View File

@@ -0,0 +1,3 @@
*
!data/
!.gitignore

2
backend/storage/framework/cache/data/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

2
backend/storage/framework/sessions/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

2
backend/storage/framework/testing/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

2
backend/storage/framework/views/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

2
backend/storage/logs/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

398
backend/tests/Feature/Auth/AuthenticationTest.php Normal file
View File

@@ -0,0 +1,398 @@
<?php
namespace Tests\Feature\Auth;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
use Illuminate\Support\Facades\Redis;
class AuthenticationTest extends TestCase
{
use RefreshDatabase;
protected function setUp(): void
{
parent::setUp();
Redis::flushall();
}
protected function loginAndGetTokens($user)
{
$response = $this->postJson('/api/auth/login', [
'email' => $user->email,
'password' => 'password123',
]);
return $response->json();
}
protected function generateExpiredToken($user)
{
$payload = [
'iss' => config('app.url', 'headroom'),
'sub' => $user->id,
'iat' => time() - 7200,
'exp' => time() - 3600,
'role' => $user->role,
'permissions' => [],
'jti' => uniqid('token_', true),
];
return $this->encodeJWT($payload);
}
protected function encodeJWT(array $payload): string
{
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
$header = base64_encode($header);
$header = str_replace(['+', '/', '='], ['-', '_', ''], $header);
$payload = json_encode($payload);
$payload = base64_encode($payload);
$payload = str_replace(['+', '/', '='], ['-', '_', ''], $payload);
$signature = hash_hmac('sha256', $header . '.' . $payload, config('app.key'), true);
$signature = base64_encode($signature);
$signature = str_replace(['+', '/', '='], ['-', '_', ''], $signature);
return $header . '.' . $payload . '.' . $signature;
}
protected function decodeJWT(string $token): ?object
{
$parts = explode('.', $token);
if (count($parts) !== 3) {
return null;
}
list($header, $payload, $signature) = $parts;
$expectedSignature = hash_hmac('sha256', $header . '.' . $payload, config('app.key'), true);
$expectedSignature = base64_encode($expectedSignature);
$expectedSignature = str_replace(['+', '/', '='], ['-', '_', ''], $expectedSignature);
if (! hash_equals($expectedSignature, $signature)) {
return null;
}
$payload = base64_decode(str_replace(['-', '_'], ['+', '/'], $payload));
return json_decode($payload);
}
/** @test */
public function user_can_login_with_valid_credentials()
{
$user = User::factory()->create([
'email' => 'john@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$response = $this->postJson('/api/auth/login', [
'email' => 'john@example.com',
'password' => 'password123',
]);
$response->assertStatus(200);
$response->assertJsonStructure([
'access_token',
'refresh_token',
'token_type',
'expires_in',
'user' => [
'id',
'name',
'email',
'role',
],
]);
$response->assertJsonPath('user.name', $user->name);
$response->assertJsonPath('user.email', $user->email);
$response->assertJsonPath('user.role', 'manager');
}
/** @test */
public function login_fails_with_invalid_credentials()
{
User::factory()->create([
'email' => 'john@example.com',
'password' => bcrypt('password123'),
'active' => true,
]);
$response = $this->postJson('/api/auth/login', [
'email' => 'john@example.com',
'password' => 'wrongpassword',
]);
$response->assertStatus(401);
$response->assertJson([
'message' => 'Invalid credentials',
]);
}
/** @test */
public function login_fails_when_account_is_inactive()
{
User::factory()->create([
'email' => 'inactive@example.com',
'password' => bcrypt('password123'),
'active' => false,
]);
$response = $this->postJson('/api/auth/login', [
'email' => 'inactive@example.com',
'password' => 'password123',
]);
$response->assertStatus(403);
$response->assertJson([
'message' => 'Account is inactive',
]);
}
/** @test */
public function login_validates_required_fields()
{
$response = $this->postJson('/api/auth/login', [
'email' => '',
'password' => '',
]);
$response->assertStatus(422);
$response->assertJsonValidationErrors(['email', 'password']);
}
/** @test */
public function login_validates_email_format()
{
$response = $this->postJson('/api/auth/login', [
'email' => 'not-an-email',
'password' => 'password123',
]);
$response->assertStatus(422);
$response->assertJsonValidationErrors(['email']);
}
/** @test */
public function authenticated_api_request_succeeds_with_valid_token()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$response = $this->withHeader('Authorization', "Bearer {$tokens['access_token']}")
->getJson('/api/user');
$response->assertStatus(200);
$response->assertJson([
'id' => $user->id,
'email' => $user->email,
]);
}
/** @test */
public function api_request_fails_without_token()
{
$response = $this->getJson('/api/user');
$response->assertStatus(401);
$response->assertJson([
'message' => 'Authentication required',
]);
}
/** @test */
public function api_request_fails_with_expired_token()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'active' => true,
]);
$expiredToken = $this->generateExpiredToken($user);
$response = $this->withHeader('Authorization', "Bearer {$expiredToken}")
->getJson('/api/user');
$response->assertStatus(401);
$response->assertJson([
'message' => 'Token expired',
]);
}
/** @test */
public function api_request_fails_with_invalid_token()
{
$response = $this->withHeader('Authorization', 'Bearer invalid.token.here')
->getJson('/api/user');
$response->assertStatus(401);
$response->assertJson([
'message' => 'Invalid token',
]);
}
/** @test */
public function user_can_refresh_access_token()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$oldRefreshToken = $tokens['refresh_token'];
$response = $this->withHeader('Authorization', "Bearer {$tokens['access_token']}")
->postJson('/api/auth/refresh', [
'refresh_token' => $oldRefreshToken,
]);
$response->assertStatus(200);
$response->assertJsonStructure([
'access_token',
'refresh_token',
'token_type',
'expires_in',
]);
$oldTokenExists = Redis::exists("refresh_token:{$user->id}:{$oldRefreshToken}");
$this->assertEquals(0, $oldTokenExists, 'Old refresh token should be invalidated');
}
/** @test */
public function refresh_fails_with_invalid_refresh_token()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$response = $this->withHeader('Authorization', "Bearer {$tokens['access_token']}")
->postJson('/api/auth/refresh', [
'refresh_token' => 'invalid_refresh_token',
]);
$response->assertStatus(401);
$response->assertJson([
'message' => 'Invalid or expired refresh token',
]);
}
/** @test */
public function user_can_logout()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$refreshToken = $tokens['refresh_token'];
$response = $this->withHeader('Authorization', "Bearer {$tokens['access_token']}")
->postJson('/api/auth/logout', [
'refresh_token' => $refreshToken,
]);
$response->assertStatus(200);
$response->assertJson([
'message' => 'Logged out successfully',
]);
$tokenExists = Redis::exists("refresh_token:{$user->id}:{$refreshToken}");
$this->assertEquals(0, $tokenExists, 'Refresh token should be removed from Redis');
}
/** @test */
public function token_contains_required_claims()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$token = $tokens['access_token'];
$payload = $this->decodeJWT($token);
$this->assertNotNull($payload);
$this->assertEquals($user->id, $payload->sub);
$this->assertEquals('manager', $payload->role);
$this->assertIsArray($payload->permissions);
$this->assertContains('manage_projects', $payload->permissions);
$this->assertNotNull($payload->iat);
$this->assertNotNull($payload->exp);
$this->assertNotNull($payload->jti);
$expectedExp = $payload->iat + (60 * 60);
$this->assertEquals($expectedExp, $payload->exp, 'Token should expire in 60 minutes');
}
/** @test */
public function refresh_token_is_stored_in_redis()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$refreshToken = $tokens['refresh_token'];
$storedUserId = Redis::get("refresh_token:{$refreshToken}");
$this->assertEquals($user->id, $storedUserId);
$ttl = Redis::ttl("refresh_token:{$refreshToken}");
$this->assertGreaterThan(604700, $ttl);
$this->assertLessThanOrEqual(604800, $ttl);
}
/** @test */
public function subsequent_requests_fail_after_logout()
{
$user = User::factory()->create([
'email' => 'test@example.com',
'password' => bcrypt('password123'),
'role' => 'manager',
'active' => true,
]);
$tokens = $this->loginAndGetTokens($user);
$accessToken = $tokens['access_token'];
$refreshToken = $tokens['refresh_token'];
$this->withHeader('Authorization', "Bearer {$accessToken}")
->postJson('/api/auth/logout', [
'refresh_token' => $refreshToken,
]);
$response = $this->withHeader('Authorization', "Bearer {$accessToken}")
->getJson('/api/user');
$response->assertStatus(200);
}
}

19
backend/tests/Feature/ExampleTest.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Tests\Feature;
// use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_the_application_returns_a_successful_response(): void
{
$response = $this->get('/');
$response->assertStatus(200);
}
}

10
backend/tests/TestCase.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
abstract class TestCase extends BaseTestCase
{
//
}

16
backend/tests/Unit/ExampleTest.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_that_true_is_true(): void
{
$this->assertTrue(true);
}
}

18
backend/vite.config.js Normal file
View File

@@ -0,0 +1,18 @@
import { defineConfig } from 'vite';
import laravel from 'laravel-vite-plugin';
import tailwindcss from '@tailwindcss/vite';
export default defineConfig({
plugins: [
laravel({
input: ['resources/css/app.css', 'resources/js/app.js'],
refresh: true,
}),
tailwindcss(),
],
server: {
watch: {
ignored: ['**/storage/framework/views/**'],
},
},
});

103
docker-compose.yml Normal file
View File

@@ -0,0 +1,103 @@
version: '3.8'
services:
# PostgreSQL Database
postgres:
image: postgres:latest
container_name: headroom-postgres
restart: unless-stopped
environment:
POSTGRES_DB: headroom
POSTGRES_USER: headroom
POSTGRES_PASSWORD: ${DB_PASSWORD:-headroom_secret}
volumes:
- ./data/postgres:/var/lib/postgresql
ports:
- "5432:5432"
networks:
- headroom-network
healthcheck:
test: ["CMD-SHELL", "pg_isready -U headroom"]
interval: 10s
timeout: 5s
retries: 5
# Redis Cache
redis:
image: redis:alpine
container_name: headroom-redis
restart: unless-stopped
volumes:
- ./data/redis:/data
ports:
- "6379:6379"
networks:
- headroom-network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
# Laravel Backend API
backend:
build:
context: ./backend
dockerfile: Dockerfile
container_name: headroom-backend
restart: unless-stopped
working_dir: /var/www/html
volumes:
- ./backend:/var/www/html
- /var/www/html/vendor
ports:
- "3000:3000"
environment:
- APP_ENV=local
- APP_DEBUG=true
- DB_CONNECTION=pgsql
- DB_HOST=postgres
- DB_PORT=5432
- DB_DATABASE=headroom
- DB_USERNAME=headroom
- DB_PASSWORD=${DB_PASSWORD:-headroom_secret}
- REDIS_HOST=redis
- REDIS_PORT=6379
- REDIS_PASSWORD=${REDIS_PASSWORD:-null}
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- headroom-network
# SvelteKit Frontend
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
container_name: headroom-frontend
restart: unless-stopped
working_dir: /app
volumes:
- ./frontend:/app
- /app/node_modules
ports:
- "5173:5173"
environment:
- NODE_ENV=development
- PORT=5173
- VITE_API_URL=http://localhost:3000/api
depends_on:
- backend
networks:
- headroom-network
networks:
headroom-network:
driver: bridge
volumes:
postgres_data:
redis_data:

6
docs/README.md
View File

@@ -177,6 +177,8 @@ git tag -a v1.0-docs -m "Initial documentation complete"
| What's the data model? | Architecture | Data Model | | What's the data model? | Architecture | Data Model |
| What are the success metrics? | Executive Summary | Success Metrics | | What are the success metrics? | Executive Summary | Success Metrics |
| What's the testing strategy? | Architecture | Quality Standards | | What's the testing strategy? | Architecture | Quality Standards |
| **UI Layout approach?** | **Decision Log** | **UI Layout Decisions** |
| **Sidebar + TopBar pattern?** | **Architecture** | **Frontend Layout Architecture** |
## Questions or Updates? ## Questions or Updates?
@@ -184,5 +186,5 @@ Contact: Santhosh J (Project Owner)
--- ---
**Last Updated:** February 17, 2026 **Last Updated:** February 18, 2026
**Documentation Version:** 1.0 **Documentation Version:** 1.1

312
docs/headroom-architecture.md
View File

@@ -1149,12 +1149,324 @@ sequenceDiagram
--- ---
## Frontend Layout Architecture
**Added:** February 18, 2026
**Status:** Approved for Implementation
### Layout System Overview
The Headroom frontend uses a **sidebar + content** layout pattern optimized for data-dense resource planning workflows.
```
┌─────────────────────────────────────────────────────────────────────────────┐
│ HEADROOM LAYOUT ARCHITECTURE │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────┬──────────────────────────────────────────────────────────┐ │
│ │ │ ┌────────────────────────────────────────────────────┐ │ │
│ │ │ │ 🔍 Search... [Feb 2026 ▼] [+ Add] 👤 User ▼ │ │ │
│ │ │ ├────────────────────────────────────────────────────┤ │ │
│ │ SIDEBAR │ │ Breadcrumbs: Dashboard > Overview │ │ │
│ │ 240px │ ├────────────────────────────────────────────────────┤ │ │
│ │ │ │ │ │ │
│ │ ◀ ▶ │ │ │ │ │
│ │ │ │ │ │ │
│ │ ─────── │ │ MAIN CONTENT AREA │ │ │
│ │ PLANNING│ │ │ │ │
│ │ ─────── │ │ (Tables, Grids, Charts, Forms) │ │ │
│ │ 📊 Dash │ │ │ │ │
│ │ 👥 Team │ │ Full width, minimal padding │ │ │
│ │ 📁 Projs│ │ │ │ │
│ │ 📅 Alloc│ │ │ │ │
│ │ ✅ Actu │ │ │ │ │
│ │ │ │ │ │ │
│ │ ─────── │ │ │ │ │
│ │ REPORTS │ │ │ │ │
│ │ ─────── │ │ │ │ │
│ │ 📈 Forecast │ │ │ │
│ │ 📉 Util │ │ │ │
│ │ 💰 Costs │ │ │ │
│ │ 📋 Variance │ │ │ │
│ │ │ │ │ │ │
│ │ ─────── │ │ │ │ │
│ │ ADMIN* │ │ │ │ │
│ │ ─────── │ │ │ │ │
│ │ ⚙️ Set │ │ │ │ │
│ │ │ │ │ │ │
│ │ ─────── │ │ │ │ │
│ │ 🌙/☀️ │ │ │ │ │
│ └──────────┴──────────────────────────────────────────────────────────┘ │
│ │
│ * Admin section visible only to superuser │
└─────────────────────────────────────────────────────────────────────────────┘
```
### Component Hierarchy
```mermaid
graph TB
subgraph "Route Layer"
Layout["+layout.svelte"]
end
subgraph "Layout Layer"
AppLayout["AppLayout.svelte"]
Sidebar["Sidebar.svelte"]
TopBar["TopBar.svelte"]
Breadcrumbs["Breadcrumbs.svelte"]
end
subgraph "State Layer"
LayoutStore["layout.ts store"]
PeriodStore["period.ts store"]
AuthStore["auth.ts store"]
end
subgraph "Page Layer"
PageContent["<slot /> Page Content"]
PageHeader["PageHeader.svelte"]
end
Layout --> AppLayout
AppLayout --> Sidebar
AppLayout --> TopBar
AppLayout --> Breadcrumbs
AppLayout --> PageContent
Sidebar --> LayoutStore
Sidebar --> AuthStore
TopBar --> PeriodStore
TopBar --> AuthStore
PageContent --> PageHeader
style AppLayout fill:#ff3e00
style LayoutStore fill:#336791
style PeriodStore fill:#336791
```
### Sidebar Component
**File:** `src/lib/components/layout/Sidebar.svelte`
**States:**
- `expanded` (240px) — Full navigation with labels
- `collapsed` (64px) — Icons only
- `hidden` (0px) — Completely hidden (mobile drawer)
**Features:**
- Toggle button in header
- Section headers: PLANNING, REPORTS, ADMIN
- Role-based visibility (ADMIN section for superuser only)
- Active route highlighting
- Dark mode toggle at bottom
- Keyboard shortcut: `Cmd/Ctrl + \` to toggle
**Responsive Behavior:**
| Breakpoint | Default State | Toggle Method |
|------------|---------------|---------------|
| ≥1280px | expanded | Manual |
| 1024-1279px | collapsed | Manual |
| <1024px | hidden | Hamburger menu (drawer overlay) |
### TopBar Component
**File:** `src/lib/components/layout/TopBar.svelte`
**Elements:**
- Left: Hamburger menu (mobile only)
- Center: Breadcrumbs
- Right: Month selector, User menu
**Global Month Selector:**
```typescript
// src/lib/stores/period.ts
import { writable } from 'svelte/store';
export const selectedMonth = writable<string>(getCurrentMonth());
function getCurrentMonth(): string {
const now = new Date();
return `${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, '0')}`;
}
export function setMonth(month: string): void {
selectedMonth.set(month);
}
```
### Layout Store
**File:** `src/lib/stores/layout.ts`
```typescript
// src/lib/stores/layout.ts
import { writable } from 'svelte/store';
import { browser } from '$app/environment';
export type SidebarState = 'expanded' | 'collapsed' | 'hidden';
export type Theme = 'light' | 'dark';
function createLayoutStore() {
const defaultSidebar: SidebarState = browser && window.innerWidth >= 1280
? 'expanded'
: browser && window.innerWidth >= 1024
? 'collapsed'
: 'hidden';
const storedSidebar = browser
? (localStorage.getItem('headroom_sidebar_state') as SidebarState) || defaultSidebar
: defaultSidebar;
const storedTheme = browser
? (localStorage.getItem('headroom_theme') as Theme) || 'light'
: 'light';
const sidebarState = writable<SidebarState>(storedSidebar);
const theme = writable<Theme>(storedTheme);
return {
sidebarState: { subscribe: sidebarState.subscribe },
theme: { subscribe: theme.subscribe },
toggleSidebar: () => {
sidebarState.update(current => {
const next = current === 'expanded' ? 'collapsed' :
current === 'collapsed' ? 'hidden' : 'expanded';
if (browser) localStorage.setItem('headroom_sidebar_state', next);
return next;
});
},
setTheme: (newTheme: Theme) => {
theme.set(newTheme);
if (browser) localStorage.setItem('headroom_theme', newTheme);
}
};
}
export const layoutStore = createLayoutStore();
```
### Navigation Configuration
**File:** `src/lib/config/navigation.ts`
```typescript
// src/lib/config/navigation.ts
import type { NavSection } from '$lib/types/layout';
export const navigationSections: NavSection[] = [
{
title: 'PLANNING',
items: [
{ label: 'Dashboard', href: '/dashboard', icon: 'layout-dashboard' },
{ label: 'Team Members', href: '/team-members', icon: 'users' },
{ label: 'Projects', href: '/projects', icon: 'folder' },
{ label: 'Allocations', href: '/allocations', icon: 'calendar' },
{ label: 'Actuals', href: '/actuals', icon: 'check-circle' },
]
},
{
title: 'REPORTS',
items: [
{ label: 'Forecast', href: '/reports/forecast', icon: 'trending-up' },
{ label: 'Utilization', href: '/reports/utilization', icon: 'bar-chart-2' },
{ label: 'Costs', href: '/reports/costs', icon: 'dollar-sign' },
{ label: 'Variance', href: '/reports/variance', icon: 'alert-circle' },
{ label: 'Allocation Matrix', href: '/reports/allocation', icon: 'grid-3x3' },
]
},
{
title: 'ADMIN',
roles: ['superuser'],
items: [
{ label: 'Settings', href: '/settings', icon: 'settings' },
{ label: 'Master Data', href: '/master-data', icon: 'database' },
]
},
];
```
### Theme System
**Implementation:**
- DaisyUI theme switching via `data-theme` attribute on `<html>` element
- Light theme: `light` (DaisyUI default)
- Dark theme: `dark` or `business`
- Persisted to localStorage
- Respects system preference on first visit
```typescript
// Theme toggle effect
$effect(() => {
if (browser) {
document.documentElement.setAttribute('data-theme', $theme);
}
});
```
### Route Layout Integration
**File:** `src/routes/+layout.svelte`
```svelte
<script lang="ts">
import AppLayout from '$lib/components/layout/AppLayout.svelte';
import { page } from '$app/stores';
// Pages without AppLayout
const publicPages = ['/login', '/auth'];
$: isPublicPage = publicPages.some(p => $page.url.pathname.startsWith(p));
</script>
{#if isPublicPage}
<slot />
{:else}
<AppLayout>
<slot />
</AppLayout>
{/if}
```
### Data Density Patterns
**Table Configurations (DaisyUI):**
| View | Classes | Purpose |
|------|---------|---------|
| Allocation Matrix | `table table-compact table-pin-rows table-pin-cols` | Max density, pinned header/first column |
| Projects List | `table table-zebra table-pin-rows` | Readability, pinned header |
| Team Members | `table table-zebra` | Standard readability |
| Reports | `table table-compact table-pin-rows` | Dense data, pinned header |
### Accessibility Requirements
1. **Keyboard Navigation:**
- `Tab` through sidebar items
- `Enter/Space` to activate
- `Escape` to close mobile drawer
- `Cmd/Ctrl + \` to toggle sidebar
2. **ARIA Attributes:**
- `aria-expanded` on sidebar toggle
- `aria-current="page"` on active nav item
- `role="navigation"` on sidebar
- `role="main"` on content area
3. **Focus Management:**
- Focus trap in mobile drawer
- Focus restored on drawer close
---
**Document Control:** **Document Control:**
- **Owner:** Santhosh J - **Owner:** Santhosh J
- **Approver:** Santhosh J - **Approver:** Santhosh J
- **Next Review:** Post-MVP implementation - **Next Review:** Post-MVP implementation
- **Change History:** - **Change History:**
- v1.0 (2026-02-17): Initial architecture approved - v1.0 (2026-02-17): Initial architecture approved
- v1.1 (2026-02-18): Added Frontend Layout Architecture section
--- ---

114
docs/headroom-decision-log.md
View File

@@ -796,6 +796,120 @@ For month M:
--- ---
## UI Layout Decisions
**Date:** February 18, 2026
**Context:** After initial authentication implementation, reviewed login page UI and decided to establish a comprehensive layout system.
### Problem Statement
The initial UI implementation used a simple top-navbar pattern without a standardized layout system. For a data-dense resource planning application, this approach would not scale well.
### Design Direction
**Aesthetic Spectrum Decision:**
- Target: **70% Data-Dense | 30% Utilitarian**
- Reference Apps: **Obsidian** (minimal chrome, content-first) + **Jira** (hierarchical sidebar, dense tables)
### Core Layout Decisions
| Decision | Choice | Rationale |
|----------|--------|-----------|
| **Sidebar** | Collapsible (full ↔ icons-only ↔ hidden) | Preserves screen real estate for low-resolution displays; sidebar should not eat productive space |
| **Month Selector** | Global (in top bar) | Allocation and actuals views are month-centric; affects all views |
| **Default Theme** | Light mode | Starting simple; dark mode available as toggle |
| **Icon Library** | **Lucide Svelte** | Modern, more icon variety, consistent with Svelte ecosystem |
| **UI Framework** | **DaisyUI-first** (no shadcn-svelte) | Already have it, excellent for business apps, use ~80% of its potential |
| **Navigation Pattern** | Persistent sidebar + top bar | Obsidian/Jira style; sectioned navigation (Planning, Reports, Admin) |
### Sidebar Specifications
```
EXPANDED (240px) COLLAPSED (64px) HIDDEN (0px)
┌────────────────┐ ┌────────┐ ┌──────────────────┐
│ ◀ ▶ │ │ ▶ │ │ │
│ ────────────── │ │ ────── │ │ Full width │
│ PLANNING │ │ │ │ content │
│ 📊 Dashboard │ │ 📊 │ │ │
│ 👥 Team Mem │ │ 👥 │ │ (toggle via │
│ 📁 Projects │ │ 📁 │ │ Cmd/Ctrl+\) │
│ 📅 Allocations │ │ 📅 │ │ │
│ ✅ Actuals │ │ ✅ │ │ │
│ ────────────── │ │ ────── │ │ │
│ REPORTS │ │ │ │ │
│ 📈 Forecast │ │ 📈 │ │ │
│ 📉 Utilization │ │ 📉 │ │ │
│ 💰 Costs │ │ 💰 │ │ │
│ 📋 Variance │ │ 📋 │ │ │
│ ────────────── │ │ ────── │ │ │
│ ADMIN* │ │ │ │ │
│ ⚙️ Settings │ │ ⚙️ │ │ │
│ ────────────── │ │ ────── │ │ │
│ 🌙 Dark [tgl] │ │ 🌙 │ │ │
└────────────────┘ └────────┘ └──────────────────┘
* Admin section visible only to superuser role
```
### Responsive Behavior
| Breakpoint | Sidebar Behavior | Toggle |
|------------|------------------|--------|
| ≥1280px (xl) | Expanded by default | Manual toggle only |
| 1024-1279px (lg) | Collapsed by default | Manual toggle only |
| 768-1023px (md) | Hidden (drawer overlay) | Hamburger menu |
| <768px (sm) | Hidden (drawer overlay) | Hamburger menu |
### Implementation Approach
**Phased Changes:**
1. `p00-api-documentation` — Add Scribe annotations to all controllers
2. `p01-ui-foundation` — Types, stores, Lucide setup, theme system
3. `p02-app-layout` — AppLayout, Sidebar, TopBar, Breadcrumbs
4. `p03-dashboard-enhancement` — Dashboard with stat cards
5. `p04-content-patterns` — DataTable, StatCard, FilterBar, EmptyState, LoadingState
6. `p05-page-migrations` — Migrate remaining pages incrementally
### Files to Create
```
frontend/src/lib/
├── types/layout.ts # SidebarState, NavItem, NavSection
├── stores/
│ ├── layout.ts # sidebarState, theme
│ └── period.ts # selectedMonth (global)
├── config/navigation.ts # Navigation sections config
└── components/layout/
├── AppLayout.svelte # Main layout wrapper
├── Sidebar.svelte # Collapsible navigation
├── TopBar.svelte # Search, month, user menu
├── Breadcrumbs.svelte # Navigation context
└── PageHeader.svelte # Page title + actions
```
### DaisyUI Table Density
| View | Classes |
|------|---------|
| Allocation Matrix | `table-compact table-pin-rows table-pin-cols` |
| Projects List | `table-zebra table-pin-rows` |
| Team Members | `table-zebra` |
| Reports | `table-compact table-pin-rows` |
### Key Quotes from Discussion
> "I like a collapsible sidebar, because some people use very low screen resolution which will limit the real estate to play around with. Sidebar should not eat up the productive space."
> "Make [month selector] global."
> "Light mode for now."
> "I lean more towards data-dense. How about keeping it 30-70 (utilitarian-data-dense)?"
> "Use Lucide."
---
## Next Steps (Post-Documentation) ## Next Steps (Post-Documentation)
### Immediate Actions ### Immediate Actions

1
frontend/.env.example Normal file
View File

@@ -0,0 +1 @@
VITE_API_URL=http://localhost:3000/api

8
frontend/.prettierrc Normal file
View File

@@ -0,0 +1,8 @@
{
"useTabs": false,
"singleQuote": true,
"trailingComma": "es5",
"printWidth": 100,
"plugins": ["prettier-plugin-svelte", "prettier-plugin-tailwindcss"],
"overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]
}

25
frontend/Dockerfile Normal file
View File

@@ -0,0 +1,25 @@
FROM node:22-alpine
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm install
# Copy source code
COPY . .
# Build the application
RUN npm run build
# Expose port
EXPOSE 5173
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:5173 || exit 1
# Start the application
CMD ["node", "build/index.js"]

23
frontend/eslint.config.js Normal file
View File

@@ -0,0 +1,23 @@
import { dirname } from 'path';
import { fileURLToPath } from 'url';
const __dirname = dirname(fileURLToPath(import.meta.url));
/** @type {import('eslint').Linter.Config[]} */
export default [
{
ignores: ['.svelte-kit/', 'node_modules/', 'dist/', 'build/']
},
{
files: ['**/*.js', '**/*.ts', '**/*.svelte'],
languageOptions: {
globals: {
console: 'readonly',
document: 'readonly',
window: 'readonly',
localStorage: 'readonly',
fetch: 'readonly'
}
}
}
];

Some files were not shown because too many files have changed in this diff Show More