Skip to main content

overview

๐Ÿง  Junior MVP Frontend โ€“ Overviewโ€‹

๐Ÿ“Œ Objective:โ€‹

Create a multi-role SaaS dashboard for "Junior" that enables:

  • Admins to manage users/roles/settings
  • Users to log in and perform role-specific tasks
  • Secure internal and external communication between services (REST)

๐Ÿ—‚๏ธ Core Features in MVPโ€‹

1. Authentication & Authorizationโ€‹

  • โœ… JWT-based auth with login flow
  • โœ… Role-based UI rendering (Admin, User, etc.)
  • โœ… Frontend reads token from localStorage
  • โœ… REST API call to /api/user/me to fetch role and details
  • ๐Ÿ”’ Protect routes via role-based guards

2. Routing & Layoutโ€‹

  • Uses react-router-dom with:

    • /login โ†’ Login page
    • /dashboard โ†’ Protected layout
    • Nested routes under /dashboard/*

  • Global layout with top nav + sidebar (conditionally rendered)

3. User Dashboardโ€‹

  • ๐Ÿ‘ค Display user profile info (name, role, etc.)
  • ๐Ÿ“„ Role-specific dashboard home screen
  • โœ… Fetch user data using restTemplate call to auth service

4. Admin Panelโ€‹

  • ๐Ÿง‘โ€๐Ÿ’ผ List users with pagination
  • โž• Add new user (basic form)
  • ๐Ÿ› ๏ธ Assign/remove roles
  • ๐Ÿšซ Enable/disable users
  • ๐Ÿ”„ Refresh tokens or session control

5. Common Componentsโ€‹

  • Toasts for feedback
  • Modal for confirmations
  • Error boundary / error pages (401, 403, 500)

๐Ÿ› ๏ธ Tech Stackโ€‹

FeatureTool
UIReact + Vite + SWC
StylingTailwindCSS
RoutingReact Router
StateLocalStorage + React Context
AuthJWT token stored in localStorage
Build ToolVite
TestingVitest (optional)
LintingESLint
CI/CDGitHub Actions (provided above)

๐Ÿ”’ Security MVP (Frontend)โ€‹

  • โœ… Token stored in localStorage (consider httpOnly cookie if needed later)
  • โœ… Add token to Authorization: Bearer <token> header in all API calls
  • โœ… Block unauthorized routes if no valid user or token
  • ๐Ÿ” Token expiration handling (optional refresh logic MVP+)
  • โŒ Disable all CORS protection on dev for local REST access

๐Ÿ”„ Communication with Backendโ€‹

  • Frontend fetches data from:

    • /api/user/me (for auth)
    • /api/users/* (for admin panel)

  • Internally, backend uses RestTemplate to communicate between microservices.

  • Youโ€™ve set allowed origin to http://localhost:8082 from backend for dev.

๐Ÿ”„ MVP Flowโ€‹

  1. โœ… Login page โ€” Enter credentials โ†’ POST /api/auth/login
  2. โœ… On success, token saved to localStorage
  3. โœ… Token used to GET /api/user/me to retrieve user info and roles
  4. โœ… Role-based dashboard UI rendered
  5. โœ… Admins can manage users
  6. โœ… Users can see their profile / perform role tasks

๐Ÿงช Bonus: Test Plan (Optional for MVP)โ€‹

FeatureTest
LoginValid/Invalid credentials
TokenExpired/missing token redirects to /login
RoutingProtected routes only accessible if logged in
RolesOnly admins can access /dashboard/admin
API ErrorsShow toast + retry option