admin/freealberta
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
freealberta/influence/files-explainer.md

333 lines
15 KiB
Markdown
Raw Blame History

# BNKops Influence Campaign Tool - File Structure Explanation
This document explains the purpose and functionality of each file in the BNKops Influence Campaign Tool.
## Authentication System
The application includes a complete authentication system for admin panel access, following the same patterns used in the map application. Authentication is implemented using NocoDB as the user database and express-session for session management.
## Root Directory Files
### Configuration Files
- **`.env`** - Environment variables (database URLs, SMTP config, API keys, email testing config)
- **`.env.development`** - Development environment configuration with MailHog SMTP settings
- **`.env.example`** - Template for environment configuration
- **`docker-compose.yml`** - Docker container orchestration with MailHog for email testing
- **`Dockerfile`** - Container definition for the Node.js application
- **`package.json`** - Node.js dependencies and scripts
- **`package-lock.json`** - Locked dependency versions for reproducible builds
### Documentation
- **`README.MD`** - Main project documentation with setup and usage instructions
- **`files-explainer.md`** - This file, explaining the project structure
- **`instruct.md`** - Implementation instructions and development notes
## Application Structure (`app/`)
### Entry Point
- **`server.js`** - Express.js application entry point, middleware setup, route mounting
### Controllers (`app/controllers/`)
Business logic layer that handles HTTP requests and responses:
- **`authController.js`** - Authentication controller for admin login/logout
- `login()` - Handles admin login with email/password validation
- `logout()` - Destroys user session and logs out
- `checkSession()` - Verifies current authentication status
- Integrates with NocoDB users table for credential verification
- Updates last login timestamps and manages session state
- **`representatives.js`** - Core functionality for postal code lookups
- `getByPostalCode()` - Main endpoint for finding representatives
- `refreshPostalCode()` - Force refresh of cached data
- `testConnection()` - Health check for Represent API
- Handles caching logic and fallback to API when cache fails
- **`emails.js`** - Email composition and sending functionality
- `sendEmail()` - Process and send emails to representatives with test mode support
- `previewEmail()` - Generate email preview without sending for testing purposes
- `sendTestEmail()` - Send test emails to configured test recipient
- `getEmailLogs()` - Retrieve email history with filtering and pagination
- `testSMTPConnection()` - Test SMTP server connectivity for diagnostics
- Integrates with SMTP service and logs to database with test mode tracking
### Routes (`app/routes/`)
API endpoint definitions and request validation:
- **`auth.js`** - Authentication API routes
- POST `/api/auth/login` - Admin login endpoint
- POST `/api/auth/logout` - Admin logout endpoint
- GET `/api/auth/session` - Session verification endpoint
- Handles authentication requests with proper validation and error handling
- **`api.js`** - Main API routes with validation middleware
- Representatives endpoints with postal code validation
- Email endpoints with input sanitization and test mode support
- Email testing endpoints: `/api/emails/preview`, `/api/emails/test`, `/api/emails/logs`
- SMTP testing endpoint: `/api/test-smtp` for connection diagnostics
- Health check and testing endpoints
- Rate limiting and error handling middleware
### Services (`app/services/`)
External system integrations and data access layer:
- **`nocodb.js`** - NocoDB database integration
- User management methods: `getUserByEmail()`, `createUser()`, `updateUser()`, `getAllUsers()`
/* Lines 76-80 omitted */
- Caching logic with automatic retry mechanisms
- **`represent-api.js`** - Represent OpenNorth API integration
- Postal code lookup against Canadian electoral data
/* Lines 84-86 omitted */
- Support for both concordance and centroid representative data
- **`emailTemplates.js`** - Email template service for managing HTML/text email templates
- Template loading and caching system with support for conditional blocks
- Variable replacement and template processing for dynamic content
- Template rendering for both HTML and text formats with fallback support
- Available templates: representative-contact, campaign-email, test-email
- **`email.js`** - SMTP email service with comprehensive testing support
- Template-based email composition using emailTemplates service
- Legacy sendEmail method for backward compatibility
- New templated methods: sendRepresentativeEmail(), sendCampaignEmail(), sendTestEmail()
- Email preview functionality with template support
- SMTP connection testing for diagnostics and troubleshooting
### Utilities (`app/utils/`)
Helper functions and shared utilities:
- **`validation.js`** - Input validation and sanitization
- Postal code format validation (Alberta T-prefix)
- Email address validation
- HTML content sanitization for security
- **`rate-limiter.js`** - API rate limiting configuration
- Different limits for various endpoint types
- IP-based rate limiting with sliding windows
- Configurable limits via environment variables
### Middleware (`app/middleware/`)
Express.js middleware functions:
- **`auth.js`** - Authentication middleware for protecting routes
- `requireAuth()` - Ensures user is logged in
- `requireAdmin()` - Ensures user is logged in and has admin privileges
- Redirects unauthenticated requests to login page
- Sets up `req.user` object for authenticated requests
- Standardized error response formatting
- Error logging and classification
- Production vs development error detail levels
### Email Templates (`app/templates/email/`)
Professional HTML and text email templates with variable substitution:
- **`representative-contact.html/.txt`** - Template for direct constituent communications
- Variables: MESSAGE, SENDER_NAME, SENDER_EMAIL, POSTAL_CODE, APP_NAME, TIMESTAMP
- Professional styling with constituent information display and platform branding
- **`campaign-email.html/.txt`** - Template for organized campaign emails
- Variables: MESSAGE, USER_NAME, USER_EMAIL, POSTAL_CODE, CAMPAIGN_TITLE, RECIPIENT_NAME, RECIPIENT_LEVEL
- Campaign-specific styling with participant information and campaign branding
- Conditional recipient information display
- **`test-email.html/.txt`** - Template for email system testing
- Variables: MESSAGE, APP_NAME, TIMESTAMP
- Warning styling and test indicators for system verification emails
### Frontend Assets (`app/public/`)
#### HTML
- **`index.html`** - Main application interface
- **`login.html`** - Admin login page
- Clean, professional login interface for admin access
- Email/password form with client-side validation
- Integration with authentication API
- Automatic redirect to admin panel on successful login
- Session persistence and auto-login detection
- **`admin.html`** - Campaign management admin panel (protected)
- Requires admin authentication to access
- Includes authentication checks and user info display
- Logout functionality integrated into interface
- Postal code input form with validation
- Representatives display sections
- Email composition modal
- Responsive design with accessibility features
- **`email-test.html`** - Comprehensive email testing interface (admin-only)
- Protected admin interface for email testing and diagnostics
- Quick test email functionality with one-click testing
- Email preview system to see emails before sending
- Email composition form with real-time preview
- Email logs viewer with filtering by test/live mode
- SMTP connection testing and diagnostics
- Current configuration display showing test mode status
- Real-time feedback and error handling for all operations
#### Stylesheets (`app/public/css/`)
- **`styles.css`** - Complete application styling
- Responsive grid layouts for representative cards
- Photo display with fallback styling
- Modal and form styling
- Mobile-first responsive design
- Loading states and error message styling
#### JavaScript (`app/public/js/`)
- **`main.js`** - Application initialization and utilities
- Global error handling and message display system
- Utility functions (postal code formatting, sanitization)
- Mobile detection and responsive behavior
- **`api-client.js`** - Frontend API communication
- HTTP client with error handling
- API endpoint wrappers for all backend services
- Request/response processing and error propagation
- **`postal-lookup.js`** - Postal code search functionality
- Form handling and input validation
- API integration for representative lookup
- Loading states and error display
- Results processing and display coordination
- **`representatives-display.js`** - Representative data presentation
- Dynamic HTML generation for representative cards
- Photo display with fallback to initials
- Government level categorization and sorting
- Contact information formatting and display
- **`auth.js`** - Client-side authentication management
- `AuthManager` class for handling login/logout operations
- Session state management and persistence
- UI updates based on authentication status
- Auto-redirect for protected pages requiring authentication
- Integration with login forms and logout buttons
- **`email-composer.js`** - Email composition interface
- Modal-based email composition form
- Pre-population of recipient data
- Form validation and submission handling
- Success/error feedback to users
- **`email-testing.js`** - Comprehensive email testing interface management
- `EmailTesting` class managing all testing functionality
- Quick test email sending with default content
- SMTP connection testing and diagnostics
- Email preview generation with real-time rendering
- Test email sending with form validation
- Email logs management with filtering and pagination
- Configuration status display and management
- Real-time UI updates and error handling
- Integration with authentication system for admin protection
## Scripts Directory (`scripts/`)
- **`build-nocodb.sh`** - Database setup automation
- Now includes users table creation for authentication system
- Creates influence_users table with email, name, password, admin flag, and last_login fields
- Updates .env file with NOCODB_TABLE_USERS configuration
- Creates NocoDB base and tables using v2 API
- Configures table schemas for representatives, emails, postal codes
- Handles authentication and error recovery
- Updates environment with new base ID
## Data Flow Architecture
### Request Processing Flow
1. **User Input** → Postal code entered in frontend form
2. **Validation** → Client-side and server-side validation
3. **Cache Check** → NocoDB queried for existing data
4. **API Fallback** → Represent API called if cache miss or NocoDB down
5. **Data Processing** → Representative data normalized and processed
6. **Caching** → Results stored in NocoDB for future requests
7. **Response** → Formatted data returned to frontend
8. **Display** → Representatives rendered with photos and contact info
### Email Flow
1. **Composition** → User fills email form in modal
2. **Validation** → Input sanitization and validation
3. **Processing** → Email formatted and prepared for sending
4. **SMTP Delivery** → Email sent via configured SMTP service
5. **Logging** → Email attempt logged to database
6. **Confirmation** → User notified of success/failure
### Error Handling Strategy
- **Graceful Degradation** → App works even if NocoDB is down
- **User Feedback** → Clear error messages and recovery suggestions
- **Logging** → Comprehensive error logging for debugging
- **Fallbacks** → Multiple data sources and retry mechanisms
## Key Integration Points
### Authentication System
- **Admin Login** → Email/password authentication for admin panel access
- **Session Management** → Express-session with secure cookie configuration
- **Route Protection** → Middleware-based protection for admin endpoints and pages
- **User Management** → NocoDB-based user storage with admin role support
- **Security** → Password validation, session expiration, and automatic logout
### NocoDB Integration
- **Authentication** → Token-based API authentication
- **User Storage** → Users table with email, password, admin flag, and login tracking
- **Table Management** → Dynamic table ID resolution
- **Error Recovery** → Automatic fallback to API when database unavailable
- **Performance** → Efficient caching with intelligent cache invalidation
### Represent API Integration
- **Data Sources** → Both concordance and centroid representative data
- **Rate Limiting** → Respectful API usage with built-in rate limiting
- **Error Handling** → Robust error handling with user-friendly messages
- **Data Processing** → Normalization of API responses for consistent display
### SMTP Integration
- **Security** → Secure authentication and encrypted connections
- **Reliability** → Error handling and delivery confirmation
- **Logging** → Complete audit trail of email activity with test mode tracking
- **Configuration** → Flexible SMTP provider support with development/production modes
- **Testing** → Comprehensive test mode with email redirection and preview capabilities
### Email Testing System
- **Test Mode** → Automatic email redirection to configured test recipient
- **Preview System** → Generate email previews without sending for content review
- **SMTP Diagnostics** → Connection testing and troubleshooting tools
- **Email Logging** → Complete audit trail with test/live mode classification
- **Development Tools** → MailHog integration for local email catching and review
- **Admin Interface** → Dedicated testing interface accessible only to authenticated admins
### Docker Configuration
- **Production Mode** → Standard application container with external SMTP
- **Development Mode** → Application + MailHog containers for local email testing
- **Profile-based Deployment** → MailHog only runs in development profile
- **Email Catching** → All development emails caught by MailHog web interface at port 8025
- **Environment Flexibility** → Easy switching between development and production SMTP settings
## Development Patterns
### Error Handling
- All async operations wrapped in try-catch blocks
- Consistent error response formatting across APIs
- User-friendly error messages with technical details logged
- Graceful degradation when external services unavailable
### Data Validation
- Input validation at both client and server levels
- Sanitization to prevent XSS and injection attacks
- Type checking and format validation throughout
- Clear validation error messages for users
### Performance Optimization
- Smart caching with configurable TTL
- Lazy loading of images and non-critical resources
- Efficient database queries with minimal data transfer
- Client-side debouncing for user inputs
### Security Measures
- **Authentication Protection** → Admin panel and API endpoints protected by login
- **Session Security** → HttpOnly cookies, secure session configuration, automatic expiration
- Rate limiting to prevent abuse
- Input sanitization and validation
- Secure SMTP configuration
- Environment variable protection of sensitive data
This architecture provides a robust, scalable, and maintainable solution for connecting Alberta residents with their elected representatives.
Reference in New Issue View Git Blame Copy Permalink