ankhbayar/Assist_Design
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Assist_Design/docs
History
barsa 88b9ac0a19 Enhance authentication and CSRF protection mechanisms 
- Introduced optional JWT issuer and audience configurations in the JoseJwtService for improved token validation.
- Updated CSRF middleware to streamline token validation and enhance security measures.
- Added new environment variables for JWT issuer and audience, allowing for more flexible authentication setups.
- Refactored CSRF controller and middleware to improve token handling and security checks.
- Cleaned up and standardized cookie paths for access and refresh tokens in the AuthController.
- Enhanced error handling in the TokenBlacklistService to manage Redis availability more effectively.
2025-12-12 15:00:11 +09:00
..
api
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
architecture
Enhance session management and error handling in authentication components
2025-10-29 18:19:50 +09:00
assets
Remove sharp dependency and related configurations from package.json and pnpm-lock.yaml; update Prisma configuration for database connection handling and streamline database commands in BFF application. Clean up unused migration files and adjust schema.prisma to reflect recent model changes.
2025-12-11 14:00:54 +09:00
auth
Enhance authentication and CSRF protection mechanisms
2025-12-12 15:00:11 +09:00
bff
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
domain
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
guides
Update @types/node dependency to 24.10.3 and adjust Docker entrypoint scripts for Prisma commands
2025-12-11 10:58:00 +09:00
logging
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
orders
Update worktree setup and enhance BFF with SupportModule integration
2025-11-18 14:06:27 +09:00
portal
Remove sharp dependency and related configurations from package.json and pnpm-lock.yaml; update Prisma configuration for database connection handling and streamline database commands in BFF application. Clean up unused migration files and adjust schema.prisma to reflect recent model changes.
2025-12-11 14:00:54 +09:00
products
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
provisioning
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
salesforce
Refactor environment configuration and enhance order processing logic
2025-11-17 10:31:33 +09:00
sim
Add SIM management features and enhance checkout process
2025-11-18 10:57:36 +09:00
types
Remove deprecated documentation files related to architecture, validation, and integration processes. This cleanup enhances maintainability and reduces clutter in the repository, ensuring a more streamlined development environment.
2025-10-08 18:14:12 +09:00
README.md
Refactor project structure and enhance documentation
2025-11-19 17:14:36 +09:00

README.md

Customer Portal Documentation

This directory contains comprehensive system design documentation for the Customer Portal project.

📚 Core System Design Documents

System Architecture

Comprehensive overview of the entire system

  • System overview and high-level architecture
  • Architecture principles (Clean Architecture, DDD)
  • Monorepo structure and organization
  • Application layers (Portal, BFF, Domain)
  • Technology stack and infrastructure
  • Data flow and integration patterns
  • Deployment architecture

Start here for a complete understanding of the system.

Integration & Data Flow

External system integration patterns and data transformation

  • Integration architecture overview
  • Salesforce integration (REST API + Platform Events via gRPC Pub/Sub)
  • WHMCS integration (REST API + Webhooks)
  • Freebit SIM management integration
  • Domain mapper pattern (Map Once, Use Everywhere)
  • Data transformation flows
  • Error handling and retry strategies
  • Caching strategies (CDC-driven + TTL-based)

Read this to understand how external systems are integrated.

Domain Layer Design

Framework-agnostic type system and business logic

  • Domain-driven design principles
  • Provider pattern for multi-system abstraction
  • Type system architecture (unified domain package)
  • Schema-driven validation with Zod
  • Adding new domains step-by-step
  • Import patterns and best practices

Read this to understand the domain layer and type system.

Authentication & Security

Security architecture and implementation

  • Authentication flow (JWT access + refresh tokens)
  • Token management and rotation with Redis blacklist
  • Authorization and access control
  • Rate limiting strategies (auth endpoints + external APIs)
  • Password security (Bcrypt with configurable rounds)
  • CSRF protection
  • PII redaction and data protection
  • Audit logging

Read this for security implementation details.

📖 Feature-Specific Documentation

Portal (Frontend)

Orders & Catalog

Integration Guides

BFF Integration Layer:

Salesforce:

API Integration:

Domain & Architecture

Validation & Data

Operations & Deployment

Getting Started:

Provisioning:

Logging:

Other Documentation

🗂️ Archived Documentation

Status reports and temporary implementation documents have been moved to _archive/:

  • Migration progress reports
  • Refactoring completion documents
  • Cleanup and audit documents
  • Priority tracking documents

These are kept for historical reference but are not part of the active system design.

🎯 Quick Start Guide

For New Developers

  1. Start with Core Design Documents:

  2. Set Up Your Environment:

  3. Understand Key Features:

For Backend Developers

  1. System Architecture - BFF architecture (if available)
  2. Integration & Data Flow - Integration patterns (if available)
  3. Authentication & Security - Auth implementation (if available)
  4. BFF Integration Patterns - Best practices

For Frontend Developers

  1. Portal Architecture - Frontend structure
  2. Domain Layer Design - Type system (if available)
  3. Portal Integration Overview - API integration
  4. Performance Optimization - Performance tips

For Integration Work

  1. Integration & Data Flow - Integration architecture (if available)
  2. Salesforce Portal Simple Guide
  3. Salesforce-WHMCS Mapping Reference
  4. SIM Management API Data Flow

For DevOps/Deployment

  1. Deployment Guide
  2. Provisioning Runbook
  3. Logging Guide

📋 Documentation Standards

When Adding New Documentation

  1. Place in appropriate category folder
  2. Use clear, descriptive filenames
  3. Update this README index
  4. Follow markdown best practices
  5. Include date and author information
  6. Keep documentation synchronized with code

Documentation Types

  • Design Documents: Architecture, patterns, and design decisions
  • Guides: Step-by-step instructions and tutorials
  • References: API documentation, data mappings, configuration
  • Status Reports: Move to _archive/ when outdated

Naming Conventions

  • Use UPPERCASE-WITH-DASHES.md for design documents
  • Use descriptive names that indicate content
  • Avoid version numbers in filenames
  • Use consistent prefixes for related docs

🤝 Contributing

When updating documentation:

  • Keep files organized in their respective categories
  • Update the changelog for significant changes
  • Ensure all links work correctly
  • Use relative links for internal documentation
  • Keep the README index updated
  • Archive outdated status reports

📞 Support

For questions about the system:

  1. Check the relevant design document
  2. Review related guides and references
  3. Check archived documents for historical context
  4. Contact the development team

🏗️ Technology Stack

Frontend

  • Next.js 15 (App Router) with React 19
  • Tailwind CSS 4 with shadcn/ui components
  • TanStack Query for data fetching and caching
  • Zustand for client state management
  • React Hook Form + Zod for form validation

Backend (BFF)

  • NestJS 11 with TypeScript
  • Prisma 6 ORM with PostgreSQL 17
  • p-queue for request throttling
  • Redis 7 for caching and token blacklist
  • Pino for structured logging

External Integrations

  • WHMCS: Custom API client for billing and subscriptions
  • Salesforce: jsforce for REST API + salesforce-pubsub-api-client for Platform Events
  • Freebit: Custom SIM management integration

Infrastructure

  • Docker for local development
  • pnpm workspaces for monorepo management
  • TypeScript project references for build optimization

Last Updated: November 2025
Maintained By: Development Team

📑 Complete File Index

View all documentation files

Core Design

  • SYSTEM-ARCHITECTURE.md (check if exists in architecture/)
  • INTEGRATION-DATAFLOW.md (check if exists in architecture/)
  • DOMAIN-LAYER-DESIGN.md (check if exists in architecture/)
  • AUTHENTICATION-SECURITY.md (check if exists in architecture/)

Architecture

  • architecture/MONOREPO-ARCHITECTURE.md
  • architecture/MODULAR-PROVISIONING-ARCHITECTURE.md
  • architecture/NEW-DOMAIN-ARCHITECTURE.md
  • architecture/ORDERS-ARCHITECTURE-REVIEW.md
  • architecture/PRODUCT-CATALOG-ARCHITECTURE.md

API & Integration

  • api/FREEBIT-SIM-MANAGEMENT.md
  • api/SIM-MANAGEMENT-API-DATA-FLOW.md

Authentication

  • auth/AUTH-MODULE-ARCHITECTURE.md
  • auth/AUTH-SCHEMA-IMPROVEMENTS.md
  • auth/DEVELOPMENT-AUTH-SETUP.md
  • auth/REDIS-TOKEN-FLOW-IMPLEMENTATION.md

BFF

  • bff/BFF-INTEGRATION-PATTERNS-ARCHITECTURE.md
  • bff/BFF-INTEGRATION-PATTERNS-GUIDE.md
  • bff/DB-MAPPERS.md

Domain

  • domain/DOMAIN-STRUCTURE.md
  • domain/PACKAGE-ORGANIZATION.md

Guides

  • guides/ADDRESS_SYSTEM.md
  • guides/DEPLOY.md
  • guides/GETTING_STARTED.md
  • guides/RUN.md
  • guides/STRUCTURE.md

Logging

  • logging/LOGGING.md
  • logging/LOGGING_LEVELS.md

Orders

  • orders/ORDER-FULFILLMENT-COMPLETE-GUIDE.md
  • orders/PORTAL-ORDERING-PROVISIONING.md

Portal

  • portal/PERFORMANCE.md
  • portal/PORTAL-ARCHITECTURE.md
  • portal/PORTAL-DATA-MODEL.md
  • portal/PORTAL-INTEGRATION-OVERVIEW.md
  • portal/PORTAL-NONTECH-PRESENTATION.md
  • portal/PORTAL-ROADMAP.md
  • portal/RECOMMENDED-LIB-STRUCTURE.md

Products

  • products/ADDON-INSTALLATION-LOGIC.md
  • products/BUNDLE_ANALYSIS.md

Provisioning

  • provisioning/RUNBOOK_PROVISIONING.md
  • provisioning/SUBSCRIPTION-SERVICE-MANAGEMENT.md
  • provisioning/TEMPORARY-DISABLED-MODULES.md

Salesforce

  • salesforce/SALESFORCE-ORDER-COMMUNICATION.md
  • salesforce/SALESFORCE-PORTAL-SECURITY-GUIDE.md
  • salesforce/SALESFORCE-PORTAL-SIMPLE-GUIDE.md
  • salesforce/SALESFORCE-PRODUCTS.md
  • salesforce/SALESFORCE-WHMCS-MAPPING-REFERENCE.md
  • salesforce/WHMCS_BILLING_ISSUES_RESOLUTION.md

Types

  • types/CONSOLIDATED-TYPE-SYSTEM.md
  • types/UNIFIED-PRODUCT-TYPES.md

Validation

  • validation/SIGNUP_VALIDATION_RULES.md
  • validation/VALIDATION_CLEANUP_SUMMARY.md
  • validation/VALIDATION_PATTERNS.md
  • validation/bff-validation-migration.md