Initial-implementation

2025-08-20 13:20:19 +01:00
commit df71a80eb9
69 changed files with 4550 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,194 @@
+# LittleShop API
+
+A basic online sales system backend built with ASP.NET Core 9.0, featuring multi-cryptocurrency payment support via BTCPay Server.
+
+## Features
+
+### Admin Panel
+- **Authentication**: JWT-based authentication for admin users
+- **Categories**: Full CRUD operations for product categories
+- **Products**: Complete product management with image upload support
+- **Users**: Staff user management (username/password only)
+- **Orders**: Order management with status tracking
+- **Accounting**: Dashboard and financial overview
+
+### Public API
+- **Catalog**: Public product and category browsing
+- **Orders**: Order creation and management by client identity reference
+- **Payments**: Multi-cryptocurrency payment processing
+- **Tracking**: Order status and tracking
+
+### Cryptocurrency Support
+- **BTC** (Bitcoin) + Lightning Network
+- **XMR** (Monero) - Privacy coin
+- **USDT** (Tether) - Stablecoin
+- **LTC** (Litecoin)
+- **ETH** (Ethereum)
+- **ZEC** (Zcash) - Privacy coin
+- **DASH** (Dash)
+- **DOGE** (Dogecoin)
+
+## Getting Started
+
+### Prerequisites
+- .NET 9.0 SDK
+- SQLite (included)
+- BTCPay Server instance (for production)
+
+### Configuration
+
+Update `appsettings.json` with your settings:
+
+```json
+{
+  "ConnectionStrings": {
+    "DefaultConnection": "Data Source=littleshop.db"
+  },
+  "Jwt": {
+    "Key": "YourSuperSecretKeyThatIsAtLeast32CharactersLong!",
+    "Issuer": "LittleShop",
+    "Audience": "LittleShop",
+    "ExpiryInHours": 24
+  },
+  "BTCPayServer": {
+    "BaseUrl": "https://your-btcpay-server.com",
+    "ApiKey": "your-api-key",
+    "StoreId": "your-store-id",
+    "WebhookSecret": "your-webhook-secret"
+  }
+}
+```
+
+### Running the Application
+
+1. **Clone and build**:
+   ```bash
+   dotnet restore
+   dotnet build
+   ```
+
+2. **Run**:
+   ```bash
+   dotnet run
+   ```
+
+3. **Access**:
+   - API: `https://localhost:5001`
+   - Swagger UI: `https://localhost:5001/swagger`
+
+### Default Admin User
+- **Username**: `admin`
+- **Password**: `admin`
+
+## API Endpoints
+
+### Authentication
+- `POST /api/auth/login` - Login (get JWT token)
+- `GET /api/auth/users` - List users (admin)
+- `POST /api/auth/users` - Create user (admin)
+
+### Categories
+- `GET /api/categories` - List categories
+- `POST /api/categories` - Create category (admin)
+- `PUT /api/categories/{id}` - Update category (admin)
+- `DELETE /api/categories/{id}` - Delete category (admin)
+
+### Products
+- `GET /api/products` - List products
+- `GET /api/products?categoryId={id}` - Products by category
+- `POST /api/products` - Create product (admin)
+- `POST /api/products/{id}/photos` - Upload product photo (admin)
+
+### Public Catalog
+- `GET /api/catalog/categories` - Public category list
+- `GET /api/catalog/products` - Public product list
+
+### Orders
+- `POST /api/orders` - Create order
+- `GET /api/orders/by-identity/{identity}` - Get orders by identity
+- `POST /api/orders/{id}/payments` - Create crypto payment
+- `GET /api/orders/{id}/payments` - Get order payments
+- `POST /api/orders/{id}/cancel` - Cancel order
+
+### Admin Order Management
+- `GET /api/orders` - List all orders (admin)
+- `PUT /api/orders/{id}/status` - Update order status (admin)
+
+## Product Weight Units
+
+- `Unit` (0) - Generic unit
+- `Micrograms` (1)
+- `Grams` (2)
+- `Ounces` (3)
+- `Pounds` (4)
+- `Millilitres` (5)
+- `Litres` (6)
+
+## Order Statuses
+
+- `PendingPayment` (0) - Awaiting payment
+- `PaymentReceived` (1) - Payment confirmed
+- `Processing` (2) - Being processed
+- `PickingAndPacking` (3) - Preparing for shipment
+- `Shipped` (4) - Shipped with tracking
+- `Delivered` (5) - Delivered
+- `Cancelled` (6) - Cancelled
+- `Refunded` (7) - Refunded
+
+## Payment Workflow
+
+1. Customer creates order via API
+2. Order receives unique ID and pending status
+3. Customer requests payment in preferred cryptocurrency
+4. System generates unique wallet address and amount
+5. Customer sends payment to provided address
+6. BTCPay Server detects payment and triggers webhook
+7. Order status updates to PaymentReceived
+8. Admin processes order through picking & packing
+9. Shipping label generated via Royal Mail API
+10. Customer receives tracking information
+
+## Security Features
+
+- JWT authentication for admin endpoints
+- Password hashing with PBKDF2
+- No customer personal data stored (identity reference only)
+- Self-hosted payment processing (no third-party data sharing)
+- CORS configuration for web clients
+
+## Logging
+
+- Structured logging with Serilog
+- Console and file output
+- Request/response logging
+- Payment processing audit trail
+
+## Development
+
+The API is built with:
+- **ASP.NET Core 9.0** - Web framework
+- **Entity Framework Core** - Database ORM
+- **SQLite** - Database
+- **JWT** - Authentication
+- **AutoMapper** - Object mapping
+- **FluentValidation** - Input validation
+- **Serilog** - Logging
+- **Swagger** - API documentation
+- **BTCPay Server Client** - Crypto payments
+
+## Privacy & Compliance
+
+- No KYC requirements
+- No customer personal data retention
+- Privacy-focused cryptocurrencies supported (XMR, ZEC)
+- Self-hosted payment processing
+- GDPR-friendly design (minimal data collection)
+
+## Future Enhancements
+
+- Royal Mail API integration for shipping
+- Email notifications
+- Inventory management
+- Multi-currency pricing
+- Advanced reporting
+- Order export functionality