Password Policy/App rename/PM Scheduling Improvements
This commit is contained in:
26
README.md
26
README.md
@@ -1,6 +1,6 @@
|
||||
# MixedAssets
|
||||
# DepreCore
|
||||
|
||||
MixedAssets is a fixed asset management and depreciation SPA for small and mid-sized organizations. This build includes an Express API, Vue/Vuetify frontend, SQLite persistence, role-aware login, asset register, templates, JSON tax-rule sets, depreciation reports, import/export, and admin configuration.
|
||||
DepreCore is a fixed asset management and depreciation SPA for small and mid-sized organizations. This build includes an Express API, Vue/Vuetify frontend, SQLite persistence, role-aware login, asset register, templates, JSON tax-rule sets, depreciation reports, import/export, and admin configuration.
|
||||
|
||||
Each asset carries six independent books (GAAP, Federal, State, AMT, ACE, User-defined), each with its own cost, depreciation method, useful life, §179 amount, bonus percentage, and convention. The asset workbench also includes a File Cabinet (invoices, photos, manuals), warranty/service-agreement tracking, a per-asset task list, and a running notes timeline.
|
||||
|
||||
@@ -32,7 +32,7 @@ Open `http://localhost:5173`.
|
||||
Default seeded login:
|
||||
|
||||
```text
|
||||
admin@mixedassets.local
|
||||
admin@deprecore.local
|
||||
ChangeMe123!
|
||||
```
|
||||
|
||||
@@ -51,13 +51,13 @@ Environment variables are shown in `.env.example`. The app also stores editable
|
||||
|
||||
| Variable | Default | Purpose |
|
||||
| --- | --- | --- |
|
||||
| `MIXEDASSETS_PORT` (or `PORT`) | `3000` | API/server port |
|
||||
| `MIXEDASSETS_DATA_DIR` | `./data` | Data directory |
|
||||
| `MIXEDASSETS_DB_PATH` | `./data/mixedassets.sqlite` | SQLite database file |
|
||||
| `MIXEDASSETS_SERVER_FQDN` | `localhost` | Server FQDN (also editable in Admin) |
|
||||
| `MIXEDASSETS_CORS_ORIGINS` | `http://localhost:5173,...` | Allowed CORS origins (comma-separated) |
|
||||
| `MIXEDASSETS_JWT_SECRET` | dev fallback | JWT signing secret — set a long random value in production |
|
||||
| `MIXEDASSETS_ADMIN_PASSWORD` | `ChangeMe123!` | Password for the seeded admin user |
|
||||
| `DEPRECORE_PORT` (or `PORT`) | `3000` | API/server port |
|
||||
| `DEPRECORE_DATA_DIR` | `./data` | Data directory |
|
||||
| `DEPRECORE_DB_PATH` | `./data/deprecore.sqlite` | SQLite database file |
|
||||
| `DEPRECORE_SERVER_FQDN` | `localhost` | Server FQDN (also editable in Admin) |
|
||||
| `DEPRECORE_CORS_ORIGINS` | `http://localhost:5173,...` | Allowed CORS origins (comma-separated) |
|
||||
| `DEPRECORE_JWT_SECRET` | dev fallback | JWT signing secret — set a long random value in production |
|
||||
| `DEPRECORE_ADMIN_PASSWORD` | `ChangeMe123!` | Password for the seeded admin user |
|
||||
|
||||
---
|
||||
|
||||
@@ -79,7 +79,7 @@ Tokens expire after 12 hours. The only routes that do **not** require a token ar
|
||||
# Login
|
||||
curl -s http://localhost:3000/api/auth/login \
|
||||
-H 'Content-Type: application/json' \
|
||||
-d '{"email":"admin@mixedassets.local","password":"ChangeMe123!"}'
|
||||
-d '{"email":"admin@deprecore.local","password":"ChangeMe123!"}'
|
||||
# => { "token": "<jwt>", "user": { "id":1, "name":"...", "role":"admin", ... } }
|
||||
```
|
||||
|
||||
@@ -307,7 +307,7 @@ Movement `type` is `receive` (add on-hand), `issue` (consume), `adjust` (set on-
|
||||
|
||||
Alert types: `maintenance_overdue`, `maintenance_due`, `warranty_expired`, `warranty_expiring`, `lease_expiring`, `pm_due`, `pm_overdue`. Severity is `critical` (overdue/expired or within 7 days) or `warning`. The server also runs the scan-and-notify cycle ~twice daily; it's a no-op unless something is configured.
|
||||
|
||||
**Webhook delivery.** When `webhook_enabled` is true and `webhook_url` is set, each newly raised alert is delivered as its own JSON `POST` (one request per alert) on the alert cycle — independently of, or alongside, email. An alert is marked notified once any channel handles it, so it is delivered at most once. If `webhook_secret` is set, the raw request body is signed with HMAC-SHA256 and sent in the `X-MixedAssets-Signature: sha256=<hex>` header so the receiver can verify authenticity. Per-alert payload:
|
||||
**Webhook delivery.** When `webhook_enabled` is true and `webhook_url` is set, each newly raised alert is delivered as its own JSON `POST` (one request per alert) on the alert cycle — independently of, or alongside, email. An alert is marked notified once any channel handles it, so it is delivered at most once. If `webhook_secret` is set, the raw request body is signed with HMAC-SHA256 and sent in the `X-DepreCore-Signature: sha256=<hex>` header so the receiver can verify authenticity. Per-alert payload:
|
||||
|
||||
```json
|
||||
{
|
||||
@@ -369,7 +369,7 @@ Each **book** (GAAP, Federal, …) has a `tax_rule_set_id`. When the engine depr
|
||||
|
||||
```jsonc
|
||||
{
|
||||
"schema": "mixedassets.taxRuleSet.v1", // optional label
|
||||
"schema": "deprecore.taxRuleSet.v1", // optional label
|
||||
"jurisdiction": "US-FED", // unique key with version
|
||||
"name": "Federal 68-method depreciation catalog",
|
||||
"version": "2026.2", // unique per jurisdiction
|
||||
|
||||
Reference in New Issue
Block a user