InfraNotes Core · v2
Welcome
Select a document from the sidebar to read it.
InfraNotes
Enterprise Financial Management Platform
InfraNotes is a comprehensive enterprise financial management platform designed for businesses to track expenses, manage budgets, process invoices, and ensure compliance. This API provides the backend services that power the InfraNotes platform.

Core Capabilities
Financial Management
- Expense tracking with multi-currency support
- Project, category, and tag organization
- Receipt storage and management
- Export functionality for reports
- Data import capabilities
- Summary reports (daily, weekly, monthly, yearly)
Budget Management
- Hierarchical budget structures (team, department, project)
- Budget period configuration (monthly, quarterly, annual)
- Budget status management
- Budget allocation tracking
- Budget category management with allocation amounts
- Budget alerts for threshold notifications
- Budget vs actual reporting
Invoice Management
- Customizable invoice templates
- Status tracking (draft, sent, paid, overdue)
- PDF generation with digital signature support
- Email delivery for invoices
- Client/vendor database with contact information
- Payment terms management
- Line item management
- Tax calculation and tracking
Payment Processing
- Payment gateway integration (Stripe, Manual)
- Payment status tracking and history
- Payment intent creation and processing
- Webhook handling for asynchronous events
- Payment reconciliation system
- Receipt generation for payments
Security Features
- User authentication with JWT and MFA
- Enhanced session management with listing and revocation
- Geographic anomaly detection for logins
- Rate limiting and brute force protection
- Device fingerprinting and management
- Granular permission system with hierarchical namespace pattern
- Role-based access control with predefined roles
- Team-based access control
- Resource-specific permission checks
Team Collaboration
- Team creation and management
- Member invitation and role assignment
- Resource sharing within teams
- Team-specific permissions
- Approval workflows with configurable steps
- Multi-step approval chains
- Support for different approver types (user, role, team)
Tech Stack
- Backend: Go with clean architecture
- Database: PostgreSQL 17+
- Caching: Redis
- API Gateway: Dedicated HTTP-based gateway service with JWT/JWKS authentication
- Authentication: JWT tokens with RSA signatures and JWKS public key distribution
- API Documentation: OpenAPI 3.0 (Swagger)
- Monitoring: OpenTelemetry with Jaeger
- Containerization: Docker
- CI/CD: GitHub Actions
Project Structure
.
├── cmd/
│ ├── api/ # Application entrypoints
│ └── tools/ # Helper tools
├── configs/ # Configuration files
├── docs/
│ ├── api/ # API documentation
│ │ └── swagger.yaml # OpenAPI specification
│ └── architecture/ # Architecture diagrams
├── internal/
│ ├── database/ # Database connection and repositories
│ ├── encryption/ # Encryption services
│ ├── handlers/ # HTTP handlers
│ ├── middleware/ # HTTP middleware
│ ├── models/ # Data models and interfaces
│ ├── repositories/ # Data access layer
│ ├── routes/ # API route registration
│ ├── services/ # Business logic
│ └── validators/ # Input validation
├── migrations/ # Database migration scripts
├── docker-compose.yml # Docker setup for development
├── go.mod # Go module definition
└── README.md # Project documentation
Getting Started
Prerequisites
- Go 1.21+
- Docker and Docker Compose
- PostgreSQL 17+
- Redis 7+
Development Setup
-
Clone the repository:
git clone https://github.com/yourusername/infranotes.git cd infranotes -
Start the development environment:
docker-compose up -d -
Apply database migrations:
go run cmd/tools/migrator/main.go up -
Configure the application:
cp configs/config.development.example.json configs/config.development.json # Edit the configuration file with your settings -
Run the application:
go run cmd/api/main.go -
View API documentation:
# In a separate terminal go run cmd/tools/swagger/main.goThen open http://localhost:8090 in your browser
Environment Variables
Key environment variables for configuration:
| Variable | Description | Default |
|---|---|---|
APP_ENV |
Application environment (development/production) | development |
DB_HOST |
PostgreSQL host | localhost |
DB_PORT |
PostgreSQL port | 5432 |
DB_NAME |
PostgreSQL database name | infranotes |
DB_USER |
PostgreSQL username | postgres |
DB_PASSWORD |
PostgreSQL password | postgres |
REDIS_HOST |
Redis host | localhost |
REDIS_PORT |
Redis port | 6379 |
JWT_SECRET |
Secret for JWT signing | your-secret-key |
MFA_ISSUER |
Issuer name for MFA | InfraNotes |
API Documentation
InfraNotes provides comprehensive API documentation using Swagger UI, including:
- Authentication: User registration, login, MFA, session management
- Security: Permission management, activity logging, security events
- Financial Management: Expense tracking, reporting, analytics
- Budget Management: Budget creation, allocation, monitoring
- Invoice Management: Invoice templates, generation, status tracking
- Payment Processing: Payment intents, status tracking, reconciliation
- Team Collaboration: Team management, resource sharing, permissions
- Approval Workflows: Workflow configuration, approval chains, delegation
- Reporting: Custom reports, data export, scheduled generation
Example API Requests
Authentication
# Register a new user
curl -X POST http://localhost:8080/api/auth/register \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "securePassword123", "name": "John Doe"}'
# Login
curl -X POST http://localhost:8080/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "securePassword123"}'
Creating an Expense
# Create a new expense
curl -X POST http://localhost:8080/api/expenses \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"amount": 125.50,
"description": "Business lunch",
"date": "2025-05-15T12:00:00Z",
"category_id": 1,
"project_id": 2,
"tags": [3, 4]
}'
Creating a Budget
# Create a new budget
curl -X POST http://localhost:8080/api/budgets \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"name": "Q2 Marketing Budget",
"description": "Budget for Q2 marketing activities",
"type": "department",
"period": "quarterly",
"start_date": "2025-04-01T00:00:00Z",
"end_date": "2025-06-30T23:59:59Z",
"amount": 50000,
"currency": "USD",
"status": "active",
"allocations": [
{
"category_id": 5,
"amount": 30000
},
{
"category_id": 6,
"amount": 20000
}
]
}'
Building for Production
Docker Deployment
-
Build the Docker image:
docker build -t infranotes:latest . -
Run with production configuration:
docker run -d \ --name infranotes \ -p 8080:8080 \ -e APP_ENV=production \ -e DB_HOST=your-db-host \ -e DB_PORT=5432 \ -e DB_NAME=infranotes \ -e DB_USER=your-db-user \ -e DB_PASSWORD=your-db-password \ -e REDIS_HOST=your-redis-host \ -e JWT_SECRET=your-secure-jwt-secret \ infranotes:latest
Kubernetes Deployment
Basic Kubernetes deployment files are available in the deployment/kubernetes directory.
-
Apply the configurations:
kubectl apply -f deployment/kubernetes/ -
Check the status:
kubectl get pods -l app=infranotes
Contributing
We welcome contributions to InfraNotes! Here's how you can help:
Development Workflow
- Fork the repository
- Create a feature branch (
git checkout -b feature/my-new-feature) - Make your changes
- Run tests (
go test ./...) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin feature/my-new-feature) - Create a new Pull Request
Code Standards
- Follow Go best practices and style guidelines
- Ensure proper error handling
- Add unit tests for new functionality
- Update documentation for API changes
- Maintain backward compatibility when possible
Testing
Run the test suite:
go test ./...
Run with coverage:
go test -coverprofile=coverage.out ./...
go tool cover -html=coverage.out
Documentation
- API Documentation: Available via Swagger UI at
/api/docs - Architecture Overview: See
docs/architecture/overview.md - Security Model: See
docs/security/model.md - Deployment Guide: See
docs/deployment/production.md - Development Guidelines: See
docs/development/guidelines.md
License
This project is licensed under the MIT License.