Major Enhancement: NestJS Migration + CASL Authorization + Error Handling

Complete rewrite from Express to NestJS with enterprise-grade features: ## Backend Improvements - Migrated from Express to NestJS 11.0.1 with TypeScript - Implemented Prisma ORM 7.3.0 for type-safe database access - Added CASL authorization system replacing role-based guards - Created global exception filters with structured logging - Implemented Auth0 JWT authentication with Passport.js - Added vehicle management with conflict detection - Enhanced event scheduling with driver/vehicle assignment - Comprehensive error handling and logging ## Frontend Improvements - Upgraded to React 19.2.0 with Vite 7.2.4 - Implemented CASL-based permission system - Added AbilityContext for declarative permissions - Created ErrorHandler utility for consistent error messages - Enhanced API client with request/response logging - Added War Room (Command Center) dashboard - Created VIP Schedule view with complete itineraries - Implemented Vehicle Management UI - Added mock data generators for testing (288 events across 20 VIPs) ## New Features - Vehicle fleet management (types, capacity, status tracking) - Complete 3-day Jamboree schedule generation - Individual VIP schedule pages with PDF export (planned) - Real-time War Room dashboard with auto-refresh - Permission-based navigation filtering - First user auto-approval as administrator ## Documentation - Created CASL_AUTHORIZATION.md (comprehensive guide) - Created ERROR_HANDLING.md (error handling patterns) - Updated CLAUDE.md with new architecture - Added migration guides and best practices ## Technical Debt Resolved - Removed custom authentication in favor of Auth0 - Replaced role checks with CASL abilities - Standardized error responses across API - Implemented proper TypeScript typing - Added comprehensive logging Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-31 08:50:25 +01:00
parent 8ace1ab2c1
commit 868f7efc23
351 changed files with 44997 additions and 6276 deletions
--- a/backend-old-20260125/.env.example
+++ b/backend-old-20260125/.env.example
@@ -0,0 +1,37 @@
+# ============================================
+# Auth0 Configuration (NEW)
+# ============================================
+AUTH0_DOMAIN=your-tenant.us.auth0.com
+AUTH0_CLIENT_ID=your_client_id_here
+AUTH0_CLIENT_SECRET=your_client_secret_here
+AUTH0_AUDIENCE=https://vip-coordinator-api
+AUTH0_API_ID=6910ee5a03672ebf6f04fc1c
+AUTH0_CALLBACK_URL=http://localhost:3000/auth/auth0/callback
+AUTH0_LOGOUT_URL=http://localhost:5173/login
+
+# ============================================
+# Application Configuration
+# ============================================
+PORT=3000
+NODE_ENV=development
+FRONTEND_URL=http://localhost:5173
+
+# ============================================
+# Database Configuration
+# ============================================
+DATABASE_URL=postgresql://postgres:changeme@db:5432/vip_coordinator
+
+# ============================================
+# Redis Configuration
+# ============================================
+REDIS_URL=redis://redis:6379
+
+# ============================================
+# Legacy Google OAuth (REMOVE THESE)
+# These are no longer needed with Auth0
+# ============================================
+# GOOGLE_CLIENT_ID=
+# GOOGLE_CLIENT_SECRET=
+# GOOGLE_REDIRECT_URI=
+# JWT_SECRET=
+# ADMIN_PASSWORD=