feat: remove OTP gate from transactions, fix categories auth, add implementation plan

- Remove OtpGateGuard from transactions controller (OTP verified at login) - Fix categories controller to use authenticated user instead of TEMP_USER_ID - Add comprehensive implementation plan document - Update .env.example with WEB_APP_URL - Prepare for admin dashboard development
2025-10-11 14:00:11 +07:00
parent 0da6071eb3
commit 249f3a9d7d
159 changed files with 13748 additions and 3369 deletions
--- a/IMPLEMENTATION_PLAN.md
+++ b/IMPLEMENTATION_PLAN.md
@@ -0,0 +1,144 @@
+# 🚀 TABUNGIN IMPLEMENTATION PLAN
+
+**Date:** 2025-01-11  
+**Status:** In Progress  
+**Current Phase:** Admin Dashboard
+
+---
+
+## 📋 OVERVIEW
+
+Tabungin is a personal finance SaaS with unique differentiators:
+- 💰 Goals/Savings tracking with visual progress
+- 👥 Team/Family collaboration on shared finances  
+- 🔑 API access for advanced users
+- 💳 Flexible payment (manual + automatic)
+
+---
+
+## 🎯 PHASES
+
+### Phase 1: Admin Dashboard (1 week) - CURRENT
+- User management
+- Dynamic plans management
+- Payment methods with logos
+- Payment verification
+- App settings (replace .env editing)
+
+### Phase 2: Team Feature (2-3 weeks)
+- Team creation & invitations
+- Shared wallets & goals
+- Permission system
+- Activity feed
+
+### Phase 3: Goals Feature (2-3 weeks)  
+- Goal creation with images
+- Multi-wallet allocation
+- Progress tracking with donut charts
+- Milestone notifications (25%, 50%, 75%, 100%)
+- Exchange rate conversion
+
+### Phase 4: Subscription (2 weeks)
+- Manual payment flow
+- Tripay integration
+- Trial period (7 days)
+- Grace period (3 days)
+- Feature gating
+- Coupon system
+
+### Phase 5: API & Webhooks (2 weeks)
+- API key generation
+- Rate limiting
+- Webhook system
+- Usage tracking
+
+---
+
+## 💰 PRICING
+
+| Feature | Free | Pro Monthly | Pro Yearly |
+|---------|------|-------------|------------|
+| Price | Rp 0 | Rp 49,000 | Rp 490,000 |
+| Wallets | 5 | Unlimited | Unlimited |
+| Goals | 3 | Unlimited | Unlimited |
+| Team | ❌ | ✅ (10) | ✅ (10) |
+| API | ❌ | ✅ 1000/hr | ✅ 1000/hr |
+| Trial | - | 7 days | 7 days |
+
+---
+
+## 🗄️ DATABASE STRATEGY
+
+**Zero Data Loss:**
+- All new fields nullable or have defaults
+- Additive migrations only
+- No destructive changes
+- Backward compatible
+
+**New Models:**
+- Plan, Subscription, Payment, PaymentMethod, Coupon
+- Goal, GoalAllocation, GoalMilestone  
+- Team, TeamMember, TeamInvitation
+- ApiKey, ApiKeyUsage, Webhook, WebhookDelivery
+- AppConfig
+
+**Modified:**
+- User: add role, phone, suspendedAt
+- Wallet: add teamId
+
+---
+
+## 🔐 SECURITY
+
+- Admin routes: `/admin/*`
+- JWT with role claim
+- API keys hashed
+- Internal DB URL in production
+- Encrypted sensitive config
+- Audit logging
+
+---
+
+## 📝 ADMIN SEEDER DATA
+
+**Admin Account:**
+- Email: (provide)
+- Name: Dwindi Ramadhana
+- Password: (provide or auto-generate)
+
+**Default Plans:**
+- Free: Rp 0, 5 wallets, 3 goals
+- Pro Monthly: Rp 49,000, unlimited
+- Pro Yearly: Rp 490,000, unlimited
+
+**Payment Methods:**
+- BCA, Mandiri, GoPay, OVO (placeholder data)
+
+---
+
+## ✅ PROGRESS
+
+**Completed:**
+- [x] Auth (email + Google OAuth)
+- [x] OTP/2FA
+- [x] Wallets & Transactions
+- [x] Categories  
+- [x] Theme system
+- [x] Filters & routing
+
+**Current:**
+- [ ] Phase 1: Admin Dashboard
+  - [ ] Schema migration
+  - [ ] Seeder
+  - [ ] Backend
+  - [ ] Frontend
+
+**Next:**
+- [ ] Phase 2: Team
+- [ ] Phase 3: Goals
+- [ ] Phase 4: Subscription
+- [ ] Phase 5: API
+
+---
+
+**Last Updated:** 2025-01-11