debesocial/biiproject-kit-v1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: align README structure and section ordering with v2, adding Tech Stack and API Endpoints tables

Browse Source
This commit is contained in:
debesocial
2026-05-21 16:59:57 +07:00
parent a4a620d90a
commit 03c10f91e2
1 changed files with 104 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+104 -51
View File
@@ -11,7 +11,21 @@ Aplikasi web manajemen bisnis berbasis **Laravel 13** dengan PostgreSQL, Redis,
--- ---
## 🛠️ Fitur Utama ## 🛠️ Tech Stack
| Layer | Technology |
|---|---|
| **Backend** | Laravel 13.x (PHP 8.3+) with PostgreSQL & Redis |
| **Real-time Engine** | Laravel Reverb (WebSockets for real-time monitoring and widgets) |
| **Frontend** | Vanilla CSS, Blade Templates, SortableJS (Drag-and-drop dashboard) |
| **Authentication** | Breeze (Session) + Sanctum (API) + Passkeys (WebAuthn FIDO2) + OAuth |
| **RBAC** | `spatie/laravel-permission` (Granular 85 tab levels matrix) |
| **System Audit** | `spatie/laravel-activitylog` + Custom Action Logs |
| **Interactive API Docs**| `l5-swagger` (OpenAPI Swagger with AI Assistant) |
---
## ⚡ Fitur Utama
* 📊 **Dashboard Admin Real-time** — ringkasan CPU/RAM/Disk/Live Users/Queue dengan update via WebSocket (Reverb). Widget bisa disembunyikan, diurutkan ulang (drag), dan disimpan per-user. Fallback ke polling 30 detik jika Reverb tidak terhubung. * 📊 **Dashboard Admin Real-time** — ringkasan CPU/RAM/Disk/Live Users/Queue dengan update via WebSocket (Reverb). Widget bisa disembunyikan, diurutkan ulang (drag), dan disimpan per-user. Fallback ke polling 30 detik jika Reverb tidak terhubung.
* 🧩 **Custom Dashboard Widgets** — 7 widget bawaan (cpu, ram, disk, live users, queues, activity feed, AI insight). Per-user layout tersimpan di `dashboard_widget_preferences`. Toggle show/hide + drag-to-reorder via SortableJS. * 🧩 **Custom Dashboard Widgets** — 7 widget bawaan (cpu, ram, disk, live users, queues, activity feed, AI insight). Per-user layout tersimpan di `dashboard_widget_preferences`. Toggle show/hide + drag-to-reorder via SortableJS.
@@ -38,56 +52,6 @@ Aplikasi web manajemen bisnis berbasis **Laravel 13** dengan PostgreSQL, Redis,
--- ---
## 🛡️ Keamanan Bawaan
* **Security Headers**: `X-Content-Type-Options`, `X-Frame-Options`, `Referrer-Policy`, `Permissions-Policy`, `X-XSS-Protection`, dan `Strict-Transport-Security` (HTTPS) di-set otomatis oleh middleware global.
* **Rate Limiting**: throttle pada `/login`, `/2fa`, `/forgot-password`, `/api/v1/otp/*`, dan endpoint mobile lain. Per-IP bucket terisolasi.
* **Password Policy**: panjang min/max, charset wajib, expiry, dan **history reuse blocker** (Bcrypt 12 rounds).
* **IP Access Control**: whitelist admin, blacklist global, auto-block on burst (24 jam) dengan alert Telegram.
* **Data Integrity**: FK constraint penuh di semua tabel audit; soft-delete cascade tested.
* **Data Retention Otomatis**: 10 tabel/model memiliki kebijakan retensi — OTP & trusted device dipangkas saat expired, log AI & healing 90 hari, password history 365 hari, Telescope 48 jam. Dijalankan via `model:prune` + `telescope:prune` setiap dini hari.
---
## ⚡ Quality Gate
| Check | Status | Tool |
|---|---|---|
| Unit & feature tests | **371 / 371 ✓** | Pest 4 |
| Static analysis | **clean** | Larastan level 5 (baseline) |
| Code style | **clean** | Laravel Pint (PSR-12) |
| Dependency audit | **0 vulns** | `composer audit` |
| N+1 regression locks | **3 datatables** | Pest + Query Log |
CI menjalankan keempatnya di setiap push/PR — lihat [`.github/workflows/ci.yml`](.github/workflows/ci.yml).
```bash
./vendor/bin/sail artisan test
./vendor/bin/sail bin phpstan analyse
./vendor/bin/sail bin pint --test
./vendor/bin/sail composer audit
```
---
## 🛠️ Perintah Artisan Khusus
Sistem ini dilengkapi dengan perintah CLI tambahan untuk memudahkan administrasi:
| Perintah | Deskripsi |
|---|---|
| `php artisan system:check` | Audit kesehatan infrastruktur (DB, Redis, Storage, AI). |
| `php artisan system:optimize` | Optimasi cache & pembersihan log produksi. |
| `php artisan ai:swagger {path}` | Menghasilkan anotasi Swagger otomatis menggunakan AI. |
| `php artisan system:send-digest` | Mengirim ringkasan kesehatan sistem mingguan ke Admin. |
| `php artisan backups:verify` | Verifikasi integritas file cadangan di cloud/lokal. |
| `php artisan l5-swagger:generate` | Regenerasi dokumentasi API OpenAPI. |
| `php artisan model:prune` | Pangkas data kedaluwarsa (OTP, trusted device, AI log, password history, dll). |
| `php artisan telescope:prune --hours=48` | Hapus Telescope entries lebih dari 48 jam. |
| `php artisan dashboard:broadcast-stats` | Broadcast statistik sistem terbaru ke channel WebSocket `admin.monitoring`. Dijadwalkan tiap menit. |
---
## 🚀 Mulai Cepat (Development) ## 🚀 Mulai Cepat (Development)
### Tanpa Docker ### Tanpa Docker
@@ -152,6 +116,95 @@ Use the default credentials below to test the RBAC capabilities of the starter k
--- ---
## 🛡️ Keamanan Bawaan
* **Security Headers**: `X-Content-Type-Options`, `X-Frame-Options`, `Referrer-Policy`, `Permissions-Policy`, `X-XSS-Protection`, dan `Strict-Transport-Security` (HTTPS) di-set otomatis oleh middleware global.
* **Rate Limiting**: throttle pada `/login`, `/2fa`, `/forgot-password`, `/api/v1/otp/*`, dan endpoint mobile lain. Per-IP bucket terisolasi.
* **Password Policy**: panjang min/max, charset wajib, expiry, dan **history reuse blocker** (Bcrypt 12 rounds).
* **IP Access Control**: whitelist admin, blacklist global, auto-block on burst (24 jam) dengan alert Telegram.
* **Data Integrity**: FK constraint penuh di semua tabel audit; soft-delete cascade tested.
* **Data Retention Otomatis**: 10 tabel/model memiliki kebijakan retensi — OTP & trusted device dipangkas saat expired, log AI & healing 90 hari, password history 365 hari, Telescope 48 jam. Dijalankan via `model:prune` + `telescope:prune` setiap dini hari.
---
## ⚡ Quality Gate
| Check | Status | Tool |
|---|---|---|
| Unit & feature tests | **371 / 371 ✓** | Pest 4 |
| Static analysis | **clean** | Larastan level 5 (baseline) |
| Code style | **clean** | Laravel Pint (PSR-12) |
| Dependency audit | **0 vulns** | `composer audit` |
| N+1 regression locks | **3 datatables** | Pest + Query Log |
CI menjalankan keempatnya di setiap push/PR — lihat [`.github/workflows/ci.yml`](.github/workflows/ci.yml).
```bash
./vendor/bin/sail artisan test
./vendor/bin/sail bin phpstan analyse
./vendor/bin/sail bin pint --test
./vendor/bin/sail composer audit
```
---
## 🔌 API Endpoints Reference (v1)
All endpoints listed below are versioned and located under `/api/v1/*`. Requests requesting authorization require a header formatted as `Authorization: Bearer <your_token>`.
### Authentication & Config
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| `POST` | `/api/v1/login` | — | Exchange credentials for Bearer Token (Rate limited) |
| `POST` | `/api/v1/register` | — | Register a new user account (Rate limited) |
| `POST` | `/api/v1/forgot-password`| — | Request reset password link |
| `GET` | `/api/v1/app-config` | — | Retrieve mobile app remote configuration parameters |
| `GET` | `/api/v1/mobile/sync` | — | Sync latest configurations and updates |
| `POST` | `/api/v1/mobile/log` | — | Send mobile application logs to server (Rate limited) |
### OTP Gateway
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| `POST` | `/api/v1/otp/send` | — | Request verification OTP code via Email/WhatsApp (Rate limited) |
| `POST` | `/api/v1/otp/verify` | — | Validate the OTP code |
### Profile & Dashboard (Authenticated)
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| `GET` | `/api/v1/user` | Bearer | Fetch authenticated user data, roles, and permissions |
| `POST` | `/api/v1/logout` | Bearer | Revoke current authenticated session token |
| `POST` | `/api/v1/profile/update` | Bearer | Update user profile personal details |
| `POST` | `/api/v1/profile/avatar` | Bearer | Upload and update profile photo |
| `POST` | `/api/v1/profile/password` | Bearer | Change account login password |
| `DELETE` | `/api/v1/profile/delete` | Bearer | Self account termination/deletion |
| `GET` | `/api/v1/dashboard` | Bearer | Retrieve secure mobile dashboard analytics |
### Push Notification Registry
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| `POST` | `/api/v1/devices/register` | Bearer | Register target FCM device token |
| `DELETE`| `/api/v1/devices/unregister`| Bearer | Revoke and unregister FCM device token |
---
## 🛠️ Perintah Artisan Khusus
Sistem ini dilengkapi dengan perintah CLI tambahan untuk memudahkan administrasi:
| Perintah | Deskripsi |
|---|---|
| `php artisan system:check` | Audit kesehatan infrastruktur (DB, Redis, Storage, AI). |
| `php artisan system:optimize` | Optimasi cache & pembersihan log produksi. |
| `php artisan ai:swagger {path}` | Menghasilkan anotasi Swagger otomatis menggunakan AI. |
| `php artisan system:send-digest` | Mengirim ringkasan kesehatan sistem mingguan ke Admin. |
| `php artisan backups:verify` | Verifikasi integritas file cadangan di cloud/lokal. |
| `php artisan l5-swagger:generate` | Regenerasi dokumentasi API OpenAPI. |
| `php artisan model:prune` | Pangkas data kedaluwarsa (OTP, trusted device, AI log, password history, dll). |
| `php artisan telescope:prune --hours=48` | Hapus Telescope entries lebih dari 48 jam. |
| `php artisan dashboard:broadcast-stats` | Broadcast statistik sistem terbaru ke channel WebSocket `admin.monitoring`. Dijadwalkan tiap menit. |
---
## 📖 Dokumentasi ## 📖 Dokumentasi
| Dokumen | Untuk Siapa | Isi | | Dokumen | Untuk Siapa | Isi |