curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Business-Management/TODO.md
T
curo1305 09555f3470 Connect ux-designer agent to Figma via curl; mark setup tasks done 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-17 11:49:51 +02:00

4.8 KiB
Raw Permalink Blame History

TODO

UX/UI — Figma setup

  • Create a Figma account — signed up at https://figma.com
  • Create Figma project and file — file key kcmvLytS31lSjP44YpBUSn confirmed active
  • Generate Figma personal access token — generated and verified (HTTP 200); provide a fresh token at each session start
  • Connect ux-designer agent — agent updated to use Bash/curl with X-Figma-Token header; connection confirmed working
  • Decide on UI component library — shadcn/ui (recommended: Tailwind-based, unstyled accessible primitives, white-label friendly) vs MUI vs other; decision affects both Figma design system and frontend implementation

Auth / session security

  • 8-hour JWT expiryACCESS_TOKEN_EXPIRE_MINUTES = 60 * 8; no permanent login
  • RS256 JWT signing — 4096-bit RSA asymmetric keys; iat claim included; generate keys with scripts/generate_jwt_keys.py
  • No refresh tokens — refresh token flow not implemented; if added later, must use httpOnly cookies and rotation
  • httpOnly cookie migration — currently storing JWT in localStorage (XSS-exposed); migrate to httpOnly cookie when hardening for production

App permissions

  • Permissions registry — admin-managed table that controls which apps each user can access. Schema: user_app_permissions (user_id FK, app_key). Admin UI lets the admin grant/revoke per-app access per user. The Apps page only shows apps the current user has been granted access to.

PDF Documents app (features/doc-service)

  • doc-service container — FastAPI microservice on backend-net; never exposed to host or frontend directly
  • PDF upload + async extraction — background task with pdfplumber + pluggable AI (Anthropic / Ollama / LM Studio)
  • Per-app settings page/apps/documents/settings/admin; AI provider config, max file size; admin only
  • Per-user categories — create/rename/delete categories; assign multiple categories per document
  • Alembic isolationalembic_version_doc_service version table; no collision with main backend migrations
  • Runtime config file/config/doc_service_config.json on shared Docker volume; editable from frontend; 30s TTL cache in doc-service
  • Re-process document — UI button to re-trigger AI extraction on an existing document (after changing AI provider/model)
  • Bulk category operations — assign/remove a category from multiple documents at once
  • Search / filter documents — filter by status, document type, category, date range

Frontend features

  • Logout button — visible when logged in, clears token and redirects to /login
  • Profile page (/profile) — shows personal information for the logged-in user
  • Edit & save profile — form to update personal details, stored in a dedicated profiles table (separate from users, same PostgreSQL container)

App container architecture (future)

Design decision: each installable app (billing, PDF, email, etc.) runs in its own isolated Docker/Podman container, spawned and managed by the backend via the Docker API. Key rules to implement:

  • Docker socket proxy — backend must never mount /var/run/docker.sock directly; use tecnativa/docker-socket-proxy on an internal-only network, with only the required API endpoints whitelisted (CONTAINERS, IMAGES, NETWORKS, POST). Raw socket access = root on the host.
  • Network isolation per app — each spawned app container gets its own Docker bridge network; app containers never talk to each other directly; only the backend can reach them
  • No privileged app containers — all spawned containers run without --privileged, without extra capabilities, with resource limits (CPU, memory)
  • Image allowlist — backend may only spawn containers from a pre-approved image list; never pull or build arbitrary images at runtime
  • Consider Podman — evaluate rootless Podman as replacement for Docker daemon; daemonless model eliminates the socket entirely; Docker SDK compatible

Infrastructure

  • Docker port hardening — only port 80 (prod) / 5173 (dev) exposed on the host via frontend-net; backend and db have no host port bindings and sit on internal: true backend-net

Infrastructure (existing)

  • Rootless containers — run backend and frontend containers as non-root users (add USER directive to Dockerfiles, map UID/GID appropriately)
  • Persistent storage — ensure database data, config files, and any uploaded assets survive container restarts and rebuilds (named volumes, bind mounts for config)
  • Docker development workflow — document and streamline the full dev loop: hot reload, one-command startup, migration handling, seed data, and how to attach a debugger
Reference in New Issue View Git Blame Copy Permalink