1fda7da2c2
- Backend (FastAPI): - External API authentication (pj-auth-api.vercel.app) - JWT token validation with Redis session storage - RBAC with department isolation - User, Role, Department models with pjctrl_ prefix - Alembic migrations with project-specific version table - Complete test coverage (13 tests) - Frontend (React + Vite): - AuthContext for state management - Login page with error handling - Protected route component - Dashboard with user info display - OpenSpec: - 7 capability specs defined - add-user-auth change archived 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
3.3 KiB
3.3 KiB
Project Context
Purpose
Cross-departmental project management system serving as a Single Source of Truth to:
- Reduce engineering time-reporting burden
- Provide real-time resource load and project progress analysis
- Standardize task tracking across departments
Target users:
- Engineers: Simplified reporting, automated reminders, personal task dashboard
- Unit Managers: Team workload visibility, resource allocation heatmaps, multi-project health boards
- Admin/PMO: Centralized data, automated weekly reports, document version control
Tech Stack
- Frontend: React.js (recommended for complex admin dashboards)
- Backend: Python with FastAPI (enables future AI/ML integration for risk prediction)
- Database: MySQL (relational structure for complex project hierarchies and dependencies)
- Cache & Real-time: Redis (push notifications, task state locking)
- Real-time Sync: WebSocket for live collaboration
- Authentication: Enterprise Windows AD/LDAP via SSO (https://pj-auth-api.vercel.app)
- Environment Management: Conda (for Python dependency isolation)
Project Conventions
Code Style
- [To be defined - React/TypeScript conventions for frontend]
- [To be defined - Python/FastAPI conventions for backend]
Database Naming
- Table Prefix: All tables must use
pjctrl_prefix (e.g.,pjctrl_users,pjctrl_projects,pjctrl_tasks) - This ensures isolation in shared database environments and prevents migration conflicts
Architecture Patterns
- 3-Tier Architecture (Presentation, Application, Data layers)
- Designed for future extensibility (MES/ERP integration capability)
- Multi-level task hierarchy: Space > Project > Task > Sub-task
Testing Strategy
- [To be defined]
Git Workflow
- [To be defined]
Domain Context
Semiconductor/Manufacturing Industry
- Custom fields support domain-specific data: package types, machine numbers, expected yield rates
- Document encryption (AES-256) for sensitive semiconductor drawings
- User watermarking on downloads for IP protection
- Department-level access control (e.g., factory ops cannot view R&D projects)
Important Constraints
- Security: Enterprise AD/LDAP integration with fine-grained permissions
- Audit Trail: All changes logged (deadline modifications, file deletions, etc.)
- Data Sensitivity: Encrypted storage for sensitive technical documents
- Real-time Requirements: WebSocket-based live updates for concurrent editing
- Database Isolation: All tables MUST use a designated prefix (e.g.,
pjctrl_) to prevent conflicts during sync/migration with other tables in shared database environments
External Dependencies
- SSO Auth API: https://pj-auth-api.vercel.app (Windows AD integration)
- On-premise Storage: NAS for file attachments
- Future: MES/ERP system integration
Database Connection
- Host: mysql.theaken.com
- Port: 33306
- User: A060
- Database: db_A060
- Table Prefix:
pjctrl_
System Administrator
- Email: ymirliu@panjit.com.tw
- Role: super_admin (不可刪除或降級)
Core Data Model (ERD)
- User: ID, Name, Department, Role, Skills, Capacity
- Project: ID, Title, Owner, Budget, Timeline, Security_Level
- Task: ID, Project_ID, Assignee, Priority, Status, Original_Estimate, Time_Spent, Blocker_Flag
- Attachment: ID, Task_ID, Version, File_Path