Add configuration file and update server settings
- Introduced a new `config.yaml` file for managing server, database, cache, queue, AI, scraping, logging, and rate limiting configurations. - Updated `docker-compose.yml` to reflect the new server port (8081) and adjusted health check endpoints accordingly. - Modified `Dockerfile` to expose the new server port. - Updated `README.md` to reflect changes in server configuration and added documentation for the new configuration structure. - Added test scripts for server and Swagger documentation testing. - Refactored customer domain structure to align with new configuration settings and improve maintainability.
This commit is contained in:
@@ -1,293 +1,79 @@
|
||||
# Tender Management System - Dual User Architecture
|
||||
# Tender Management System
|
||||
|
||||
A comprehensive tender management backend system built with Go, featuring separate authentication and authorization for mobile app customers and panel admin users.
|
||||
A comprehensive tender management backend system built with Go, following Clean Architecture principles with Domain-Driven Design (DDD) patterns.
|
||||
|
||||
## 🏗️ Architecture Overview
|
||||
## 📚 Documentation
|
||||
|
||||
This system implements **Clean Architecture** principles with a dual user system:
|
||||
All documentation has been organized in the [`docs/`](./docs/) directory for better structure and maintainability.
|
||||
|
||||
### User Types
|
||||
|
||||
1. **Customers (Mobile App Users)**
|
||||
- End users who interact through mobile applications
|
||||
- Can register, view tenders, manage company profiles
|
||||
- Role-based access: `customer_user`, `customer_manager`
|
||||
|
||||
2. **Panel Users (Admin/Staff)**
|
||||
- Administrative users who manage the system
|
||||
- Can manage customers, tenders, companies, and system settings
|
||||
- Role-based access: `admin`, `moderator`, `support`, `analyst`
|
||||
|
||||
### Layer Structure
|
||||
|
||||
```
|
||||
┌─────────────────────────────────────────────────────────────┐
|
||||
│ Handler Layer │
|
||||
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
|
||||
│ │ Customer Auth │ │ User Auth │ │ Legacy Auth │ │
|
||||
│ │ Handler │ │ Handler │ │ Handler │ │
|
||||
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
|
||||
└─────────────────────────────────────────────────────────────┘
|
||||
┌─────────────────────────────────────────────────────────────┐
|
||||
│ Service Layer │
|
||||
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
|
||||
│ │ Customer Auth │ │ User Auth │ │ Customer │ │
|
||||
│ │ Service │ │ Service │ │ Service │ │
|
||||
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
|
||||
└─────────────────────────────────────────────────────────────┘
|
||||
┌─────────────────────────────────────────────────────────────┐
|
||||
│ Repository Layer │
|
||||
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
|
||||
│ │ Customer │ │ User │ │ Company │ │
|
||||
│ │ Repository │ │ Repository │ │ Repository │ │
|
||||
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
|
||||
└─────────────────────────────────────────────────────────────┘
|
||||
┌─────────────────────────────────────────────────────────────┐
|
||||
│ Domain Layer │
|
||||
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
|
||||
│ │ Customer │ │ User │ │ Interfaces │ │
|
||||
│ │ Entity │ │ Entity │ │ & DTOs │ │
|
||||
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
|
||||
└─────────────────────────────────────────────────────────────┘
|
||||
```
|
||||
### Quick Links
|
||||
- **[📖 Main Documentation](./docs/README.md)** - Comprehensive project overview and guidelines
|
||||
- **[🔧 Setup Guides](./docs/setup/)** - HTTP server and Swagger setup
|
||||
- **[🚀 Implementation Details](./docs/implementation/)** - Architecture and implementation overview
|
||||
- **[📡 API Examples](./docs/examples/)** - API usage examples and endpoints
|
||||
|
||||
## 🚀 Quick Start
|
||||
|
||||
### Prerequisites
|
||||
1. **Setup Environment**
|
||||
```bash
|
||||
# Follow setup guides in docs/setup/
|
||||
```
|
||||
|
||||
2. **Run the Application**
|
||||
```bash
|
||||
make run
|
||||
```
|
||||
|
||||
3. **Access API Documentation**
|
||||
- Swagger UI: `http://localhost:8081/swagger/index.html`
|
||||
- API Base URL: `http://localhost:8081/api/v1`
|
||||
|
||||
## 🏗️ Architecture
|
||||
|
||||
This system implements **Clean Architecture** with:
|
||||
- **Domain Layer**: Business entities and core rules
|
||||
- **Service Layer**: Business logic and use cases
|
||||
- **Handler Layer**: HTTP controllers and request handling
|
||||
- **Repository Layer**: Data access implementations
|
||||
- **Infrastructure Layer**: External dependencies
|
||||
|
||||
## 📋 Key Features
|
||||
|
||||
- **Clean Architecture**: DDD principles with clear separation of concerns
|
||||
- **MongoDB Integration**: Robust data persistence with proper indexing
|
||||
- **Structured Logging**: Comprehensive logging with context
|
||||
- **Input Validation**: Govalidator integration for request validation
|
||||
- **Error Handling**: Consistent error responses and logging
|
||||
- **Time Handling**: Unix timestamps throughout the application
|
||||
- **API Documentation**: Auto-generated Swagger documentation
|
||||
|
||||
## 🔧 Development
|
||||
|
||||
### Prerequisites
|
||||
- Go 1.23+
|
||||
- MongoDB 4.4+
|
||||
- Valid MongoDB connection
|
||||
|
||||
### Setup
|
||||
|
||||
1. **Clone the repository**
|
||||
```bash
|
||||
git clone <repository-url>
|
||||
cd tm
|
||||
```
|
||||
|
||||
2. **Install dependencies**
|
||||
```bash
|
||||
go mod download
|
||||
```
|
||||
|
||||
3. **Configure the application**
|
||||
```bash
|
||||
cp configs/config.example.yaml configs/config.yaml
|
||||
# Edit configs/config.yaml with your settings
|
||||
```
|
||||
|
||||
4. **Run database migration**
|
||||
```bash
|
||||
go run migrations/001_dual_user_system.go
|
||||
```
|
||||
|
||||
5. **Start the server**
|
||||
```bash
|
||||
go run cmd/api/main.go
|
||||
```
|
||||
|
||||
## 📡 API Endpoints
|
||||
|
||||
### Mobile App (Customer) Endpoints
|
||||
|
||||
| Method | Endpoint | Description | Auth Required |
|
||||
|--------|----------|-------------|---------------|
|
||||
| POST | `/api/v1/mobile/auth/register` | Customer registration | No |
|
||||
| POST | `/api/v1/mobile/auth/login` | Customer login | No |
|
||||
| POST | `/api/v1/mobile/auth/refresh` | Refresh tokens | No |
|
||||
| POST | `/api/v1/mobile/auth/verify-email` | Email verification | Yes |
|
||||
| POST | `/api/v1/mobile/auth/change-password` | Change password | Yes |
|
||||
| GET | `/api/v1/mobile/auth/profile` | Get customer profile | Yes |
|
||||
| POST | `/api/v1/mobile/auth/logout` | Customer logout | Yes |
|
||||
|
||||
### Admin Panel (User) Endpoints
|
||||
|
||||
| Method | Endpoint | Description | Auth Required |
|
||||
|--------|----------|-------------|---------------|
|
||||
| POST | `/api/v1/admin/auth/login` | Panel user login | No |
|
||||
| POST | `/api/v1/admin/auth/refresh` | Refresh tokens | No |
|
||||
| POST | `/api/v1/admin/auth/change-password` | Change password | Yes |
|
||||
| GET | `/api/v1/admin/auth/profile` | Get user profile | Yes |
|
||||
| POST | `/api/v1/admin/users` | Create panel user | Admin only |
|
||||
| PUT | `/api/v1/admin/users/:id/permissions` | Update permissions | Admin only |
|
||||
|
||||
### Legacy Endpoints (Backward Compatible)
|
||||
|
||||
| Method | Endpoint | Description |
|
||||
|--------|----------|-------------|
|
||||
| POST | `/auth/register` | Generic registration (defaults to customer) |
|
||||
| POST | `/auth/login` | Generic login (tries both types) |
|
||||
| POST | `/auth/refresh` | Generic token refresh |
|
||||
|
||||
## 🔐 Authentication & Authorization
|
||||
|
||||
### Token Structure
|
||||
|
||||
#### Customer Tokens
|
||||
```json
|
||||
{
|
||||
"customer_id": "uuid",
|
||||
"email": "customer@example.com",
|
||||
"role": "customer_user",
|
||||
"company_id": "uuid",
|
||||
"user_type": "customer",
|
||||
"type": "access"
|
||||
}
|
||||
```
|
||||
|
||||
#### Panel User Tokens
|
||||
```json
|
||||
{
|
||||
"user_id": "uuid",
|
||||
"email": "admin@example.com",
|
||||
"role": "admin",
|
||||
"department": "IT",
|
||||
"permissions": ["manage_users", "manage_tenders"],
|
||||
"user_type": "user",
|
||||
"type": "access"
|
||||
}
|
||||
```
|
||||
|
||||
### Middleware Options
|
||||
|
||||
- `CustomerOnlyMiddleware()` - Mobile users only
|
||||
- `UserOnlyMiddleware()` - Panel users only
|
||||
- `CustomerRoleMiddleware(roles...)` - Customer role-based access
|
||||
- `UserRoleMiddleware(roles...)` - Panel user role-based access
|
||||
- `UserPermissionMiddleware(permissions...)` - Fine-grained permissions
|
||||
|
||||
### Permission System
|
||||
|
||||
Panel users have granular permissions:
|
||||
- `manage_users` - Create/modify panel users
|
||||
- `manage_tenders` - Tender management
|
||||
- `manage_companies` - Company management
|
||||
- `manage_customers` - Customer management
|
||||
- `view_reports` - Access reporting
|
||||
- `manage_system` - System configuration
|
||||
|
||||
## 📊 Database Schema
|
||||
|
||||
### Collections
|
||||
|
||||
- `customers` - Mobile app users
|
||||
- `users` - Panel users (admin/staff)
|
||||
- `companies` - Company profiles
|
||||
- `tenders` - Tender opportunities
|
||||
- `notifications` - System notifications
|
||||
|
||||
### Sample Data
|
||||
|
||||
The migration creates sample accounts:
|
||||
|
||||
**Admin User:**
|
||||
- Email: `admin@tendermanagement.com`
|
||||
- Password: `admin123!`
|
||||
- Role: `admin`
|
||||
|
||||
**Customer:**
|
||||
- Email: `customer@example.com`
|
||||
- Password: `customer123!`
|
||||
- Role: `customer_user`
|
||||
|
||||
## 🛠️ Development
|
||||
|
||||
### Project Structure
|
||||
|
||||
```
|
||||
tm/
|
||||
├── cmd/api/ # Application entry point
|
||||
├── internal/
|
||||
│ ├── domain/ # Business entities & interfaces
|
||||
│ ├── service/ # Business logic layer
|
||||
│ ├── handler/ # HTTP handlers
|
||||
│ ├── repository/ # Data access layer
|
||||
│ └── infrastructure/ # External dependencies
|
||||
├── pkg/
|
||||
│ ├── logger/ # Logging utilities
|
||||
│ ├── middleware/ # HTTP middleware
|
||||
│ └── response/ # API response utilities
|
||||
├── configs/ # Configuration files
|
||||
├── migrations/ # Database migrations
|
||||
└── docs/ # Documentation
|
||||
tm_back/
|
||||
├── cmd/web/ # Application entry point
|
||||
├── internal/ # Private application code
|
||||
│ ├── customer/ # Customer domain
|
||||
│ └── ... # Other domains
|
||||
├── pkg/ # Public packages
|
||||
│ ├── logger/ # Logging utilities
|
||||
│ ├── mongo/ # MongoDB utilities
|
||||
│ └── response/ # API response utilities
|
||||
├── docs/ # 📚 All documentation
|
||||
└── config.yaml # Configuration file
|
||||
```
|
||||
|
||||
### Adding New Features
|
||||
## 📞 Support
|
||||
|
||||
1. **Define interfaces in domain layer**
|
||||
2. **Implement business logic in service layer**
|
||||
3. **Create HTTP handlers**
|
||||
4. **Add repository implementations**
|
||||
5. **Wire up in main.go**
|
||||
6. **Add appropriate middleware to routes**
|
||||
For detailed documentation, guides, and examples, please visit the [`docs/`](./docs/) directory.
|
||||
|
||||
### Testing
|
||||
---
|
||||
|
||||
```bash
|
||||
# Run tests
|
||||
go test ./...
|
||||
|
||||
# Run with coverage
|
||||
go test -coverprofile=coverage.out ./...
|
||||
go tool cover -html=coverage.out
|
||||
```
|
||||
|
||||
## 🔧 Configuration
|
||||
|
||||
Key configuration sections:
|
||||
|
||||
```yaml
|
||||
database:
|
||||
mongodb:
|
||||
uri: "mongodb://localhost:27017"
|
||||
name: "tender_management"
|
||||
|
||||
auth:
|
||||
jwt:
|
||||
secret: "your-jwt-secret"
|
||||
access_token_duration: "15m"
|
||||
refresh_token_duration: "7d"
|
||||
|
||||
server:
|
||||
host: "localhost"
|
||||
port: 8080
|
||||
timeout: "30s"
|
||||
```
|
||||
|
||||
## 🚨 Security Features
|
||||
|
||||
- **Separate Authentication**: Isolated customer and panel user auth
|
||||
- **JWT Tokens**: Stateless authentication with refresh tokens
|
||||
- **Password Hashing**: bcrypt with configurable cost
|
||||
- **Role-Based Access**: Granular role and permission system
|
||||
- **Input Validation**: Comprehensive request validation
|
||||
- **CORS Support**: Configurable cross-origin policies
|
||||
|
||||
## 📈 Monitoring & Logging
|
||||
|
||||
- **Structured Logging**: JSON-formatted logs with context
|
||||
- **Request Logging**: HTTP request/response logging
|
||||
- **Error Tracking**: Contextual error information
|
||||
- **Health Checks**: `/health` endpoint for monitoring
|
||||
|
||||
## 🎯 Key Benefits
|
||||
|
||||
1. **Clear Separation**: Mobile and panel users are completely isolated
|
||||
2. **Security**: Each user type has appropriate authentication and authorization
|
||||
3. **Scalability**: Clean architecture allows easy feature additions
|
||||
4. **Maintainability**: Well-structured code with clear dependencies
|
||||
5. **Backward Compatibility**: Legacy endpoints continue to work
|
||||
6. **Developer Friendly**: Comprehensive logging and error handling
|
||||
|
||||
## 📚 Next Steps
|
||||
|
||||
- [ ] Implement CompanyRepository
|
||||
- [ ] Add tender management endpoints
|
||||
- [ ] Create notification system
|
||||
- [ ] Add file upload functionality
|
||||
- [ ] Implement email verification
|
||||
- [ ] Add rate limiting
|
||||
- [ ] Create API documentation with Swagger
|
||||
- [ ] Add comprehensive test coverage
|
||||
**Version**: 1.0.0
|
||||
**Last Updated**: $(date)
|
||||
Reference in New Issue
Block a user