Skip to content

alifhmiysf/expense_api

BranchesTags

Repository files navigation

Expense API Project

Repo ini untuk belajar Backend Laravel + Security Basic (Roadmap 90 Hari).

Progress

1. Database Design & Foundation

  • Membuat Migration categories (dengan Soft Deletes).
  • Membuat Migration transactions (dengan Relasi Foreign Key & Decimal).
  • Memahami kenapa Float dilarang untuk uang (Pakai Decimal).
  • Implementasi Model & Relationship (One to Many).

2. Authentication / Security

  • Setup Laravel Sanctum.
  • Register Endpoint (Output Token).
  • Login Endpoint (Output Token).
  • Logout Endpoint (Revoke Token).
  • Protect Route Middleware (auth:sanctum).

3. Core Transaction Logic

  • Validasi Input: Implementasi StoreTransactionRequest & UpdateTransactionRequest.
  • Create: Endpoint POST /api/transactions (Auto User ID & Activity Log).
  • Read: Endpoint GET /api/transactions (Pagination + API Resource).
  • Update: Endpoint PUT /api/transactions/{id} (Cek Kepemilikan Data via Policy).
  • Delete: Endpoint DELETE /api/transactions/{id} (Soft Delete aktif).
  • Restore: Fitur mengembalikan data dari tong sampah (POST /api/transactions/{id}/restore).
  • Filtering Lanjutan (Per bulan/kategori).
  • Management Category (CRUD Kategori).
  • Advanced Dashboard: Summary Balance & Insight Top 3 Pengeluaran Terbesar.

4. Professional & Secure Backend

  • Secure File Upload: Fitur Update Profile & Avatar (MIME Type Validation).
  • Authorization (Policy): Proteksi data antar user (Security Hardening).
  • Standardized Error Handling: Format JSON error konsisten & APP_DEBUG management.
  • Rate Limiting: Implementasi Throttle (60 req/min) untuk mencegah brute force.
  • Logging & Audit Trail: ActivityLog untuk setiap aksi (Register, Login, Create, Delete, Restore).
  • Change Password: Fitur ganti password aman.
  • Security Headers & Sanitization: Proteksi dasar API terhadap XSS/Injection.

5. Quality Assurance & Deployment

  • Testing Environment: Konfigurasi PHPUnit & SQLite In-Memory.
  • Automated Auth Test: Testing Register, Login, & Logout otomatis.
  • Feature Testing: Testing CRUD Transaksi & Validasi Data.
  • CI/CD Pipeline: Automasi testing via GitHub Actions.
  • Deployment: Deploy aplikasi ke server production (VPS Simulasi).
  • Clean Code Preparation: Penggunaan API Resources & Form Requests.

6. DevOps & Containerization

  • Linux Mastery: CLI, Permissions, & Directory Structure /var/www/.
  • Production Setup: Konfigurasi PHP 8.3 & MySQL 8.0 di Ubuntu.
  • Dockerization:
    • Dockerfile & docker-compose.yml (Isolasi App & DB).
    • Optimasi Docker (Hapus version obsolete & Cache Optimization).
  • Advanced Networking:
    • Reverse SSH Tunneling untuk bypass NAT.
    • Setup Ngrok untuk akses publik dinamis (Auto-update URL).

7. Final Status: COMPLETE

  • Semua fitur utama Backend & Security sesuai Roadmap 90 Hari telah diimplementasikan.
  • Sistem siap untuk dikembangkan ke tahap Frontend atau Mobile App.

About

Expense API adalah RESTful backend service untuk manajemen keuangan pribadi, dibangun dengan Laravel dan menerapkan best practice security, testing, dan deployment modern.

Topics

api laravel crud

Resources

Readme

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages