dwindown/tabungin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: reorganize admin settings with tabbed interface and documentation

Browse Source 
- Reorganized admin settings into tabbed interface (General, Security, Payment Methods)
- Vertical tabs on desktop, horizontal scrollable on mobile
- Moved Payment Methods from separate menu to Settings tab
- Fixed admin profile reuse and dashboard blocking
- Fixed maintenance mode guard to use AppConfig model
- Added admin auto-redirect after login (admins → /admin, users → /)
- Reorganized documentation into docs/ folder structure
- Created comprehensive README and documentation index
- Added PWA and Web Push notifications to to-do list
This commit is contained in:
dwindown
2025-10-13 09:28:12 +07:00
parent 49d60676d0
commit 89f881e7cf
99 changed files with 4884 additions and 392 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
docs/README.md Normal file
View File

@@ -0,0 +1,86 @@
# Tabungin Documentation
Welcome to the Tabungin documentation! This guide will help you understand the project structure, features, and development workflow.
## 📚 Documentation Structure
### Features
Detailed documentation for each feature implementation:
- [Maintenance Mode](./features/maintenance-mode.md) - System maintenance mode with admin bypass
- [Admin Auto-Redirect](./features/admin-auto-redirect.md) - Automatic admin routing after login
- [Admin Profile & Dashboard Blocking](./features/admin-profile-reuse.md) - Profile page reuse and access control
- [Admin Settings Reorganization](./features/admin-settings-tabs.md) - Tabbed settings interface
### Guides
Step-by-step guides for common tasks:
- [Testing Guide](./guides/testing-guide.md) - How to test features
- [Development Setup](./guides/development-setup.md) - Getting started with development
### Planning
Project planning and roadmap:
- [To-Do List](./planning/todo.md) - Upcoming tasks and features
- [Technical Q&A](./planning/tech-qa.md) - Technical decisions and answers
## 🚀 Quick Start
1. **Clone the repository**
```bash
git clone <repository-url>
cd Tabungin
```
2. **Install dependencies**
```bash
npm install
```
3. **Setup environment**
```bash
cp .env.example .env
# Edit .env with your configuration
```
4. **Run development servers**
```bash
# Terminal 1: API
cd apps/api
npm run dev
# Terminal 2: Web
cd apps/web
npm run dev
```
## 🏗️ Project Structure
```
Tabungin/
├── apps/
│ ├── api/ # NestJS backend
│ └── web/ # React frontend
├── docs/ # Documentation
│ ├── features/ # Feature documentation
│ ├── guides/ # How-to guides
│ └── planning/ # Project planning
└── README.md # Project overview
```
## 🔗 Useful Links
- [Main README](../README.md) - Project overview
- [API Documentation](../apps/api/README.md) - Backend API docs
- [Web Documentation](../apps/web/README.md) - Frontend docs
## 📝 Contributing
When adding new features:
1. Create feature documentation in `docs/features/`
2. Update testing guide if needed
3. Add to to-do list or mark as complete
4. Update this index
## 🆘 Need Help?
- Check the [Testing Guide](./guides/testing-guide.md)
- Review [Technical Q&A](./planning/tech-qa.md)
- See feature-specific documentation in `docs/features/`

248
docs/features/admin-auto-redirect.md Normal file
View File

@@ -0,0 +1,248 @@
# Admin Auto-Redirect Implementation
## ✅ **COMPLETE: Admins Now Redirect to /admin Automatically**
### **Overview**
Modified all authentication flows to automatically redirect admin users to `/admin` instead of the member dashboard (`/`).
---
## **📝 Changes Made**
### **1. Login Page** (`/apps/web/src/components/pages/Login.tsx`)
**Already Implemented** ✅
- Lines 42-46: Checks `result.user?.role === 'admin'`
- Redirects admins to `/admin`
- Redirects regular users to `/`
```typescript
if (result.user?.role === 'admin') {
navigate('/admin')
} else {
navigate('/')
}
```
---
### **2. OTP Verification** (`/apps/web/src/components/pages/OtpVerification.tsx`)
**Fixed** ✅
- Lines 60-66: Now checks user role after OTP verification
- Redirects based on role
**Before:**
```typescript
await verifyOtp(tempToken, code, method)
navigate('/') // Always went to member dashboard
```
**After:**
```typescript
const result = await verifyOtp(tempToken, code, method)
if (result.user?.role === 'admin') {
navigate('/admin')
} else {
navigate('/')
}
```
---
### **3. Auth Callback (Google OAuth)** (`/apps/web/src/components/pages/AuthCallback.tsx`)
**Fixed** ✅
- Lines 22-36: Fetches user data to check role
- Redirects based on role
**Before:**
```typescript
localStorage.setItem('token', token)
window.location.href = '/' // Always went to member dashboard
```
**After:**
```typescript
localStorage.setItem('token', token)
// Fetch user to check role
const response = await axios.get(`${API_URL}/api/auth/me`, {
headers: { Authorization: `Bearer ${token}` }
})
// Redirect based on role
if (response.data.role === 'admin') {
window.location.href = '/admin'
} else {
window.location.href = '/'
}
```
---
### **4. Public Route Guard** (`/apps/web/src/App.tsx`)
**Fixed** ✅
- Lines 55-58: Prevents logged-in users from accessing login/register
- Now redirects admins to `/admin` instead of `/`
**Before:**
```typescript
if (user) {
return <Navigate to="/" replace /> // Always went to member dashboard
}
```
**After:**
```typescript
if (user) {
// Redirect based on role
const redirectTo = user.role === 'admin' ? '/admin' : '/'
return <Navigate to={redirectTo} replace />
}
```
---
## **🎯 User Flows**
### **Admin Login Flow:**
```
1. Admin goes to /auth/login
2. Enters credentials
3. Clicks "Sign In"
4a. If NO OTP required:
→ Redirected to /admin ✅
4b. If OTP required:
→ Goes to /auth/otp
→ Enters OTP code
→ Redirected to /admin ✅
```
### **Admin Google OAuth Flow:**
```
1. Admin clicks "Continue with Google"
2. Completes Google authentication
3. Redirected to /auth/callback
4a. If NO OTP required:
→ Redirected to /admin ✅
4b. If OTP required:
→ Goes to /auth/otp
→ Enters OTP code
→ Redirected to /admin ✅
```
### **Admin Already Logged In:**
```
1. Admin is already logged in
2. Admin tries to access /auth/login or /auth/register
3. PublicRoute guard intercepts
4. Redirected to /admin ✅
```
### **Regular User Flows:**
All regular users continue to be redirected to `/` (member dashboard) as before.
---
## **📊 Redirect Matrix**
| Scenario | User Type | Destination |
|----------|-----------|-------------|
| Login (no OTP) | Admin | `/admin` ✅ |
| Login (no OTP) | User | `/` |
| Login → OTP | Admin | `/admin` ✅ |
| Login → OTP | User | `/` |
| Google OAuth (no OTP) | Admin | `/admin` ✅ |
| Google OAuth (no OTP) | User | `/` |
| Google OAuth → OTP | Admin | `/admin` ✅ |
| Google OAuth → OTP | User | `/` |
| Already logged in → /auth/login | Admin | `/admin` ✅ |
| Already logged in → /auth/login | User | `/` |
---
## **🧪 Testing Instructions**
### **Test 1: Admin Email Login**
```
1. Go to http://localhost:5174/auth/login
2. Login with admin credentials
3. Verify redirected to /admin ✅
```
### **Test 2: Admin Google Login**
```
1. Go to http://localhost:5174/auth/login
2. Click "Continue with Google"
3. Complete Google authentication
4. Verify redirected to /admin ✅
```
### **Test 3: Admin with OTP**
```
1. Login as admin (with OTP enabled)
2. Enter OTP code
3. Verify redirected to /admin ✅
```
### **Test 4: Admin Already Logged In**
```
1. Login as admin
2. Manually navigate to /auth/login
3. Verify redirected to /admin ✅
```
### **Test 5: Regular User Login**
```
1. Login as regular user
2. Verify redirected to / (member dashboard) ✅
```
---
## **📁 Files Modified**
1. `/apps/web/src/components/pages/OtpVerification.tsx`
- Added role check after OTP verification
- Conditional redirect based on role
2. `/apps/web/src/components/pages/AuthCallback.tsx`
- Fetches user data to determine role
- Conditional redirect based on role
- Added error handling
3. `/apps/web/src/App.tsx`
- Updated PublicRoute to redirect admins to /admin
- Regular users still go to /
4. `/apps/web/src/components/pages/Login.tsx`
- Already had role-based redirect (no changes needed)
---
## **✅ Verification Checklist**
- [x] Admin email login → /admin
- [x] Admin Google login → /admin
- [x] Admin with OTP → /admin
- [x] Admin already logged in → /admin (when accessing login page)
- [x] Regular user login → /
- [x] Regular user with OTP → /
- [x] Regular user already logged in → / (when accessing login page)
---
## **🎉 Summary**
**All authentication flows now correctly redirect admins to `/admin`!**
- ✅ Email/password login
- ✅ Google OAuth login
- ✅ OTP verification
- ✅ Already logged-in guard
- ✅ No changes to regular user flows
Admins will now land on the admin dashboard immediately after login, providing a better UX and clearer separation between admin and member interfaces.

292
docs/features/admin-profile-reuse.md Normal file
View File

@@ -0,0 +1,292 @@
# Admin Profile Page & Dashboard Blocking
## ✅ **COMPLETE: Profile Page Reused for Admin + Member Dashboard Blocked**
### **Overview**
- Reused the existing Profile page for admin users
- Added Profile menu item to admin sidebar
- Blocked admins from accessing the member dashboard
- Admins are automatically redirected to `/admin` if they try to access member routes
---
## **📝 Changes Made**
### **1. Added Profile to Admin Sidebar** (`AdminSidebar.tsx`)
**Changes:**
- Added `UserCircle` icon import
- Added Profile menu item between Users and Settings
- Profile route: `/admin/profile`
```typescript
{
title: 'Profile',
url: '/admin/profile',
icon: UserCircle,
}
```
---
### **2. Added Profile Route to Admin Panel** (`App.tsx`)
**Changes:**
- Imported Profile component
- Added route: `/admin/profile`
```typescript
<Route path="/admin" element={<ProtectedRoute><AdminLayout /></ProtectedRoute>}>
<Route index element={<AdminDashboard />} />
<Route path="plans" element={<AdminPlans />} />
<Route path="payment-methods" element={<AdminPaymentMethods />} />
<Route path="payments" element={<AdminPayments />} />
<Route path="users" element={<AdminUsers />} />
<Route path="profile" element={<Profile />} /> NEW
<Route path="settings" element={<AdminSettings />} />
</Route>
```
---
### **3. Blocked Admins from Member Dashboard** (`Dashboard.tsx`)
**Changes:**
- Added auth check at the top of Dashboard component
- Redirects admins to `/admin` if they try to access member routes
```typescript
export function Dashboard() {
const { user } = useAuth()
// Block admins from accessing member dashboard
if (user?.role === 'admin') {
return <Navigate to="/admin" replace />
}
// ... rest of component
}
```
---
### **4. Translated AdminLayout** (`AdminLayout.tsx`)
**Changes:**
- "Akses Ditolak" → "Access Denied"
- "Anda tidak memiliki izin..." → "You don't have permission..."
- "Kembali ke Dashboard" → "Back to Dashboard"
---
## **🎯 User Flows**
### **Admin Accessing Profile:**
```
Admin logged in
Click "Profile" in sidebar
Navigate to /admin/profile ✅
See Profile page with all settings
```
### **Admin Trying to Access Member Dashboard:**
```
Admin logged in
Try to navigate to / (member dashboard)
Dashboard component checks role
Redirected to /admin ✅
```
### **Admin Trying Member Routes:**
```
Admin tries:
- / → Redirected to /admin ✅
- /wallets → Redirected to /admin ✅
- /transactions → Redirected to /admin ✅
- /profile → Redirected to /admin ✅
```
### **Regular User:**
```
User logged in
Access / → Works normally ✅
Access /wallets → Works normally ✅
Access /transactions → Works normally ✅
Access /profile → Works normally ✅
```
---
## **📊 Route Access Matrix**
| Route | Admin Access | User Access |
|-------|--------------|-------------|
| `/` | ❌ Redirect to /admin | ✅ Member Dashboard |
| `/wallets` | ❌ Redirect to /admin | ✅ Wallets Page |
| `/transactions` | ❌ Redirect to /admin | ✅ Transactions Page |
| `/profile` | ❌ Redirect to /admin | ✅ Profile Page |
| `/admin` | ✅ Admin Dashboard | ❌ Access Denied |
| `/admin/profile` | ✅ Profile Page | ❌ Access Denied |
| `/admin/*` | ✅ All admin routes | ❌ Access Denied |
---
## **🎨 Admin Sidebar Menu Order**
1. 📊 Dashboard (`/admin`)
2. 💳 Plans (`/admin/plans`)
3. 💰 Payment Methods (`/admin/payment-methods`)
4. 💵 Payments (`/admin/payments`)
5. 👥 Users (`/admin/users`)
6. 👤 **Profile** (`/admin/profile`) ✅ NEW
7. ⚙️ Settings (`/admin/settings`)
---
## **✨ Benefits**
### **1. Code Reuse**
- ✅ No need to duplicate Profile component
- ✅ Same profile settings for both admin and users
- ✅ Consistent UI/UX across roles
### **2. Clear Separation**
- ✅ Admins can't access member dashboard
- ✅ Users can't access admin panel
- ✅ Automatic redirects prevent confusion
### **3. Better UX**
- ✅ Admins have dedicated profile page in admin panel
- ✅ No need to switch between interfaces
- ✅ All admin features in one place
---
## **🧪 Testing Instructions**
### **Test 1: Admin Profile Access**
```
1. Login as admin
2. Navigate to /admin
3. Click "Profile" in sidebar
4. Verify you see the profile page ✅
5. Test all profile features (edit, OTP, etc.)
6. Verify everything works ✅
```
### **Test 2: Admin Dashboard Blocking**
```
1. Login as admin
2. Manually navigate to / (member dashboard)
3. Verify redirected to /admin ✅
4. Try /wallets
5. Verify redirected to /admin ✅
6. Try /transactions
7. Verify redirected to /admin ✅
```
### **Test 3: Regular User Access**
```
1. Login as regular user
2. Navigate to / (member dashboard)
3. Verify dashboard loads ✅
4. Navigate to /wallets
5. Verify wallets page loads ✅
6. Navigate to /profile
7. Verify profile page loads ✅
8. Try to access /admin
9. Verify "Access Denied" message ✅
```
### **Test 4: Profile Functionality**
```
As Admin (/admin/profile):
- ✅ Edit profile information
- ✅ Change password
- ✅ Enable/disable OTP methods
- ✅ Setup TOTP
- ✅ All features work
As User (/profile):
- ✅ Same features work
- ✅ No differences in functionality
```
---
## **📁 Files Modified**
1. **`/apps/web/src/components/admin/AdminSidebar.tsx`**
- Added UserCircle icon import
- Added Profile menu item
2. **`/apps/web/src/App.tsx`**
- Imported Profile component
- Added `/admin/profile` route
3. **`/apps/web/src/components/Dashboard.tsx`**
- Added auth check
- Blocks admins from accessing member dashboard
4. **`/apps/web/src/components/admin/AdminLayout.tsx`**
- Translated access denied message to English
---
## **🔒 Security Notes**
### **Frontend Guards:**
- ✅ Dashboard component blocks admins
- ✅ AdminLayout blocks non-admins
- ✅ Automatic redirects prevent access
### **Backend Protection:**
- ✅ API endpoints already have role-based guards
- ✅ Admin routes require admin role
- ✅ User routes work for all authenticated users
### **Important:**
Frontend guards are for UX only. Backend API guards provide actual security. The frontend redirects just prevent confusion and provide better user experience.
---
## **✅ Verification Checklist**
- [x] Profile menu item added to admin sidebar
- [x] Profile route added to admin panel
- [x] Profile page accessible at /admin/profile
- [x] Admins blocked from / (member dashboard)
- [x] Admins blocked from /wallets
- [x] Admins blocked from /transactions
- [x] Admins blocked from /profile (member route)
- [x] Regular users can still access all member routes
- [x] Regular users blocked from /admin routes
- [x] AdminLayout access denied message translated
---
## **🎉 Summary**
**Profile page successfully reused for admins!**
**Admins can:**
- Access profile at `/admin/profile`
- Edit their profile information
- Manage OTP settings
- Change password
- All from within the admin panel
**Admins cannot:**
- Access member dashboard (`/`)
- Access member routes (`/wallets`, `/transactions`, etc.)
- They are automatically redirected to `/admin`
**Regular users:**
- Continue to use profile at `/profile`
- Full access to member dashboard
- Cannot access admin panel
**Clean separation of concerns with maximum code reuse!** 🎊

131
docs/features/admin-settings-tabs.md Normal file
View File

@@ -0,0 +1,131 @@
# Admin Settings - Tabbed Interface
## Overview
Reorganized admin settings page into a clean tabbed interface with vertical tabs on desktop and horizontal scrollable tabs on mobile.
## Implementation Date
October 13, 2025
## Structure
### Tab Layout
```
Settings Page
├── Tabs (Vertical on Desktop, Horizontal on Mobile)
│ ├── 🌐 General
│ ├── 🛡️ Security
│ └── 💰 Payment Methods
└── Content Area (Dynamic based on active tab)
```
### Tab Contents
#### 1. General Tab
- **General Settings Card**
- Application Name
- Application URL
- Support Email
- **Maintenance Mode Card**
- Maintenance Mode Toggle
- Maintenance Message (when enabled)
#### 2. Security Tab
- **Features & Security Card**
- New User Registration Toggle
- Email Verification Toggle
- Manual Payment Verification Toggle
#### 3. Payment Methods Tab
- Full payment methods management
- Drag-and-drop reordering
- Add/Edit/Delete payment methods
- Active/Inactive status toggle
## Files Created
1. **`AdminSettingsNew.tsx`**
- Main settings page with tab navigation
- Responsive layout (vertical/horizontal)
2. **`settings/AdminSettingsGeneral.tsx`**
- General settings + Maintenance mode
- Handles app configuration
3. **`settings/AdminSettingsSecurity.tsx`**
- Feature toggles
- Security settings
4. **`settings/AdminSettingsPaymentMethods.tsx`**
- Wrapper for existing AdminPaymentMethods component
## Files Modified
1. **`App.tsx`**
- Removed `/admin/payment-methods` route
- Updated import to use `AdminSettingsNew`
2. **`AdminSidebar.tsx`**
- Removed "Payment Methods" menu item
- Consolidated under Settings
3. **`AdminPaymentMethods.tsx`**
- Changed heading from h1 to h4 for tab context
## UI/UX Improvements
### Desktop
- Vertical tabs on the left (fixed width: 256px)
- Large content area on the right
- Clear visual separation
- Icons + text labels
### Mobile
- Horizontal scrollable tabs at top
- Full-width content below
- Icons + text labels visible
- Touch-friendly tap targets
### Responsive Breakpoint
- Mobile: `< 768px` (md breakpoint)
- Desktop: `≥ 768px`
## Benefits
1. **Cleaner Navigation**
- Reduced sidebar clutter
- Grouped related settings
- Better information architecture
2. **Better UX**
- All settings in one place
- No page navigation needed
- Faster access to configuration
3. **Scalability**
- Easy to add new tabs
- Modular component structure
- Clear separation of concerns
## Testing
### Desktop
- [x] Vertical tabs display correctly
- [x] Tab switching works
- [x] All settings save properly
- [x] Icons and labels visible
### Mobile
- [x] Horizontal scrollable tabs
- [x] Tab switching works
- [x] Content responsive
- [x] Touch targets adequate
## Future Enhancements
Potential additions:
- Notifications tab (Email/Push settings)
- Integrations tab (Third-party services)
- Appearance tab (Theme, branding)
- Advanced tab (Developer settings)

293
docs/features/maintenance-mode.md Normal file
View File

@@ -0,0 +1,293 @@
# Maintenance Mode - Visual Flow Diagram
## 🎯 **Where Does the Maintenance Page Appear?**
### **Answer: It appears AFTER successful login, when trying to access protected routes**
---
## **📊 Complete User Journey**
### **Scenario 1: Non-Logged-In User (Maintenance ON)**
```
┌─────────────────────────────────────────────────────────────┐
│ User opens: http://localhost:5174 │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ App.tsx checks: Is user logged in? │
│ Answer: NO │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Redirect to: /auth/login │
│ (Login page loads normally - @SkipMaintenance) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ User enters credentials and clicks Login │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ POST /auth/login (Works - @SkipMaintenance) │
│ Returns: { token: "...", user: {...} } │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Token saved to localStorage │
│ Redirect to: / │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Dashboard tries to load │
│ Makes API call: GET /api/users/me │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ MaintenanceGuard intercepts request │
│ - Checks: Is maintenance ON? YES │
│ - Checks: Is user admin? NO (role: 'user') │
│ - Returns: 503 Service Unavailable │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Axios interceptor catches 503 error │
│ Calls: setMaintenanceMode(true) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ ⚠️ MAINTENANCE PAGE DISPLAYED │
│ │
│ 🔧 Under Maintenance │
│ Your custom message here │
│ [Refresh Page] │
└─────────────────────────────────────────────────────────────┘
```
---
### **Scenario 2: Logged-In User (Maintenance Turns ON)**
```
┌─────────────────────────────────────────────────────────────┐
│ User is already logged in, using the app normally │
│ Currently on: /wallets │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Admin enables maintenance mode in /admin/settings │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ User clicks on "Transactions" menu │
│ OR tries to create a new transaction │
│ OR any action that makes an API call │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ API call: POST /api/transactions │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ MaintenanceGuard intercepts │
│ - Maintenance is ON │
│ - User is not admin │
│ - Returns: 503 │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Axios interceptor triggers │
│ setMaintenanceMode(true) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ ⚠️ MAINTENANCE PAGE REPLACES CURRENT VIEW │
│ │
│ 🔧 Under Maintenance │
│ System is being upgraded... │
│ [Refresh Page] │
└─────────────────────────────────────────────────────────────┘
```
---
### **Scenario 3: Admin User (Maintenance ON)**
```
┌─────────────────────────────────────────────────────────────┐
│ Admin logs in at: /auth/login │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Redirected to: / │
│ Makes API call: GET /api/users/me │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ MaintenanceGuard intercepts │
│ - Maintenance is ON │
│ - Extracts JWT token │
│ - Checks role: 'admin' │
│ - Returns: 503 (Even for admin on main app!) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ ⚠️ MAINTENANCE PAGE SHOWN │
│ │
│ (Admin sees maintenance on main app) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Admin navigates to: /admin │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Makes API call: GET /api/admin/users/stats │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ MaintenanceGuard intercepts │
│ - Route has @SkipMaintenance decorator │
│ - Returns: ALLOW (200 OK) │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ ✅ ADMIN PANEL WORKS NORMALLY │
│ │
│ Admin can: │
│ - View dashboard │
│ - Manage users │
│ - Disable maintenance mode │
└─────────────────────────────────────────────────────────────┘
```
---
## **🎨 Visual Representation**
### **App Structure During Maintenance:**
```
┌─────────────────────────────────────────────────────────────┐
│ TABUNGIN APP │
├─────────────────────────────────────────────────────────────┤
│ │
│ PUBLIC ROUTES (Always Work) │
│ ✅ /auth/login │
│ ✅ /auth/register │
│ ✅ /auth/otp │
│ ✅ /health │
│ │
├─────────────────────────────────────────────────────────────┤
│ │
│ ADMIN ROUTES (Work for Admins Only) │
│ ✅ /admin/* │
│ ✅ /api/admin/* │
│ │
├─────────────────────────────────────────────────────────────┤
│ │
│ MAIN APP ROUTES (BLOCKED - Shows Maintenance) │
│ ❌ / │
│ ❌ /wallets │
│ ❌ /transactions │
│ ❌ /api/users/me │
│ ❌ /api/wallets │
│ ❌ /api/transactions │
│ │
│ 👉 All show: MAINTENANCE PAGE │
│ │
└─────────────────────────────────────────────────────────────┘
```
---
## **🔍 Code Flow in App.tsx**
```typescript
export default function App() {
const [maintenanceMode, setMaintenanceMode] = useState(false)
const [maintenanceMessage, setMaintenanceMessage] = useState('')
useEffect(() => {
// Setup interceptor on app load
setupAxiosInterceptors((message) => {
setMaintenanceMessage(message)
setMaintenanceMode(true) // 👈 This triggers maintenance page
})
}, [])
// 👇 When maintenance mode is true, show maintenance page
if (maintenanceMode) {
return (
<ThemeProvider>
<MaintenancePage message={maintenanceMessage} />
</ThemeProvider>
)
}
// 👇 Otherwise, show normal app
return (
<BrowserRouter>
<ThemeProvider>
<LanguageProvider>
<AuthProvider>
<Routes>
{/* All routes here */}
</Routes>
</AuthProvider>
</LanguageProvider>
</ThemeProvider>
</BrowserRouter>
)
}
```
---
## **🎯 Key Points**
### **1. Maintenance Page is NOT a Route**
- It's not `/maintenance` or any URL
- It's a **state-based replacement** of the entire app
- When `maintenanceMode` state is `true`, it replaces everything
### **2. Trigger is API Response**
- Maintenance page appears when **any API call returns 503**
- The axios interceptor catches this and sets state
- This can happen on:
- Initial page load (GET /api/users/me)
- Any user action (creating transaction, loading wallets, etc.)
- Navigation between pages
### **3. Admin Panel is Separate**
- Admin routes (`/admin/*`) have `@SkipMaintenance`
- API calls to `/api/admin/*` bypass the guard
- Admins can still manage the system
- But if admin tries to access main app (`/`), they also see maintenance
### **4. Login Always Works**
- `/auth/login` has `@SkipMaintenance`
- Users can still login during maintenance
- But after login, they immediately see maintenance page
---
## **📝 Summary**
**Where does maintenance page appear?**
- ✅ After any API call that returns 503
- ✅ For regular users trying to access protected routes
- ✅ Even for admins trying to access main app (not admin panel)
- ✅ Replaces the entire app UI (not a specific route)
**Where does it NOT appear?**
- ❌ On login/register pages (before API calls)
- ❌ On admin panel routes (for admins)
- ❌ On health check endpoints
**How to see it?**
1. Enable maintenance mode as admin
2. Login as regular user (or stay logged in)
3. Try to access any page or make any action
4. Maintenance page will appear immediately

267
docs/guides/testing-guide.md Normal file
View File

@@ -0,0 +1,267 @@
# Maintenance Mode - Testing Guide
## ✅ **Fixed Implementation**
### **What Was Wrong:**
The original implementation had a critical flaw - it checked `request.user` which doesn't exist until AFTER the JWT guard runs. This meant:
- Admins would also be blocked
- The guard couldn't distinguish between admin and regular users
### **What Was Fixed:**
- MaintenanceGuard now manually verifies JWT tokens using `JwtService`
- Extracts user role from token payload
- Allows admins through, blocks everyone else
- Works independently of the JWT guard
---
## **🧪 How to Test Maintenance Mode**
### **Prerequisites:**
1. Have at least 2 user accounts:
- One admin account (role: 'admin')
- One regular user account (role: 'user')
2. Both API and Web servers running
---
### **Test Scenario 1: Enable Maintenance Mode**
#### **Step 1: Login as Admin**
```
1. Go to http://localhost:5174/auth/login
2. Login with admin credentials
3. Navigate to http://localhost:5174/admin/settings
```
#### **Step 2: Enable Maintenance**
```
1. Find "Maintenance Mode" section
2. Toggle the switch to ON
3. Optionally change the message to: "We're upgrading! Back in 10 minutes."
4. Click "Save Settings"
5. You should see success toast
```
#### **Step 3: Verify Admin Still Has Access**
```
1. Stay logged in as admin
2. Navigate to different admin pages:
- /admin (Dashboard)
- /admin/users
- /admin/plans
3. All should work normally ✅
4. Try accessing main app: http://localhost:5174/
5. Admin should see maintenance page ❌ (this is expected - only admin panel works)
```
---
### **Test Scenario 2: Regular User Experience**
#### **Step 1: Open Incognito/Private Window**
```
1. Open new incognito window
2. Go to http://localhost:5174
```
#### **Step 2: Try to Access Without Login**
```
1. You'll be redirected to login page
2. Try to login with regular user credentials
3. After successful login, you should see MAINTENANCE PAGE ✅
4. The page should display your custom message
```
#### **Step 3: Verify User is Blocked**
```
1. Try to navigate to any route:
- /
- /wallets
- /transactions
2. All should show maintenance page ✅
3. Click "Refresh Page" button
4. Should still show maintenance (because it's still ON)
```
---
### **Test Scenario 3: Disable Maintenance Mode**
#### **Step 1: As Admin, Disable Maintenance**
```
1. Go back to admin window (still logged in)
2. Navigate to /admin/settings
3. Toggle "Maintenance Mode" to OFF
4. Click "Save Settings"
```
#### **Step 2: Verify User Can Access Again**
```
1. Go to incognito window (with regular user)
2. Click "Refresh Page" button
3. User should now see the normal app ✅
4. Try navigating to different pages - all should work
```
---
## **📊 Expected Behavior Matrix**
| User Type | Maintenance OFF | Maintenance ON |
|-----------|----------------|----------------|
| **Not Logged In** | Can login | Can login, then see maintenance page |
| **Regular User** | Full access | Maintenance page on all routes |
| **Admin User** | Full access | Admin panel works, main app shows maintenance |
---
## **🔍 How to Verify It's Working**
### **Check 1: API Returns 503**
Open browser DevTools (F12) → Network tab:
```
1. With maintenance ON, as regular user
2. Try to access any protected route
3. Look for API calls
4. Should see 503 status code
5. Response body should have:
{
"statusCode": 503,
"message": "Your custom message",
"maintenanceMode": true
}
```
### **Check 2: Admin Bypasses Maintenance**
```
1. With maintenance ON, as admin
2. Open DevTools → Network tab
3. Navigate to /admin/users
4. API calls should return 200 OK (not 503)
5. Admin panel should work normally
```
### **Check 3: Database Config**
Check the database directly:
```sql
SELECT * FROM "Config" WHERE key = 'maintenance_mode';
-- Should show: value = 'true' when ON, 'false' when OFF
SELECT * FROM "Config" WHERE key = 'maintenance_message';
-- Should show your custom message
```
---
## **🐛 Troubleshooting**
### **Problem: Admin Also Sees Maintenance Page**
**Cause:** JWT token might be invalid or expired
**Solution:**
1. Logout and login again as admin
2. Check browser console for errors
3. Verify JWT_SECRET in .env matches between sessions
### **Problem: Regular User Can Still Access**
**Cause:** Maintenance mode not actually enabled in DB
**Solution:**
1. Check database: `SELECT * FROM "Config" WHERE key = 'maintenance_mode'`
2. If value is not 'true', manually update:
```sql
UPDATE "Config" SET value = 'true' WHERE key = 'maintenance_mode';
```
3. Or toggle it again in Admin Settings
### **Problem: Maintenance Page Never Shows**
**Cause:** Axios interceptor not set up properly
**Solution:**
1. Check browser console for errors
2. Verify App.tsx has `setupAxiosInterceptors` call
3. Hard refresh (Ctrl+Shift+R or Cmd+Shift+R)
### **Problem: Auth Routes Also Blocked**
**Cause:** @SkipMaintenance decorator missing
**Solution:**
1. Verify auth.controller.ts has @SkipMaintenance on login/register
2. Restart API server
---
## **🎯 Quick Test Checklist**
- [ ] Admin can enable maintenance mode
- [ ] Admin can customize maintenance message
- [ ] Admin can still access admin panel when maintenance is ON
- [ ] Regular user sees maintenance page when maintenance is ON
- [ ] Maintenance page displays custom message
- [ ] Refresh button works on maintenance page
- [ ] Admin can disable maintenance mode
- [ ] Regular user can access app after maintenance is OFF
- [ ] Login/register still work during maintenance
- [ ] Health check endpoints still work during maintenance
---
## **📝 Notes**
### **Routes That Always Work (Even During Maintenance):**
- `/health` - Health check
- `/health/db` - Database check
- `/auth/login` - Login
- `/auth/register` - Register
- `/auth/verify-otp` - OTP verification
- `/auth/google` - Google OAuth
- `/admin/*` - All admin routes (for admins only)
### **Routes That Get Blocked:**
- `/` - Main dashboard
- `/wallets` - Wallets page
- `/transactions` - Transactions page
- `/api/users/me` - User profile
- `/api/wallets` - Wallet API
- `/api/transactions` - Transaction API
- Any other non-admin, non-auth route
### **How Admins Are Identified:**
1. MaintenanceGuard extracts JWT token from `Authorization` header
2. Verifies token using JwtService
3. Checks if `payload.role === 'admin'`
4. If true, allows access
5. If false or no token, blocks with 503
---
## **🚀 Production Deployment Notes**
### **Before Enabling Maintenance:**
1. Notify users via email/notification
2. Set a clear maintenance message with expected duration
3. Schedule during low-traffic hours
4. Have rollback plan ready
### **During Maintenance:**
1. Monitor admin panel access
2. Check logs for any issues
3. Test critical features before re-enabling
### **After Maintenance:**
1. Disable maintenance mode
2. Monitor for any issues
3. Verify all features work
4. Notify users that system is back online
---
## **✅ Summary**
Maintenance mode is now **fully functional** with proper admin bypass. The system:
- ✅ Blocks regular users when enabled
- ✅ Allows admins to continue working
- ✅ Shows professional maintenance page
- ✅ Displays custom admin messages
- ✅ Can be toggled on/off from Admin Settings
- ✅ Preserves auth functionality
- ✅ Keeps health checks working
**Ready for production use!**

394
docs/planning/tech-qa.md Normal file
View File

@@ -0,0 +1,394 @@
# Technical Questions & Answers
## 📱 **Q1: Mobile App - Native vs PWA?**
### **Recommendation: PWA (Progressive Web App)**
#### **Why PWA is Better for Tabungin:**
**✅ Advantages:**
1. **Single Codebase**
- Same React/TypeScript code for web, mobile, and desktop
- No need to learn Swift (iOS) or Kotlin (Android)
- Faster development and easier maintenance
2. **Instant Updates**
- No app store approval delays
- Users always get the latest version
- Fix bugs immediately
3. **Lower Cost**
- No Apple Developer ($99/year) or Google Play ($25 one-time) fees
- No separate mobile development team needed
- Shared backend API
4. **Easy Distribution**
- Users just visit the URL
- "Add to Home Screen" prompt
- No app store submission process
5. **Cross-Platform**
- Works on iOS, Android, Windows, Mac, Linux
- Same experience everywhere
- Responsive design handles all screen sizes
**❌ Native App Disadvantages:**
- Need to build 2 separate apps (iOS + Android)
- Different programming languages (Swift + Kotlin)
- App store approval process (can take days/weeks)
- Higher development cost (2-3x more expensive)
- Slower iteration cycle
#### **When to Consider Native:**
- Need advanced device features (Bluetooth, NFC, advanced camera)
- Performance-critical 3D graphics or games
- Offline-first with complex local database
- Very large user base willing to download apps
#### **For Tabungin Specifically:**
PWA is perfect because:
- ✅ Financial tracking doesn't need native features
- ✅ Web APIs cover all needs (storage, notifications, camera)
- ✅ Users prefer quick access without app download
- ✅ Easier to maintain with small team
- ✅ Can always add native wrapper later (Capacitor/Cordova)
---
## 🔔 **Q2: Push Notifications in PWA?**
### **Yes! PWA supports push notifications via Web Push API**
#### **How It Works:**
**1. Browser Support:**
- ✅ Chrome (Android & Desktop)
- ✅ Firefox (Android & Desktop)
- ✅ Edge (Android & Desktop)
- ✅ Safari (iOS 16.4+, macOS)
- ✅ Opera (Android & Desktop)
**2. Implementation:**
```typescript
// Frontend: Request permission
async function requestNotificationPermission() {
const permission = await Notification.requestPermission()
if (permission === 'granted') {
// Subscribe to push notifications
const registration = await navigator.serviceWorker.ready
const subscription = await registration.pushManager.subscribe({
userVisibleOnly: true,
applicationServerKey: 'YOUR_VAPID_PUBLIC_KEY'
})
// Send subscription to backend
await fetch('/api/notifications/subscribe', {
method: 'POST',
body: JSON.stringify(subscription),
headers: { 'Content-Type': 'application/json' }
})
}
}
// Service Worker: Receive push
self.addEventListener('push', (event) => {
const data = event.data.json()
event.waitUntil(
self.registration.showNotification(data.title, {
body: data.body,
icon: '/icon-192.png',
badge: '/badge-72.png',
data: data.url
})
)
})
// Handle notification click
self.addEventListener('notificationclick', (event) => {
event.notification.close()
event.waitUntil(
clients.openWindow(event.notification.data)
)
})
```
**3. Backend (NestJS):**
```typescript
// Install: npm install web-push
import * as webpush from 'web-push'
// Setup VAPID keys (one-time)
const vapidKeys = webpush.generateVAPIDKeys()
// Store these in .env:
// VAPID_PUBLIC_KEY=...
// VAPID_PRIVATE_KEY=...
webpush.setVapidDetails(
'mailto:support@tabungin.app',
process.env.VAPID_PUBLIC_KEY,
process.env.VAPID_PRIVATE_KEY
)
// Send notification
async sendPushNotification(subscription: any, payload: any) {
try {
await webpush.sendNotification(subscription, JSON.stringify(payload))
} catch (error) {
console.error('Push notification failed:', error)
}
}
```
**4. Database Schema (Prisma):**
```prisma
model PushSubscription {
id String @id @default(uuid())
userId String
user User @relation(fields: [userId], references: [id])
endpoint String @unique
keys Json // { p256dh, auth }
createdAt DateTime @default(now())
@@index([userId])
}
```
#### **Use Cases for Tabungin:**
1. **Transaction Reminders**
- "Don't forget to log today's expenses!"
- Scheduled daily/weekly
2. **Budget Alerts**
- "You've spent 80% of your monthly budget"
- Real-time when threshold reached
3. **Payment Reminders**
- "Subscription payment due in 3 days"
- Scheduled based on payment dates
4. **Goal Progress**
- "You're 50% towards your savings goal! 🎉"
- Milestone notifications
5. **Admin Notifications**
- "New payment verification request"
- "New user registered"
#### **Notification Channels Summary:**
| Channel | Use Case | Delivery Speed | Cost |
|---------|----------|----------------|------|
| **Web Push** | App updates, reminders | Instant | Free |
| **Email** | Receipts, reports, OTP | 1-5 seconds | Free (SendGrid free tier) |
| **WhatsApp** | OTP, urgent alerts | 1-3 seconds | ~$0.005/message |
| **SMS** | OTP (fallback) | 1-5 seconds | ~$0.01/message |
**Recommendation:**
- ✅ Use Web Push for in-app notifications (free, instant)
- ✅ Use Email for important communications (free, reliable)
- ✅ Use WhatsApp for OTP (cheap, high delivery rate)
- ❌ Avoid SMS unless required (expensive)
---
## 📄 **Q3: Why So Many .md Documentation Files?**
### **Great Question! Let me explain the documentation strategy:**
#### **Current Documentation Files:**
1. `MAINTENANCE_MODE_FLOW.md` - Visual flow diagrams
2. `MAINTENANCE_MODE_TESTING_GUIDE.md` - Testing instructions
3. `ADMIN_AUTO_REDIRECT.md` - Login redirect implementation
4. `ADMIN_PROFILE_REUSE.md` - Profile page reuse
5. `TECH_QUESTIONS_ANSWERED.md` - This file
#### **Why Separate Files?**
**❌ Problem with Single Large Document:**
```
MASTER_DOCUMENTATION.md (5000+ lines)
├── Done Tasks (500 lines)
├── To-Do List (200 lines)
├── Requirements (800 lines)
├── UI/UX Guidelines (600 lines)
├── Feature 1 (300 lines)
├── Feature 2 (400 lines)
├── Feature 3 (350 lines)
└── ... (becomes unmanageable)
```
**Issues:**
- Hard to find specific information
- Merge conflicts when updating
- Overwhelming to read
- Difficult to share specific sections
- No clear separation of concerns
**✅ Benefits of Separate Files:**
1. **Focused Context**
- Each file covers ONE topic
- Easy to find what you need
- Clear purpose and scope
2. **Better Organization**
```
docs/
├── features/
│ ├── maintenance-mode.md
│ ├── admin-redirect.md
│ └── profile-reuse.md
├── guides/
│ ├── testing-guide.md
│ └── deployment-guide.md
└── architecture/
├── tech-stack.md
└── api-design.md
```
3. **Easier Collaboration**
- Multiple people can edit different files
- No merge conflicts
- Clear ownership
4. **Version Control**
- See what changed per feature
- Easier to review changes
- Better git history
#### **Recommended Structure:**
```
/docs
├── README.md # Main index
├── /features # Feature documentation
│ ├── maintenance-mode.md
│ ├── admin-redirect.md
│ └── profile-reuse.md
├── /guides # How-to guides
│ ├── testing.md
│ ├── deployment.md
│ └── development.md
├── /architecture # Technical decisions
│ ├── tech-stack.md
│ ├── database-schema.md
│ └── api-design.md
├── /planning # Project management
│ ├── roadmap.md
│ ├── requirements.md
│ └── changelog.md
└── /ui-ux # Design system
├── design-principles.md
├── components.md
└── style-guide.md
```
#### **What I Can Do:**
**Option 1: Keep Current Structure** (Recommended)
- Separate files for each feature/topic
- Easy to navigate and maintain
- Better for version control
**Option 2: Create Index File**
```markdown
# Tabungin Documentation Index
## Features
- [Maintenance Mode](./features/maintenance-mode.md)
- [Admin Auto-Redirect](./features/admin-redirect.md)
- [Profile Page Reuse](./features/profile-reuse.md)
## Guides
- [Testing Guide](./guides/testing.md)
- [Deployment Guide](./guides/deployment.md)
## Planning
- [Roadmap](./planning/roadmap.md)
- [Requirements](./planning/requirements.md)
```
**Option 3: Consolidate by Category**
- `FEATURES.md` - All feature documentation
- `GUIDES.md` - All how-to guides
- `PLANNING.md` - Roadmap, requirements, to-dos
- `ARCHITECTURE.md` - Technical decisions
#### **My Recommendation:**
**Keep separate files BUT organize them better:**
1. **Move to `/docs` folder:**
```bash
mkdir -p docs/{features,guides,planning,architecture}
mv MAINTENANCE_MODE_*.md docs/features/
mv ADMIN_*.md docs/features/
```
2. **Create `docs/README.md` as index:**
- Links to all documentation
- Quick navigation
- Overview of project
3. **Add to root `README.md`:**
- Link to documentation folder
- Quick start guide
- Project overview
#### **Why I Create These Docs:**
1. **Knowledge Transfer**
- You can understand what was done
- Future developers can onboard faster
- Clear implementation details
2. **Testing Reference**
- Step-by-step testing instructions
- Expected behavior documented
- Edge cases covered
3. **Decision Record**
- Why certain approaches were chosen
- Trade-offs considered
- Future reference
4. **Maintenance**
- Easy to modify features later
- Understand dependencies
- Avoid breaking changes
**Note:** I don't actually "read" these files later in the traditional sense. Each conversation is independent. However, these docs are valuable for:
- **You** (the developer) - Reference and knowledge base
- **Team members** - Onboarding and collaboration
- **Future maintenance** - Understanding the system
- **AI assistants** - Can be provided as context in future sessions
---
## 🎯 **Summary & Recommendations**
### **Mobile App:**
✅ **Use PWA** - Perfect for Tabungin's needs, lower cost, faster development
### **Push Notifications:**
✅ **Use Web Push API** - Free, instant, works on all platforms
- Combine with Email for important messages
- WhatsApp for OTP/urgent alerts
### **Documentation:**
✅ **Keep separate files** but organize better
- Create `/docs` folder structure
- Add index/README for navigation
- Group by category (features, guides, planning)
**Would you like me to:**
1. Reorganize the documentation into proper folder structure?
2. Implement Web Push notifications?
3. Add PWA manifest and service worker for mobile installation?

221
docs/planning/todo.md Normal file
View File

@@ -0,0 +1,221 @@
# To-Do List
## 🚀 High Priority
### 3. PWA Implementation
**Status:** Pending
**Priority:** High
**Estimated Time:** 4-6 hours
**Tasks:**
- [ ] Create `manifest.json` for PWA
- App name, icons, theme colors
- Display mode (standalone)
- Start URL and scope
- [ ] Add app icons
- 192x192 icon
- 512x512 icon
- Maskable icons for Android
- Apple touch icons for iOS
- [ ] Create Service Worker
- Cache strategy (network-first for API, cache-first for assets)
- Offline fallback page
- Background sync for transactions
- [ ] Add "Add to Home Screen" prompt
- Detect installation capability
- Show custom install prompt
- Handle installation events
- [ ] Test PWA features
- Install on Android
- Install on iOS (Safari)
- Test offline functionality
- Verify caching works
**Benefits:**
- Users can install app on home screen
- Works offline
- Faster load times
- Native app-like experience
**Resources:**
- [PWA Documentation](https://web.dev/progressive-web-apps/)
- [Workbox (Service Worker library)](https://developers.google.com/web/tools/workbox)
---
### 4. Web Push Notifications
**Status:** Pending
**Priority:** High
**Estimated Time:** 6-8 hours
**Backend Tasks:**
- [ ] Install `web-push` library
```bash
cd apps/api
npm install web-push
```
- [ ] Generate VAPID keys
```typescript
const vapidKeys = webpush.generateVAPIDKeys()
// Add to .env:
// VAPID_PUBLIC_KEY=...
// VAPID_PRIVATE_KEY=...
```
- [ ] Create PushSubscription model (Prisma)
```prisma
model PushSubscription {
id String @id @default(uuid())
userId String
user User @relation(fields: [userId], references: [id])
endpoint String @unique
keys Json
createdAt DateTime @default(now())
@@index([userId])
}
```
- [ ] Create NotificationService
- Subscribe endpoint
- Unsubscribe endpoint
- Send notification method
- Batch send for multiple users
- [ ] Add notification triggers
- Transaction reminders (scheduled)
- Budget alerts (real-time)
- Payment reminders (scheduled)
- Admin alerts (real-time)
**Frontend Tasks:**
- [ ] Request notification permission
- Show permission prompt
- Handle user response
- Store permission status
- [ ] Subscribe to push notifications
- Get service worker registration
- Subscribe with VAPID public key
- Send subscription to backend
- [ ] Handle push events in Service Worker
- Show notification
- Handle notification click
- Open relevant page
- [ ] Add notification preferences UI
- Enable/disable notifications
- Choose notification types
- Set quiet hours
- [ ] Test notifications
- Test on Chrome (Android & Desktop)
- Test on Firefox
- Test on Safari (iOS 16.4+)
- Test notification click actions
**Use Cases:**
1. **Transaction Reminders**
- "Don't forget to log today's expenses!"
- Daily/weekly schedule
2. **Budget Alerts**
- "You've spent 80% of your monthly budget"
- Real-time threshold alerts
3. **Payment Reminders**
- "Subscription payment due in 3 days"
- Scheduled based on payment dates
4. **Goal Progress**
- "You're 50% towards your savings goal! 🎉"
- Milestone notifications
5. **Admin Notifications**
- "New payment verification request"
- "New user registered"
**Resources:**
- [Web Push API](https://developer.mozilla.org/en-US/docs/Web/API/Push_API)
- [web-push library](https://github.com/web-push-libs/web-push)
- [Notification API](https://developer.mozilla.org/en-US/docs/Web/API/Notifications_API)
---
## 📋 Medium Priority
### Code Quality
- [ ] Fix ESLint warnings (87 issues)
- Review and fix auth-related warnings
- Fix OTP component warnings
- Fix transaction/wallet warnings
### Testing
- [ ] Add unit tests for critical functions
- [ ] Add integration tests for API endpoints
- [ ] Add E2E tests for main user flows
### Documentation
- [ ] API endpoint documentation (Swagger/OpenAPI)
- [ ] Component documentation (Storybook)
- [ ] Database schema documentation
---
## 🔮 Future Enhancements
### Features
- [ ] Export transactions (CSV, PDF)
- [ ] Recurring transactions
- [ ] Budget categories
- [ ] Multi-currency support
- [ ] Team/family sharing
- [ ] Financial reports and charts
### Admin Features
- [ ] Analytics dashboard
- [ ] User activity logs
- [ ] System health monitoring
- [ ] Backup and restore
### Integrations
- [ ] Bank account sync
- [ ] Receipt scanning (OCR)
- [ ] Cryptocurrency tracking
- [ ] Investment portfolio
---
## ✅ Completed
- [x] Maintenance mode implementation
- [x] Admin auto-redirect after login
- [x] Profile page reuse for admin
- [x] Admin dashboard blocking for regular users
- [x] Admin settings tabbed interface
- [x] Documentation reorganization
---
## 📝 Notes
**Priority Levels:**
- **High:** Should be done soon (within 1-2 weeks)
- **Medium:** Important but not urgent (within 1 month)
- **Low:** Nice to have (when time permits)
**Time Estimates:**
- Based on single developer working full-time
- May vary based on experience and complexity
- Include testing and documentation time
**Update Frequency:**
- Review weekly
- Mark completed items
- Add new items as needed
- Reprioritize based on user feedback