Initialize base

This commit is contained in:
hdbar
2025-07-27 16:20:21 +03:30
commit ad9db7bcce
31 changed files with 8268 additions and 0 deletions
+293
View File
@@ -0,0 +1,293 @@
# Tender Management System - Dual User Architecture
A comprehensive tender management backend system built with Go, featuring separate authentication and authorization for mobile app customers and panel admin users.
## 🏗️ Architecture Overview
This system implements **Clean Architecture** principles with a dual user system:
### User Types
1. **Customers (Mobile App Users)**
- End users who interact through mobile applications
- Can register, view tenders, manage company profiles
- Role-based access: `customer_user`, `customer_manager`
2. **Panel Users (Admin/Staff)**
- Administrative users who manage the system
- Can manage customers, tenders, companies, and system settings
- Role-based access: `admin`, `moderator`, `support`, `analyst`
### Layer Structure
```
┌─────────────────────────────────────────────────────────────┐
│ Handler Layer │
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
│ │ Customer Auth │ │ User Auth │ │ Legacy Auth │ │
│ │ Handler │ │ Handler │ │ Handler │ │
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Service Layer │
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
│ │ Customer Auth │ │ User Auth │ │ Customer │ │
│ │ Service │ │ Service │ │ Service │ │
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Repository Layer │
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
│ │ Customer │ │ User │ │ Company │ │
│ │ Repository │ │ Repository │ │ Repository │ │
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Domain Layer │
│ ┌─────────────────┐ ┌─────────────────┐ ┌──────────────┐ │
│ │ Customer │ │ User │ │ Interfaces │ │
│ │ Entity │ │ Entity │ │ & DTOs │ │
│ └─────────────────┘ └─────────────────┘ └──────────────┘ │
└─────────────────────────────────────────────────────────────┘
```
## 🚀 Quick Start
### Prerequisites
- Go 1.23+
- MongoDB 4.4+
- Valid MongoDB connection
### Setup
1. **Clone the repository**
```bash
git clone <repository-url>
cd tm
```
2. **Install dependencies**
```bash
go mod download
```
3. **Configure the application**
```bash
cp configs/config.example.yaml configs/config.yaml
# Edit configs/config.yaml with your settings
```
4. **Run database migration**
```bash
go run migrations/001_dual_user_system.go
```
5. **Start the server**
```bash
go run cmd/api/main.go
```
## 📡 API Endpoints
### Mobile App (Customer) Endpoints
| Method | Endpoint | Description | Auth Required |
|--------|----------|-------------|---------------|
| POST | `/api/v1/mobile/auth/register` | Customer registration | No |
| POST | `/api/v1/mobile/auth/login` | Customer login | No |
| POST | `/api/v1/mobile/auth/refresh` | Refresh tokens | No |
| POST | `/api/v1/mobile/auth/verify-email` | Email verification | Yes |
| POST | `/api/v1/mobile/auth/change-password` | Change password | Yes |
| GET | `/api/v1/mobile/auth/profile` | Get customer profile | Yes |
| POST | `/api/v1/mobile/auth/logout` | Customer logout | Yes |
### Admin Panel (User) Endpoints
| Method | Endpoint | Description | Auth Required |
|--------|----------|-------------|---------------|
| POST | `/api/v1/admin/auth/login` | Panel user login | No |
| POST | `/api/v1/admin/auth/refresh` | Refresh tokens | No |
| POST | `/api/v1/admin/auth/change-password` | Change password | Yes |
| GET | `/api/v1/admin/auth/profile` | Get user profile | Yes |
| POST | `/api/v1/admin/users` | Create panel user | Admin only |
| PUT | `/api/v1/admin/users/:id/permissions` | Update permissions | Admin only |
### Legacy Endpoints (Backward Compatible)
| Method | Endpoint | Description |
|--------|----------|-------------|
| POST | `/auth/register` | Generic registration (defaults to customer) |
| POST | `/auth/login` | Generic login (tries both types) |
| POST | `/auth/refresh` | Generic token refresh |
## 🔐 Authentication & Authorization
### Token Structure
#### Customer Tokens
```json
{
"customer_id": "uuid",
"email": "customer@example.com",
"role": "customer_user",
"company_id": "uuid",
"user_type": "customer",
"type": "access"
}
```
#### Panel User Tokens
```json
{
"user_id": "uuid",
"email": "admin@example.com",
"role": "admin",
"department": "IT",
"permissions": ["manage_users", "manage_tenders"],
"user_type": "user",
"type": "access"
}
```
### Middleware Options
- `CustomerOnlyMiddleware()` - Mobile users only
- `UserOnlyMiddleware()` - Panel users only
- `CustomerRoleMiddleware(roles...)` - Customer role-based access
- `UserRoleMiddleware(roles...)` - Panel user role-based access
- `UserPermissionMiddleware(permissions...)` - Fine-grained permissions
### Permission System
Panel users have granular permissions:
- `manage_users` - Create/modify panel users
- `manage_tenders` - Tender management
- `manage_companies` - Company management
- `manage_customers` - Customer management
- `view_reports` - Access reporting
- `manage_system` - System configuration
## 📊 Database Schema
### Collections
- `customers` - Mobile app users
- `users` - Panel users (admin/staff)
- `companies` - Company profiles
- `tenders` - Tender opportunities
- `notifications` - System notifications
### Sample Data
The migration creates sample accounts:
**Admin User:**
- Email: `admin@tendermanagement.com`
- Password: `admin123!`
- Role: `admin`
**Customer:**
- Email: `customer@example.com`
- Password: `customer123!`
- Role: `customer_user`
## 🛠️ Development
### Project Structure
```
tm/
├── cmd/api/ # Application entry point
├── internal/
│ ├── domain/ # Business entities & interfaces
│ ├── service/ # Business logic layer
│ ├── handler/ # HTTP handlers
│ ├── repository/ # Data access layer
│ └── infrastructure/ # External dependencies
├── pkg/
│ ├── logger/ # Logging utilities
│ ├── middleware/ # HTTP middleware
│ └── response/ # API response utilities
├── configs/ # Configuration files
├── migrations/ # Database migrations
└── docs/ # Documentation
```
### Adding New Features
1. **Define interfaces in domain layer**
2. **Implement business logic in service layer**
3. **Create HTTP handlers**
4. **Add repository implementations**
5. **Wire up in main.go**
6. **Add appropriate middleware to routes**
### Testing
```bash
# Run tests
go test ./...
# Run with coverage
go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out
```
## 🔧 Configuration
Key configuration sections:
```yaml
database:
mongodb:
uri: "mongodb://localhost:27017"
name: "tender_management"
auth:
jwt:
secret: "your-jwt-secret"
access_token_duration: "15m"
refresh_token_duration: "7d"
server:
host: "localhost"
port: 8080
timeout: "30s"
```
## 🚨 Security Features
- **Separate Authentication**: Isolated customer and panel user auth
- **JWT Tokens**: Stateless authentication with refresh tokens
- **Password Hashing**: bcrypt with configurable cost
- **Role-Based Access**: Granular role and permission system
- **Input Validation**: Comprehensive request validation
- **CORS Support**: Configurable cross-origin policies
## 📈 Monitoring & Logging
- **Structured Logging**: JSON-formatted logs with context
- **Request Logging**: HTTP request/response logging
- **Error Tracking**: Contextual error information
- **Health Checks**: `/health` endpoint for monitoring
## 🎯 Key Benefits
1. **Clear Separation**: Mobile and panel users are completely isolated
2. **Security**: Each user type has appropriate authentication and authorization
3. **Scalability**: Clean architecture allows easy feature additions
4. **Maintainability**: Well-structured code with clear dependencies
5. **Backward Compatibility**: Legacy endpoints continue to work
6. **Developer Friendly**: Comprehensive logging and error handling
## 📚 Next Steps
- [ ] Implement CompanyRepository
- [ ] Add tender management endpoints
- [ ] Create notification system
- [ ] Add file upload functionality
- [ ] Implement email verification
- [ ] Add rate limiting
- [ ] Create API documentation with Swagger
- [ ] Add comprehensive test coverage