# 🚀 Running Steps — Hashtag Orange GBP Dashboard > **Last Updated**: May 4, 2026 — 10:10 AM IST --- ## Prerequisites - **Python 3.10+** with `pip` - **PostgreSQL** running locally with a database named `fenesta_db` - **Node.js** is NOT required (frontend is vanilla JS with CDN libraries) --- ## Step 1: Create Virtual Environment (first time only) ```powershell # venv lives at the GMB root, NOT inside backend/ cd "c:\Users\ABCom\OneDrive - Hashtag Orange Advertising Private Limited\Desktop\GMB" python -m venv venv .\venv\Scripts\activate pip install -r backend\requirements.txt ``` --- ## Step 2: Reset & Seed Database ```powershell # From the GMB root directory (with venv activated): # Initialize tables (safe to re-run, uses CREATE IF NOT EXISTS) python -c "import sys; sys.path.append('backend'); from app.database import init_db; init_db(); print('Tables ready')" # Seed agency admin + test data cd backend python -m seed_admin python -m seed_test_data cd .. ``` **⚠️ Full reset (drops all data):** ```powershell # From the GMB root (with venv activated): python -c "import sys; sys.path.append('backend'); from app.database import get_db_connection; conn=get_db_connection(); c=conn.cursor(); c.execute('DROP TABLE IF EXISTS trend_cache, metrics_cache, dealers, clients, users CASCADE'); conn.commit(); c.close(); conn.close(); print('Dropped')" python -c "import sys; sys.path.append('backend'); from app.database import init_db; init_db(); print('Recreated')" cd backend python -m seed_admin python -m seed_test_data cd .. ``` --- ## Step 3: Start Backend Server ```powershell # From backend/ with venv activated cd backend python -m uvicorn app.main:app --reload --port 8000 ``` **Verify:** Open `http://127.0.0.1:8000/api/health` → should return `{"status":"ok"}` --- ## Step 4: Start Frontend Open `frontend/index.html` in a browser. Recommended: Use VS Code **Live Server** extension (port 5500). Or simply double-click `index.html` in File Explorer. --- ## Step 5: Test All 3 Roles ### Agency Login - **Email:** `admin@hashtagorang.in` - **Password:** `Admin@123` - **Expected:** Client management table with "Fenesta" listed with 3 dealers. Click "3 dealers" to see the dealer list modal. - **No password change required** (admin is pre-verified) ### Client Login - **Email:** `fenesta@example.com` - **Password:** `Client@123` - **Expected:** 4-tab layout (Global Overview / Dealer Network / Add Dealer / HQ Location) with KPI cards + trend charts - **Note:** First login requires password change. New password must be 8+ chars with uppercase, lowercase, digit, and special char. ### Dealer Logins | Dealer | Email | Password | First Login? | |--------|-------|----------|--------------| | Gurugram | `dealer.gurugram@fenesta.com` | `Dealer@123` | Yes — forced change | | Noida | `dealer.noida@fenesta.com` | `Dealer@123` | Yes — forced change | | Jaipur | `dealer.jaipur@fenesta.com` | `Dealer@123` | Yes — forced change | - **Expected:** 7 KPI cards + 6-Month Trend Chart (from `trend_cache`) + Create Post button --- ## Step 6: Test Security Hardening 1. **Deactivate client** from Agency dashboard → confirm Fenesta shows "Inactive" 2. **Verify cascade** → all 3 dealers should also show as Inactive in the dealer view modal 3. **Try login** as `fenesta@example.com` → should see "Account has been deactivated" 4. **Try login** as `dealer.gurugram@fenesta.com` → should see "Your parent account has been deactivated" 5. **Reactivate client** from Agency dashboard → client and all dealers re-enabled 6. **Duplicate email** — try adding a client with `fenesta@example.com` → should see "A user with email ... already exists" 7. **Password strength** — try changing password to "123" → should get validation error 8. **Token validation** — after logging in, deactivate the account from another session → refresh the page → auto-logged out --- ## API Documentation (Swagger) Once the server is running: `http://127.0.0.1:8000/docs` ### Key Endpoints | Method | URL | Role Required | | --- | --- | --- | | POST | `/api/auth/login` | None | | POST | `/api/auth/change-password` | Any authenticated | | GET | `/api/auth/me` | Any authenticated | | GET | `/api/auth/google` | None (stub) | | GET | `/api/agency/clients` | agency | | POST | `/api/agency/clients` | agency | | DELETE | `/api/agency/clients/{id}` | agency | | PUT | `/api/agency/clients/{id}/reactivate` | agency | | GET | `/api/agency/clients/{id}/dealers` | agency | | POST | `/api/agency/my-location` | agency | | GET | `/api/agency/dashboard/my-location` | agency | | GET | `/api/client/dealers` | client | | POST | `/api/client/dealers` | client | | DELETE | `/api/client/dealers/{id}` | client | | PUT | `/api/client/dealers/{id}/reactivate` | client | | POST | `/api/client/my-location` | client | | GET | `/api/client/dashboard/global` | client | | GET | `/api/client/dashboard/network` | client | | GET | `/api/client/dashboard/hq` | client | | GET | `/api/client/dashboard/dealer/{id}` | client | | GET | `/api/dealer/dashboard` | dealer | | POST | `/api/dealer/posts/create` | dealer | --- ## Environment Variables (.env) Create `backend/.env` with: ```env DB_NAME=fenesta_db DB_USER=postgres DB_PASSWORD=hnny1436 DB_HOST=127.0.0.1 DB_PORT=5432 JWT_SECRET=change-me-in-production USE_MOCK_DATA=true # For production, restrict CORS: # ALLOWED_ORIGINS=http://localhost:5500,https://yourdomain.com ``` > ⚠️ **Important**: Change `JWT_SECRET` to a random string before deploying! The server will print a warning if you don't. --- ## Troubleshooting | Issue | Fix | | --- | --- | | `ModuleNotFoundError: No module named 'app'` | You must `cd backend` before running uvicorn | | `Form data requires python-multipart` | `pip install python-multipart` | | `email-validator is not installed` | `pip install email-validator` | | Login returns 401 | Check credentials or re-run seed scripts | | Tables don't exist | Run the init_db command from Step 2 | | Port 8000 already in use | Kill existing process or use `--port 8001` | | `Database connection unavailable` (503) | Check if PostgreSQL is running | | `JWT_SECRET` warning on startup | Set a secure `JWT_SECRET` in `backend/.env` |