Production-grade SaaS financial intelligence platform powered by GPT-4o, Next.js 15, and PostgreSQL.
| Module | Description |
|---|---|
| Financial Dashboard | Real-time revenue, expenses, profit, invoice metrics |
| Invoice Management | Create, send, track, record payments |
| Expense Tracking | Manual entry, CSV import, categorization |
| Transaction Ledger | Full double-entry transaction history |
| Bank Statement Analyzer | Upload PDF/CSV, extract & categorize transactions |
| AI Financial Assistant | RAG-based chatbot with real financial data context |
| AI Insights Engine | Auto-detected anomalies, risks, opportunities |
| Cash Flow Forecasting | Deterministic 3-month linear trend forecasts |
| Financial Reports | P&L, Expense Summary, Revenue Trends (PDF/Excel) |
| Settings & Security | RBAC, audit logs, MFA, organization management |
AI NEVER calculates financial values. All calculations are deterministic and performed by the backend using Prisma queries. AI only generates explanations, insights, and narratives based on the pre-calculated data.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Next.js 15 App Router β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ€
β Frontend (RSC) β API Routes β
β - Dashboard β - /api/dashboard β
β - Invoices β - /api/invoices β
β - Expenses β - /api/expenses β
β - AI Assistant β - /api/ai/chat (SSE streaming) β
β - Cash Flow β - /api/cash-flow β
β - Reports β - /api/reports β
β - Insights β - /api/insights β
ββββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββββ
β β
Clerk Auth Prisma ORM
β β
PostgreSQL DB OpenAI GPT-4o
β β
Qdrant Vector DB RAG Pipeline
User Question
β Intent Classification (GPT-4o-mini)
β Data Retrieval (Prisma queries = REAL numbers)
β Context Assembly
β OpenAI GPT-4o Response Generation
β Streaming SSE to Frontend
Frontend
- Next.js 15 (App Router, RSC, Streaming)
- TypeScript 5
- Tailwind CSS + ShadCN UI components
- Recharts (interactive financial charts)
- React Query (server state management)
- Zustand (client state)
Backend
- Next.js API Routes
- Prisma ORM with PostgreSQL
- Zod validation (all inputs)
- Rate limiting via Redis when
REDIS_URLis set (in-process fallback otherwise) - Redis-backed dashboard metrics cache with version invalidation on writes
AI
- OpenAI GPT-4o (assistant responses)
- OpenAI text-embedding-3-small (embeddings)
- RAG architecture for financial context
- Qdrant vector database
Auth & Security
- Clerk Authentication (OAuth, MFA, RBAC)
- OWASP Top 10 compliant
- CSRF protection in middleware
- SQL injection prevention (Prisma parameterized queries)
- Complete audit logging
Organizations βββ¬ββ OrganizationMembers ββ Users
βββ Clients
βββ Vendors
βββ Categories
βββ Transactions ββ Categories
βββ Invoices ββββββ¬ββ InvoiceItems
β βββ Payments
βββ Expenses ββ Categories
βββ BankStatements ββ Transactions
βββ Reports
βββ AIChats ββ AIChatMessages
βββ Insights
βββ CashFlowForecasts
βββ Notifications
βββ AuditLogs
βββ Anomalies
| Security Layer | Implementation |
|---|---|
| Authentication | Clerk JWT + MFA |
| Authorization | RBAC (Admin/Accountant/Employee/Viewer) |
| CSRF Protection | Origin/Host validation in middleware |
| Rate Limiting | Per-IP sliding window (100 req/min default) |
| Input Validation | Zod schemas on all API endpoints |
| SQL Injection | Prisma ORM parameterized queries |
| XSS Prevention | Next.js built-in + CSP headers |
| Audit Logging | All CRUD operations logged with user/IP |
| Sensitive Data | Prisma field-level encryption ready |
| File Upload | Type validation, size limits, S3 signed URLs |
- Node.js 20+
- PostgreSQL 16+
- OpenAI API key
- Clerk account
git clone https://github.com/imchine/FinTech-Solution.git
cd finsight-ai
npm installcp .env.example .env.local
# Fill in your API keys# Apply schema
npx prisma migrate dev --name init
# Generate client
npx prisma generatenpm run dev
# Open http://localhost:3000docker-compose up -dRedis is optional but recommended for production and multi-instance deployments.
docker compose up -d redis
# set in .env.local:
REDIS_URL=redis://localhost:6379When REDIS_URL is set:
- Rate limiting β shared across API routes (
/api/transactions,/api/invoices,/api/ai/chat, etc.) - Dashboard cache β metrics cached for 2 minutes; invalidated when transactions, expenses, or invoices change
- Health check β
GET /api/healthreports whether Redis is configured
Without Redis, rate limits and dashboard metrics use in-process behaviour only.
finsight-ai/
βββ src/
β βββ app/
β β βββ (auth)/ # Sign in/up pages (Clerk)
β β βββ (dashboard)/ # All protected dashboard pages
β β β βββ dashboard/ # Main financial dashboard
β β β βββ invoices/ # Invoice management
β β β βββ expenses/ # Expense tracking
β β β βββ transactions/# Transaction ledger
β β β βββ ai-assistant/# AI chatbot interface
β β β βββ cash-flow/ # Cash flow & forecasting
β β β βββ insights/ # AI insights engine
β β β βββ reports/ # Financial reports
β β β βββ bank-statements/ # Bank statement analyzer
β β β βββ settings/ # Account & org settings
β β βββ api/ # All API routes
β βββ components/
β β βββ ui/ # ShadCN UI components
β β βββ charts/ # Recharts wrappers
β β βββ dashboard/ # Dashboard-specific components
β β βββ layout/ # Sidebar, Header
β β βββ shared/ # Providers, theme
β βββ lib/
β β βββ prisma.ts # Database client
β β βββ auth.ts # Auth helpers & audit logging
β β βββ openai.ts # AI integration & RAG
β β βββ financial-calculations.ts # ALL financial math
β β βββ validations.ts # Zod schemas
β β βββ rate-limit.ts # API rate limiting
β β βββ utils.ts # Utilities & formatters
β βββ middleware.ts # Auth & security middleware
β βββ types/ # TypeScript types
βββ prisma/
β βββ schema.prisma # Complete DB schema
βββ docker-compose.yml # Full stack Docker setup
βββ Dockerfile # Production container
βββ .env.example # Environment template
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/health |
Health check |
| GET | /api/dashboard |
Dashboard metrics |
| GET | /api/dashboard/trends |
Monthly trends |
| GET | /api/dashboard/categories |
Expense categories |
| GET/POST | /api/invoices |
List/create invoices |
| GET/PATCH/DELETE | /api/invoices/[id] |
Invoice operations |
| GET/POST | /api/expenses |
List/create expenses |
| GET/POST | /api/transactions |
List/create transactions |
| POST | /api/ai/chat |
AI chat (SSE streaming) |
| GET | /api/ai/chat |
Chat history |
| GET | /api/cash-flow |
Historical + forecasts |
| GET/POST | /api/reports |
Report management |
| GET | /api/insights |
AI insights |
vercel deploy --prodSet all variables from .env.example in your deployment platform.
npx prisma migrate deploy- Unit Tests: Financial calculation functions (Jest)
- Integration Tests: API routes with Prisma mocks
- E2E Tests: Playwright for critical user flows
- Security Tests: OWASP ZAP scanning
- Load Tests: k6 for API performance
- Server-side rendering for initial dashboard load
- React Query caching (60s stale time)
- Optimized Prisma queries with proper indexes
- Streaming AI responses (SSE)
- Image optimization via Next.js
- Lazy loading of chart components
- Fork the repository
- Create a feature branch
- Make changes with tests
- Submit a PR
MIT License β see LICENSE file.
Built with β€οΈ for SMEs worldwide