Files
roa2web-service-auto/.claude/rules/authentication.md
Marius Mutu 1a6e9b17d2 feat: Add shared components, refactor stores, improve data-entry workflow
Shared Components:
- Add CompanySelector.vue and PeriodSelector.vue components
- Add AppHeader.vue and SlideMenu.vue layout components
- Add shared stores factories (companies.js, accountingPeriod.js)
- Add shared routes factories (companies.py, calendar.py)
- Add shared models (company.py, calendar.py)
- Add shared layout styles (header.css, navigation.css)

Data Entry App:
- Update CLAUDE.md with prod/test server documentation
- Improve nomenclature sync service with better error handling
- Update receipts router and CRUD operations
- Add company/period stores using shared factories
- Update App.vue layout with shared components
- Fix OCRUploadZone file handling

Reports App:
- Refactor stores to use shared factories
- Update App.vue to use shared layout components

Infrastructure:
- Replace start-data-entry.sh with separate dev/test scripts
- Add .claude/rules for authentication, backend patterns, etc.
- Add implementation plan for OCR receipt improvements
- Clean up old documentation files

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-15 15:00:45 +02:00

18 lines
720 B
Markdown

# Authentication Rules
## JWT Token Structure (IMMUTABLE)
All apps use the same token payload:
- `username`, `user_id`, `companies[]`, `permissions[]`, `exp`, `iat`, `type`
## Backend Rules
- Use `AuthenticationMiddleware` from `shared/auth/middleware.py`
- Use `get_current_user` dependency from `shared/auth/dependencies.py`
- Never implement custom auth logic in routers
- Rate limiting: 5 req/5 min for /auth/* paths
## Frontend Rules
- Use `createAuthStore(apiService)` factory from `shared/frontend/stores/auth.js`
- Use `LoginView.vue` component from `shared/frontend/components/`
- Store tokens in localStorage: `access_token`, `refresh_token`, `user`
- Initialize auth on app startup with `initializeAuth()`