# ColaFlow Demo Accounts

## Overview

When you start the ColaFlow development environment using Docker Compose, demo accounts and sample data are automatically created for testing and development purposes.

## Demo Tenant

**Tenant Name:** Demo Company
**Tenant Slug:** demo-company
**Plan:** Professional
**Status:** Active

### Tenant Limits
- Max Users: 50
- Max Projects: 100
- Max Storage: 100 GB

---

## User Accounts

### Owner Account

**Purpose:** Full administrative access to the tenant

| Field | Value |
|-------|-------|
| Email | owner@demo.com |
| Password | Demo@123456 |
| Full Name | John Owner |
| Role | Owner |
| Status | Active |
| Email Verified | Yes |

**Permissions:**
- Full tenant administration
- Create/delete projects
- Manage users and roles
- View audit logs
- Configure tenant settings

---

### Developer Account

**Purpose:** Standard member account for testing member-level features

| Field | Value |
|-------|-------|
| Email | developer@demo.com |
| Password | Demo@123456 |
| Full Name | Jane Developer |
| Role | Member |
| Status | Active |
| Email Verified | Yes |

**Permissions:**
- Create and edit projects (where assigned)
- Create/edit/delete stories and tasks
- View projects and reports
- Update profile settings

---

## Demo Project Data

### Project: Demo Project

**Project Key:** DEMO
**Status:** Active
**Owner:** John Owner (owner@demo.com)

#### Epic: User Authentication System

**Status:** InProgress
**Priority:** High
**Description:** Implement a complete user authentication system with login, registration, password reset, and email verification features.

---

### Stories

#### Story 1: Login Page Implementation

**Status:** InProgress
**Priority:** High
**Assignee:** Jane Developer
**Estimated Hours:** 16.0
**Description:** As a user, I want to log in with my email and password, so that I can access my account securely.

**Tasks:**
1. Design login form UI - Done (3.5h / 4h estimated)
2. Implement login API endpoint - InProgress (5h / 8h estimated)
3. Add client-side form validation - Todo (2h estimated)
4. Write unit tests for auth service - Todo (4h estimated)

---

#### Story 2: User Registration Feature

**Status:** Todo
**Priority:** High
**Assignee:** Jane Developer
**Estimated Hours:** 20.0
**Description:** As a new user, I want to register an account with email verification, so that I can start using the platform.

**Tasks:**
1. Design registration form - Todo (6h estimated)
2. Implement email verification flow - Todo (8h estimated)
3. Add password strength indicator - Todo (3h estimated)

---

## Quick Start Guide

### 1. Start the Development Environment

```powershell
# Windows
docker-compose up -d

# Linux/Mac
docker-compose up -d
```

### 2. Wait for Services to be Ready

The first startup may take 1-2 minutes as it:
- Pulls Docker images
- Runs database migrations
- Creates demo data

Check status:
```powershell
docker-compose ps
docker-compose logs backend
```

### 3. Access the Application

**Frontend:** http://localhost:3000
**Backend API:** http://localhost:5000
**Swagger Docs:** http://localhost:5000/swagger

### 4. Login with Demo Accounts

1. Navigate to http://localhost:3000
2. Click "Login"
3. Use one of the demo accounts above
4. Explore the demo project and data

---

## Testing Scenarios

### Scenario 1: Owner Capabilities

Login as `owner@demo.com`:
1. View all projects
2. Create a new project
3. Assign team members
4. View audit logs
5. Manage tenant settings

### Scenario 2: Member Capabilities

Login as `developer@demo.com`:
1. View assigned projects
2. Create/edit stories and tasks
3. Update task status
4. Track time spent
5. Add comments (if implemented)

### Scenario 3: Multi-Tenant Isolation

1. Login as owner@demo.com
2. Create another tenant (if registration is enabled)
3. Verify you cannot see Demo Company data in the new tenant
4. Test tenant-level data isolation

---

## Resetting Demo Data

### Option 1: Full Reset (Recommended)

This deletes all data and recreates demo accounts:

```powershell
# Stop containers and delete volumes
docker-compose down -v

# Restart (will recreate demo data)
docker-compose up -d
```

### Option 2: Database Only Reset

Keep images but reset database:

```powershell
# Remove postgres volume
docker volume rm product-master_postgres_data

# Restart postgres
docker-compose up -d postgres
```

### Option 3: Manual Reset via SQL

```sql
-- Connect to database
docker exec -it colaflow-postgres psql -U colaflow -d colaflow

-- Drop all data (CAUTION: This deletes everything)
DROP SCHEMA identity CASCADE;
DROP SCHEMA project_management CASCADE;

-- Exit and restart to recreate
\q
docker-compose restart backend
```

---

## Troubleshooting

### Issue: Demo accounts not created

**Symptoms:** Cannot login with demo accounts

**Solution:**
1. Check database logs: `docker-compose logs postgres`
2. Verify EF Core migrations ran: `docker-compose logs backend | grep -i migration`
3. Manually run seed script:
   ```powershell
   docker exec -it colaflow-postgres psql -U colaflow -d colaflow -f /docker-entrypoint-initdb.d/02-seed-data.sql
   ```

### Issue: Seed data script fails

**Symptoms:** Errors in postgres logs about missing tables

**Solution:**
Seed data script runs AFTER migrations. Ensure migrations completed:
```powershell
docker-compose exec backend dotnet ef database update
```

### Issue: Password not working

**Symptoms:** "Invalid credentials" error

**Solution:**
1. Verify you're using the correct password: `Demo@123456` (case-sensitive)
2. Check if password hashing is configured correctly in backend
3. Manually update password hash if needed:
   ```sql
   UPDATE identity.users
   SET password_hash = '$2a$11$NEW_HASH_HERE'
   WHERE email = 'owner@demo.com';
   ```

### Issue: "Tenant not found" error

**Symptoms:** 404 or tenant-related errors

**Solution:**
1. Check if tenant was created: `SELECT * FROM identity.tenants;`
2. Verify TenantId matches in users table
3. Re-run seed data script after fixing migrations

---

## Production Deployment Notes

**WARNING:** The demo accounts are for development use only!

Before deploying to production:

1. **Remove seed-data.sql volume mount** from docker-compose.yml
2. **Change all passwords** to strong, unique passwords
3. **Disable automatic account creation**
4. **Enable email verification** for all new accounts
5. **Configure proper SSL/TLS** for HTTPS
6. **Use environment variables** for sensitive data (not hardcoded)
7. **Enable rate limiting** on authentication endpoints
8. **Set up monitoring** and alerting
9. **Regular backups** of production database
10. **Security audit** before going live

---

## Support

**Issues or Questions?**
- Check project documentation: `docs/`
- Review Docker logs: `docker-compose logs`
- Open an issue on GitHub
- Contact the development team

---

**Last Updated:** 2025-11-04
**Version:** 1.0
**Maintainer:** ColaFlow Backend Team