# Copilot Instructions for Ospabhost ## Architecture Overview - **Monorepo**: Backend (Express + TypeScript + Prisma) and Frontend (React + Vite + TypeScript). - **Backend Entry**: `ospabhost/backend/src/index.ts` - Express server with CORS, rate limiting, WebSocket, and module routes (`/api/*`). - **Modules**: Organized in `ospabhost/backend/src/modules/*` (auth, storage, ticket, blog, etc.), each exporting routes and services. - **Database**: MySQL via Prisma (`ospabhost/backend/prisma/schema.prisma`), models like User, StorageBucket, Ticket with string statuses (`pending`, `approved`, `active`). - **Frontend Dashboard**: `ospabhost/frontend/src/pages/dashboard/mainpage.tsx` - dynamic sidebar tabs based on user roles (`operator`, `isAdmin`). ## Key Patterns & Conventions - **API Routes**: All backend routes prefixed with `/api/`, authenticated via JWT in localStorage. - **Status Fields**: Use string enums (e.g., Check: `pending`/`approved`/`rejected`; Ticket: `open`/`in_progress`/`resolved`). - **MinIO Integration**: S3-compatible storage via MinIO SDK, configs from `.env`, buckets per user with quotas. - **Localization**: ru/en support via `useTranslation` hook, URLs like `/en/dashboard`. - **WebSocket**: Real-time updates via `/ws`, initialized in `ospabhost/backend/src/websocket/server.ts`. - **Security**: Rate limiting (1000 req/15min global, 10 req/15min auth), CORS from `PUBLIC_APP_ORIGIN`, helmet middleware. - **Static Files**: Check uploads in `ospabhost/backend/uploads/checks`, served at `/uploads/checks`. - **Notifications**: Email/push via `web-push`, templates in `ospabhost/backend/src/modules/notification/email.service.ts`. ## Development Workflows - **Backend**: `npm run dev` (ts-node-dev hot-reload), `npm run build` (TypeScript), PM2 for production (`npm run pm2:start`). - **Frontend**: `npm run dev` (Vite), `npm run build`, `npm run preview`. - **Database**: Prisma migrations in `ospabhost/backend/prisma/migrations/`, seed scripts for plans/promocodes. - **OAuth**: Google/GitHub/VK/Yandex via Passport.js, configs in `ospabhost/backend/src/modules/auth/passport.config.ts`. - **Blog**: Rich text via Quill, statuses `draft`/`published`/`archived`. ## Integration Points - **Frontend ↔ Backend**: Axios API client, JWT auth, WebSocket for real-time. - **MinIO**: All S3 ops through `storage.service.ts`, console credentials generated weekly. - **Push Notifications**: Web Push API, subscriptions in PushSubscription model. - **QR Auth**: Temporary codes (60s TTL), statuses `pending`/`confirmed`/`expired`. ## Examples - Add new module: Create `ospabhost/backend/src/modules/newmodule/` with `routes.ts` and `service.ts`, import in `index.ts`. - Update user data: Dispatch `userDataUpdate` event to refresh dashboard. - Storage bucket: Create via `StorageBucket` model, link to `StoragePlan` for pricing. Reference: `ospabhost/backend/src/index.ts`, `ospabhost/backend/prisma/schema.prisma`, `ospabhost/frontend/src/pages/dashboard/mainpage.tsx`.