45 lines
4.3 KiB
Markdown
45 lines
4.3 KiB
Markdown
# NexusArchitect - User Management Implementation Backlog
|
|
|
|
**Project:** AI-Powered E-book Reader SaaS
|
|
**Architecture:** .NET 10, Blazor Hybrid, MAUI, ASP.NET Core Identity
|
|
**Primary Goal:** Implement a secure, scalable authentication and authorization system with SaaS-specific features (AI token limits, subscription tiers).
|
|
|
|
---
|
|
|
|
## Phase 0: Backend Foundations (ASP.NET Core & EF Core)
|
|
|
|
| ID | Task Title | Description & Acceptance Criteria | Tech Stack |
|
|
|:---|:---|:---|:---|
|
|
| **BACK-1** | Define Extended `NexusUser` Model | **Description:** Create a `NexusUser` class inheriting from `IdentityUser`. Add custom properties for SaaS logic.<br>**AC:**<br>- [ ] Properties added: `AITokenLimit` (int), `AITokensUsed` (int), `TenantId` (Guid), `CurrentPlan` (string).<br>- [ ] Model placed in `NexusArchitect.Core` project. | C# / Identity |
|
|
| **BACK-2** | Configure `ApplicationDbContext` for Identity | **Description:** Set up the DB context to inherit from `IdentityDbContext<NexusUser>`.<br>**AC:**<br>- [ ] Mapped standard Identity tables (Users, Roles, Claims).<br>- [ ] Configured 1-to-Many relationship between `NexusUser` and `Ebooks`. | EF Core |
|
|
| **BACK-3** | Database Schema Migration | **Description:** Generate and apply the initial migration for Identity tables.<br>**AC:**<br>- [ ] SQL schema contains all 7+ standard Identity tables.<br>- [ ] Custom `NexusUser` fields are correctly reflected in the `AspNetUsers` table. | EF Core CLI |
|
|
| **BACK-4** | Implement Identity API Endpoints | **Description:** Enable native .NET Identity API endpoints in `Program.cs`.<br>**AC:**<br>- [ ] Endpoints `/register`, `/login`, and `/refresh` are active.<br>- [ ] Verified functionality via Swagger/OpenAPI. | ASP.NET Core |
|
|
|
|
---
|
|
|
|
## Phase 1: Authentication & Authorization (UI & Logic)
|
|
|
|
| ID | Task Title | Description & Acceptance Criteria | Tech Stack |
|
|
|:---|:---|:---|:---|
|
|
| **BACK-5** | Define Authorization Policies | **Description:** Implement Roles and Claims-based authorization (Free vs. Pro).<br>**AC:**<br>- [ ] Created a `ProUser` policy.<br>- [ ] Implemented a custom `Requirement` to check if `AITokensUsed < AITokenLimit`. | ASP.NET Core |
|
|
| **UI-1** | Implement Login Page (Blazor) | **Description:** Build the Login UI based on the Dark Mode mockup.<br>**AC:**<br>- [ ] Theme: Dark mode with neon green accents.<br>- [ ] Components: Email/Password fields, "Remember Me" toggle, "Login" button.<br>- [ ] Integrates with `AuthenticationStateProvider`. | Blazor / CSS |
|
|
| **UI-2** | Google OAuth2 Integration | **Description:** Configure external login provider (Google) in the backend and UI.<br>**AC:**<br>- [ ] Users can sign in via Google button.<br>- [ ] New users are automatically provisioned in the database upon successful OAuth. | OAuth / Google Cloud |
|
|
| **UI-3** | Implement Registration Flow | **Description:** Create a registration form calling the `/register` endpoint.<br>**AC:**<br>- [ ] Validation: Email format, password complexity (min 8 chars, uppercase, digit).<br>- [ ] Proper error handling for existing users. | Blazor |
|
|
|
|
---
|
|
|
|
## Phase 2: User Management & SaaS Scaling (Profile & Mobile)
|
|
|
|
| ID | Task Title | Description & Acceptance Criteria | Tech Stack |
|
|
|:---|:---|:---|:---|
|
|
| **UI-4** | User Profile & Dashboard | **Description:** Build the User Profile UI focusing on "Active Learning" metrics.<br>**AC:**<br>- [ ] Displays: Token usage bar (Used/Limit), average quiz score, and last read book.<br>- [ ] Links to subscription management. | Blazor |
|
|
| **MAUI-1** | Mobile Auth Integration (Blazor Hybrid) | **Description:** Ensure the authentication state is shared and persists in the MAUI container.<br>**AC:**<br>- [ ] Securely store JWT tokens in `SecureStorage`.<br>- [ ] Automatic login on app launch if token is valid. | MAUI / Blazor Hybrid |
|
|
| **INTEG-1** | Stripe Subscription Webhooks | **Description:** Sync Identity Claims with Stripe subscription status.<br>**AC:**<br>- [ ] Webhook updates `AITokenLimit` when a "Pro" plan is purchased.<br>- [ ] User is downgraded back to "Free" limit upon cancellation. | Stripe SDK / .NET |
|
|
|
|
---
|
|
|
|
## Definition of Done (DoD)
|
|
- All code follows the **NexusArchitect** architectural guidelines.
|
|
- Unit tests cover core Identity logic (e.g., token limit validation).
|
|
- UI is responsive and consistent with the provided Dark Mode design.
|
|
- Documentation updated with setup instructions for new developers. |