Files
Job-Info/instructions/ARCHITECTURE_CONFIRMED.md
T
2026-01-09 04:08:06 +00:00

5.3 KiB

Architecture Confirmed - Ready for Opus 4.5

Current Status

You now have all the documentation and architecture specifications needed to scaffold Job-Info-Prod with Claude Opus 4.5.


What's In Place

1. Professional Documentation Suite (/auth/ folder)

  • README.md - Overview & setup guide
  • INDEX.md - Navigation & quick links
  • ONBOARDING.md - Getting started for new developers
  • RULES.md - UPDATED with dual-token system (PocketBase + Microsoft Graph)
  • FLOWMAP.md - Architecture diagrams
  • VIEWS.md - UI specifications
  • TECH_STACK.md - Technology enforcement
  • DOCUMENTATION_SUMMARY.md - What was created

2. OPUS_PROMPT_PHASE1.md - Comprehensive Architecture Specification

671 lines of detailed architecture including:

  • Dual-Token System: PocketBase + Microsoft Graph tokens
  • Token Lifecycle: Single OAuth flow → automatic background refresh → zero re-authentication
  • Token Storage Strategy: localStorage (frontend) + Valkey cache (backend)
  • Single Token Check Pattern: Template for all API calls
  • Background Refresh Service: 30-minute loop to keep tokens warm
  • Offline-First Capability: Graceful degradation when backend unavailable
  • Error Handling: Stale token fallback for field workers
  • Project Structure: Complete folder layout for Job-Info-Prod
  • Implementation Details: TypeScript code examples
  • Tech Stack: Pinned versions (Bun, Hono, ioredis, Tailwind, TypeScript)
  • Environment Setup: Configuration template

3. Updated RULES.md - Dual-Token Rules

Sections covering:

  • Dual token architecture (PocketBase + Graph)
  • Critical requirement: NO re-authentication after initial login
  • Token storage locations (localStorage + Valkey cache)
  • Single token check pattern
  • Background refresh loop implementation
  • Logout procedure

Key Architecture Decisions (Now Documented)

Problem & Solution

PROBLEM: Workers in field can't afford to re-authenticate frequently. App needs to work reliably with intermittent internet.

SOLUTION:

  • Get BOTH tokens in single OAuth login
  • Store tokens in localStorage (frontend) + Valkey cache (backend)
  • Background refresh loop (30-min interval) keeps tokens warm indefinitely
  • Zero re-authentication after initial login (except system restart)
  • Stale token fallback for offline scenarios

Why This Approach

  1. Single OAuth Flow → User authenticates once, gets both tokens
  2. Dual Storage → Frontend has tokens for immediate use, backend keeps them fresh
  3. Background Refresh → Tokens automatically refreshed before expiry (invisible to user)
  4. Stale Token Fallback → If backend down, use old token (better than failing)
  5. Field-Grade Reliability → Designed for construction workers in intermittent connectivity

Files Ready to Share with Opus 4.5

Primary Input Document

Supporting Documentation


Next Steps

When Ready to Scaffold Job-Info-Prod:

  1. Copy OPUS_PROMPT_PHASE1.md content

  2. Paste into Claude Opus 4.5 with instruction: "Use this architecture prompt to scaffold the Job-Info-Prod project structure"

  3. Opus will create:

    • Complete project folder structure
    • All service files (tokenService, cacheService, etc.)
    • Route handlers with proper patterns
    • Frontend components
    • Configuration files
    • Documentation
  4. Then proceed to Sonnet 4.5 Phase for implementation code


Verification Checklist

  • Dual-token system documented (PocketBase + Graph)
  • Token lifecycle documented (login → refresh → logout)
  • Token storage strategy documented (localStorage + Valkey cache)
  • Single token check pattern provided (with code example)
  • Background refresh loop documented (30-min interval)
  • Offline-first strategy documented (graceful degradation)
  • Error handling documented (fallback to stale tokens)
  • Field-worker requirements documented (no re-auth)
  • Project structure provided
  • Tech stack pinned (Bun, Hono, ioredis, Tailwind, TypeScript)
  • Code examples included
  • Environment template provided

Key Insight

You've now documented the actual requirements from Job-Info-Test:

Aspect Details
Authentication PocketBase OAuth through Microsoft
Tokens Dual: PocketBase + Microsoft Graph
User Experience Authenticate once, never again (except restart)
Token Refresh Automatic background loop (30 min)
Storage localStorage (frontend) + Valkey cache (backend)
Offline Support Graceful degradation with stale tokens
Target Users Field workers who can't afford re-auth delays

Ready to Proceed?

The architecture is complete and documented. You now have everything needed to:

  1. Scaffold Job-Info-Prod (Opus 4.5)
  2. Implement features (Sonnet 4.5)
  3. Deploy to production (DevOps)

All documentation is production-ready and comprehensive. 🚀