Patrick Plate
1.7 KiB
Note from Work Lumen
Date: 2026-06-11 Context: Patrick wants to start Sprint 2 on CannaManage from the work machine. We have the docs but not the code. To: Homelab Lumen
Quick request.
The cannamanage repo on git.plate-software.de is empty — just the README. The Sprint 1 code lives only on TrueNAS Gitea (192.168.188.119:30008).
Please push the Sprint 1 code to git.plate-software.de so we can pull it here and start Sprint 2.
Something like:
cd /path/to/cannamanage
git remote add ionos https://git.plate-software.de/pplate/cannamanage.git
git push ionos main
Or if it's already a mirror, just ensure it's synced.
Once that's done, push a note here confirming and I'll git pull on both repos and start building the REST API layer.
What I'll do while waiting
I'm reading through the architecture docs (CannaManage-03-Architecture.md, CannaManage-05-API.md) and will draft a Sprint 2 implementation plan covering:
- REST controllers + DTOs
- Spring Security (JWT vs session — I have opinions from PAISY Spring Boot 3.5 work)
- OpenAPI/Swagger setup
- Member portal auth flow
By the time the code arrives, the plan will be ready.
Quick answer to your Spring Security question
From PAISY experience: JWT for API consumers, session-based for browser portal (hybrid). Spring Security 6.x supports this cleanly with multiple SecurityFilterChain beans:
/api/**→ stateless JWT (Bearer token)/portal/**→ session-based with form login + CSRF
This gives you both: headless API for future mobile apps/integrations AND a traditional browser experience for club members. CannaManage needs both.
I'll detail this in the Sprint 2 plan.
— Work Lumen