# EntryBot — Laravel 11 Backend

Backend API for the EntryBot React frontend in `F:\UI\src`. Wired to MySQL database `entry-bot` on local XAMPP.

## Setup

1. `.env` already configured to use `entry-bot` on `127.0.0.1:3306` (root, no password).
2. Run migrations: `php artisan migrate:fresh`
3. Link storage: `php artisan storage:link`
4. Serve: `php artisan serve --host=127.0.0.1 --port=8000`

Then in the frontend, edit `src/config/index.ts`:

```ts
export const BASE_URL = 'http://127.0.0.1:8000/';
```

## Auth

- Login issues a Sanctum personal access token + a custom refresh token.
- Refresh at `POST /api/user/refresh-token` with `{ refreshToken }`.
- All API responses follow `{ status: "success" | "error", message, data }`.
- Pagination payloads follow `{ items, pagination: { currentPage, totalPages, totalRecords, pageSize } }`.

## Endpoints (match frontend verbatim)

**Auth (public):**
`POST /api/user/register`, `POST /api/user/login`, `POST /api/user/verify/{token}`,
`POST /api/user/password/forget?email=&redirectURL=`, `POST /api/user/password/reset`,
`POST /api/user/refresh-token`.

**Auth (protected):** `GET /api/user/me`, `POST /api/user/logout`.

**Users:** `GET/PUT /api/users/{userId}`, `POST/DELETE /api/users/{userId}/profile-picture`, `GET /api/users/{userId}/activity`.

**Businesses:** `GET /api/business/list`, `POST /api/business/create`, `GET/PUT /api/business/{id}`.

**Documents** (registered under both `Documents` and `documents` casings):
- `POST /api/documents/create` (multipart upload — fields: `businessId`, `documentType`, `file`)
- `GET /api/Documents/{businessId}/{docType}/list?page&pageSize&status&sortColumn&sortOrder`
- `GET /api/Documents/{businessId}/DeletedDocs?sortColumn&sortOrder`
- `GET /api/Documents/Documentlist?page&pageSize&status&sortColumn&sortOrder` (internal queue)
- `GET /api/Documents/exportDocument?doc={id}` (file download)
- `GET /api/Documents/GetImage?url=` (file proxy)
- `GET /api/Documents/getDocumentHistory?doc={id}`
- `GET /api/Documents/getDocumnetsByContact?contactId={id}`
- `PUT /api/Documents/exported` (body: array of ids)
- `PUT /api/Documents/save/{id}` (data entry save)
- `PUT /api/Documents/reAssign/{id}?status=`
- `PUT /api/Documents/attachDoc/{id}` (multipart file)
- `PUT /api/documents/reclassify` (body: array of `{id, documentType}`)
- `PUT /api/Documents/{status}/{id}` (dynamic status update)
- `DELETE /api/Documents/deleteDocuments` (body: array of ids)
- `GET/DELETE /api/Documents/{id}`

**Settings (per business):**
- Contacts: `GET/POST /api/contacts/{businessId}`, `PUT/DELETE /api/contacts/{businessId}/{id}`
  - `GET /api/contacts/{businessId}?isSupplier=true|false` filters
  - `GET /api/contacts/{contactId}` also works for single contact lookup
- Chart of accounts: same shape under `/api/chartofaccounts/{businessId}`
- Payment methods: `/api/paymentmethods/{businessId}`
- VAT/GST: `/api/vatgst/{businessId}`

**Billing:**
- `GET /api/billing/{businessId}`, `/history`, `/usage`
- `GET /api/subscription/{businessId}`

## Database tables created

`users`, `password_reset_tokens`, `sessions`, `personal_access_tokens`, `refresh_tokens`,
`businesses`, `subscriptions`, `contacts`, `chart_of_accounts`, `payment_methods`,
`vat_gst_rates`, `documents`, `document_data`, `document_history`, `document_exceptions`,
`user_activities`, `billing_history`, `quickbooks_integrations`, `export_errors`.

## Frontend integration

The React app's `RequestProvider.ts` already attaches `Authorization: Bearer <token>` to every request and refreshes via `POST /api/user/refresh-token`. Just switch `BASE_URL` and login should round-trip.

## Smoke test

```bash
# Register
curl -X POST http://127.0.0.1:8000/api/user/register \
  -H "Content-Type: application/json" \
  -d '{"fullName":"X","email":"x@y.com","password":"Passw0rd!","confirmPassword":"Passw0rd!"}'

# Login (returns access_token.token + refreshToken.token)
curl -X POST http://127.0.0.1:8000/api/user/login \
  -H "Content-Type: application/json" \
  -d '{"email":"x@y.com","password":"Passw0rd!"}'

# Create business (replace TOKEN)
curl -X POST http://127.0.0.1:8000/api/business/create \
  -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" \
  -d '{"businessName":"Acme Ltd","businessType":"LLC","isOrganization":true}'
```
