A comprehensive CRM system for flooring businesses with material management, service scheduling, and secure payment processing.
- Frontend: https://session-recovery-app-2wgd757z.devinapps.com
- Backend API: https://app-zyqywrfy.fly.dev
-
🔐 Secure Authentication & Authorization
- Role-based access control (Customer/Employee)
- JWT token authentication
- Password validation with security requirements
- Session management
-
📦 Material Management
- Add/Remove materials
- Track inventory
- Price management
- Material categorization
-
🛠 Service Management
- Service creation and management
- Pricing configuration
- Service scheduling
- Employee assignment
-
💳 Payment Processing
- Secure Square payment integration
- Payment status tracking
- Receipt generation
- Transaction history
-
🎨 Modern UI/UX
- Responsive design
- Mobile-friendly interface
- Real-time validation
- Loading states and error handling
- React with TypeScript
- Vite for build tooling
- TailwindCSS for styling
- Square Web Payments SDK
- React Router for navigation
- FastAPI (Python)
- PostgreSQL database
- SQLAlchemy ORM
- JWT authentication
- Poetry for dependency management
- Frontend: Static hosting (Render/Netlify)
- Backend: Container deployment (Fly.io)
- Database: Managed PostgreSQL
- NGINX for reverse proxy
# API Configuration
REACT_APP_API_URL=https://app-zyqywrfy.fly.dev
# Frontend Configuration
VITE_APP_URL=https://session-recovery-app-2wgd757z.devinapps.com
# Square Payment Configuration
REACT_APP_SQUARE_APP_ID=your_square_app_id
REACT_APP_SQUARE_LOCATION_ID=your_square_location_id
REACT_APP_SQUARE_ENV=sandbox# Database Configuration
DATABASE_URL=postgresql://user:password@localhost:5432/flooring_crm
# Authentication
SECRET_KEY=your_secret_key
ACCESS_TOKEN_EXPIRE_MINUTES=30
# CORS Configuration
FRONTEND_URL=http://localhost:3000
ALLOWED_ORIGINS=["*"]
# Environment
ENV=development
PORT=8080
HOST=0.0.0.0# Install dependencies
npm install
# Development server
npm run dev
# Production build
npm run build# Install Poetry
curl -sSL https://install.python-poetry.org | python3 -
# Install dependencies
poetry install
# Initialize database
poetry run python migrations/create_tables.py
# Create test user
poetry run python create_test_user.py
# Run development server
poetry run uvicorn app.main:app --host 0.0.0.0 --port 8080 --reload# Run all tests
poetry run pytest
# Run specific test files
poetry run pytest test_endpoints.py
poetry run pytest test_payments.py# Run tests
npm test
# Run with coverage
npm test -- --coverage- POST
/api/auth/register- Register new user - POST
/api/auth/login- User login - GET
/api/auth/me- Get current user
- GET
/api/materials- List materials - POST
/api/materials- Create material - DELETE
/api/materials/{id}- Delete material
- GET
/api/services- List services - POST
/api/services- Create service - DELETE
/api/services/{id}- Delete service
- POST
/api/payments/process- Process payment - GET
/api/payments/{id}- Get payment details - POST
/api/payments/verify- Verify payment
-
Password Requirements:
- Minimum 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
- No common patterns or repeated characters
-
API Security:
- JWT token authentication
- Role-based access control
- Request rate limiting
- CORS configuration
- Input validation
- Error handling
- Build the frontend:
npm run build- Configure environment variables
- Deploy to hosting service (Render/Netlify)
- Set up PostgreSQL database
- Configure environment variables
- Deploy using Fly.io:
fly launch
fly deployThe application implements comprehensive error handling:
-
Frontend:
- Form validation
- API error handling
- Network error recovery
- Loading states
- User feedback
-
Backend:
- Input validation
- Database error handling
- Authentication errors
- Payment processing errors
- Rate limiting
- Fork the repository
- Create a feature branch
- Commit changes
- Push to the branch
- Create a Pull Request
CREATE TABLE users (
id SERIAL PRIMARY KEY,
username VARCHAR(50) UNIQUE NOT NULL,
email VARCHAR(100) UNIQUE NOT NULL,
hashed_password VARCHAR(100) NOT NULL,
role VARCHAR(20) NOT NULL DEFAULT 'customer',
is_active BOOLEAN NOT NULL DEFAULT true,
phone VARCHAR(20),
address VARCHAR(200)
);CREATE TABLE materials (
id SERIAL PRIMARY KEY,
name VARCHAR(100) UNIQUE NOT NULL,
description TEXT NOT NULL,
price_per_unit DECIMAL(10,2) NOT NULL,
unit VARCHAR(20) NOT NULL,
stock INTEGER NOT NULL DEFAULT 0
);CREATE TABLE services (
id SERIAL PRIMARY KEY,
name VARCHAR(100) UNIQUE NOT NULL,
description TEXT NOT NULL,
base_price DECIMAL(10,2) NOT NULL
);CREATE TABLE payments (
id SERIAL PRIMARY KEY,
user_id INTEGER REFERENCES users(id),
amount DECIMAL(10,2) NOT NULL,
status VARCHAR(20) NOT NULL,
payment_id VARCHAR(100) UNIQUE NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
);The application implements caching at multiple levels:
- Static assets cached using NGINX with optimal settings
- Browser caching configured with appropriate cache-control headers
- Service worker for offline functionality (PWA-ready)
- Response caching for static content
- Cache-Control headers for API responses
- ETags for resource versioning
# Static file caching
location /assets {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
}
# API response caching
location /api/ {
proxy_cache api_cache;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_cache_valid 200 5m;
proxy_cache_valid 404 1m;
}MIT License - See LICENSE file for details