mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Rebuild documentation as enterprise-grade TLAS platform

Browse Source 
- Migrate from custom HTTP server to VitePress framework
- Rename project to Tokenized License Approval System (TLAS)
- Add comprehensive documentation for all stakeholders:
  - Business: Executive summary, value proposition, governance
  - Operations: Infrastructure, installation, monitoring, backup
  - Departments: User guide, workflows, verification, issuance
  - Developers: API reference, authentication, webhooks, SDKs
  - Compliance: OWASP, DPDP Act, IT Act, audit framework
- Add modern theme with dark mode and full-text search
- Update Dockerfile for VitePress build process

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Mahi
2026-02-10 00:05:20 -04:00
parent 4a5bf16827
commit 435889ee79
65 changed files with 6324 additions and 8342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
Documentation/developers/authentication.md Normal file
View File

@@ -0,0 +1,81 @@
# Authentication
## Overview
TLAS uses OAuth 2.0 with JWT tokens for API authentication.
## Obtaining Credentials
Contact your administrator to receive:
- Client ID
- Client Secret
- Authorized scopes
## Token Request
```http
POST /auth/token HTTP/1.1
Host: api.tlas.gov.in
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&
client_id=YOUR_CLIENT_ID&
client_secret=YOUR_CLIENT_SECRET&
scope=applications:read applications:write
```
### Response
```json
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "applications:read applications:write"
}
```
## Using the Token
Include token in Authorization header:
```http
GET /applications/APP-2026-00001 HTTP/1.1
Host: api.tlas.gov.in
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
```
## Token Refresh
Tokens expire after 1 hour. Request new token before expiry.
## Available Scopes
| Scope | Access |
|-------|--------|
| `applications:read` | View applications |
| `applications:write` | Submit and update applications |
| `documents:read` | View documents |
| `documents:write` | Upload documents |
| `verification:read` | Verify certificates |
## DigiLocker OAuth
For citizen authentication via DigiLocker:
```http
GET /auth/digilocker/authorize?
redirect_uri=https://yourapp.com/callback&
state=random_state_value
```
User is redirected to DigiLocker. After consent, user returns with authorization code.
## Error Codes
| Code | Description |
|------|-------------|
| `invalid_client` | Unknown client ID |
| `invalid_grant` | Invalid credentials |
| `invalid_scope` | Requested scope not authorized |
| `expired_token` | Token has expired |

83
Documentation/developers/blockchain-apis.md Normal file
View File

@@ -0,0 +1,83 @@
# Blockchain APIs
## Certificate Verification
### Verify by Token ID
```http
GET /blockchain/verify/{tokenId}
```
**Response**
```json
{
"valid": true,
"token": {
"id": "0x1234567890abcdef",
"licenseNumber": "GOA/TRADE/2026/00001",
"holder": "ABC Enterprises",
"issuedAt": "2026-02-09T10:00:00Z",
"validUntil": "2027-02-08T23:59:59Z",
"status": "ACTIVE"
},
"blockchain": {
"contractAddress": "0xContract...",
"transactionHash": "0xTx...",
"blockNumber": 12345,
"timestamp": "2026-02-09T10:00:00Z"
}
}
```
### Verify by License Number
```http
GET /blockchain/verify?licenseNumber=GOA/TRADE/2026/00001
```
## Transaction History
### Get Token History
```http
GET /blockchain/tokens/{tokenId}/history
```
**Response**
```json
{
"tokenId": "0x1234...",
"events": [
{
"event": "MINTED",
"timestamp": "2026-02-09T10:00:00Z",
"transactionHash": "0xMint...",
"data": { "to": "0xHolder..." }
},
{
"event": "RENEWED",
"timestamp": "2027-02-01T10:00:00Z",
"transactionHash": "0xRenew...",
"data": { "newExpiry": "2028-02-08" }
}
]
}
```
## Smart Contract ABI
```solidity
interface ILicenseNFT {
function mint(address to, string licenseNumber, bytes32 documentHash) returns (uint256);
function verify(uint256 tokenId) returns (bool valid, LicenseData data);
function revoke(uint256 tokenId, string reason);
function renew(uint256 tokenId, uint256 newExpiry);
}
```
## Block Explorer
View transactions on the block explorer:
```
https://explorer.tlas.gov.in/tx/{transactionHash}
```

134
Documentation/developers/core-apis.md Normal file
View File

@@ -0,0 +1,134 @@
# Core APIs
## Applications
### Submit Application
```http
POST /applications
```
**Request Body**
```json
{
"licenseType": "TRADE_LICENSE",
"applicantId": "DL-12345678",
"businessName": "ABC Enterprises",
"address": {
"line1": "123 Main Street",
"city": "Panaji",
"state": "Goa",
"pincode": "403001"
},
"documents": [
{ "type": "IDENTITY_PROOF", "documentId": "DOC-001" },
{ "type": "ADDRESS_PROOF", "documentId": "DOC-002" }
]
}
```
**Response**
```json
{
"success": true,
"data": {
"applicationId": "APP-2026-00001",
"status": "SUBMITTED",
"submittedAt": "2026-02-09T10:30:00Z",
"estimatedCompletion": "2026-02-16T10:30:00Z"
}
}
```
### Get Application Status
```http
GET /applications/:applicationId
```
**Response**
```json
{
"success": true,
"data": {
"applicationId": "APP-2026-00001",
"status": "IN_REVIEW",
"currentStage": "DOCUMENT_VERIFICATION",
"stages": [
{ "name": "SUBMITTED", "completedAt": "2026-02-09T10:30:00Z" },
{ "name": "DOCUMENT_VERIFICATION", "startedAt": "2026-02-09T11:00:00Z" }
],
"nextAction": "Awaiting document verification"
}
}
```
### List Applications
```http
GET /applications?status=PENDING&page=1&limit=20
```
## Documents
### Upload Document
```http
POST /documents/upload
Content-Type: multipart/form-data
```
**Form Fields**
- `file`: Document file (PDF, JPG, PNG)
- `type`: Document type code
- `applicationId`: Associated application (optional)
**Response**
```json
{
"success": true,
"data": {
"documentId": "DOC-2026-00001",
"fileName": "identity_proof.pdf",
"fileSize": 245678,
"mimeType": "application/pdf",
"uploadedAt": "2026-02-09T10:25:00Z"
}
}
```
### Get Document
```http
GET /documents/:documentId
```
## Verification
### Verify Certificate
```http
GET /verify/:tokenId
```
**Response**
```json
{
"success": true,
"data": {
"valid": true,
"license": {
"number": "GOA/TRADE/2026/00001",
"holder": "ABC Enterprises",
"issuedBy": "Department of Trade",
"issuedAt": "2026-02-09",
"validUntil": "2027-02-08"
},
"blockchain": {
"tokenId": "0x1234...",
"transactionHash": "0xabcd...",
"blockNumber": 12345
}
}
}
```

88
Documentation/developers/errors.md Normal file
View File

@@ -0,0 +1,88 @@
# Error Handling
## Error Response Format
```json
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Human-readable error message",
"details": [
{ "field": "email", "message": "Invalid email format" }
],
"requestId": "req_abc123"
}
}
```
## HTTP Status Codes
| Code | Meaning |
|------|---------|
| 200 | Success |
| 201 | Created |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 409 | Conflict |
| 422 | Validation Error |
| 429 | Rate Limited |
| 500 | Internal Error |
## Error Codes
### Authentication Errors
| Code | Description |
|------|-------------|
| `AUTH_INVALID_TOKEN` | Token is invalid or malformed |
| `AUTH_EXPIRED_TOKEN` | Token has expired |
| `AUTH_MISSING_TOKEN` | No token provided |
| `AUTH_INSUFFICIENT_SCOPE` | Token lacks required permissions |
### Validation Errors
| Code | Description |
|------|-------------|
| `VALIDATION_ERROR` | Input validation failed |
| `VALIDATION_REQUIRED` | Required field missing |
| `VALIDATION_FORMAT` | Invalid field format |
| `VALIDATION_RANGE` | Value out of allowed range |
### Resource Errors
| Code | Description |
|------|-------------|
| `RESOURCE_NOT_FOUND` | Requested resource doesn't exist |
| `RESOURCE_CONFLICT` | Resource state conflict |
| `RESOURCE_LOCKED` | Resource is locked |
### Business Logic Errors
| Code | Description |
|------|-------------|
| `APPLICATION_INVALID_STATE` | Action not allowed in current state |
| `DOCUMENT_TYPE_MISMATCH` | Wrong document type |
| `WORKFLOW_ERROR` | Workflow processing error |
## Handling Errors
```javascript
try {
const result = await client.applications.create(data);
} catch (error) {
if (error.code === 'VALIDATION_ERROR') {
// Handle validation errors
error.details.forEach(d => console.log(`${d.field}: ${d.message}`));
} else if (error.code === 'AUTH_EXPIRED_TOKEN') {
// Refresh token and retry
await client.refreshToken();
return retry();
} else {
// Log and report
console.error('Unexpected error:', error.requestId);
}
}
```

105
Documentation/developers/index.md Normal file
View File

@@ -0,0 +1,105 @@
# API Documentation
## Overview
TLAS provides REST APIs for integrating with external systems. All APIs use JSON for request and response bodies.
## Base URL
```
Production: https://api.tlas.gov.in/v1
Staging: https://api-staging.tlas.gov.in/v1
```
## Authentication
All API requests require authentication via Bearer token.
```http
Authorization: Bearer <access_token>
```
Obtain tokens through the authentication endpoint. See [Authentication](/developers/authentication) for details.
## Request Format
```http
POST /applications HTTP/1.1
Host: api.tlas.gov.in
Authorization: Bearer eyJhbGc...
Content-Type: application/json
```
## Response Format
### Success Response
```json
{
"success": true,
"data": {
"id": "APP-2026-00001",
"status": "SUBMITTED"
}
}
```
### Error Response
```json
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid license type",
"details": [
{ "field": "licenseType", "message": "Must be one of: TRADE_LICENSE, FOOD_LICENSE" }
]
}
}
```
## Rate Limits
| Tier | Requests/minute | Burst |
|------|-----------------|-------|
| Standard | 60 | 100 |
| Premium | 300 | 500 |
Rate limit headers included in all responses:
```http
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1707500000
```
## API Endpoints
| Category | Endpoint | Description |
|----------|----------|-------------|
| Auth | `POST /auth/token` | Obtain access token |
| Applications | `POST /applications` | Submit new application |
| Applications | `GET /applications/:id` | Get application status |
| Documents | `POST /documents/upload` | Upload document |
| Verification | `GET /verify/:tokenId` | Verify certificate |
## SDKs
Official SDKs available:
- JavaScript/TypeScript: `npm install @tlas/sdk`
- Python: `pip install tlas-sdk`
- Java: Maven artifact `gov.in.tlas:tlas-sdk`
## Documentation
- [Authentication](/developers/authentication) - Token management
- [Core APIs](/developers/core-apis) - Application and document APIs
- [Blockchain APIs](/developers/blockchain-apis) - Certificate verification
- [Webhooks](/developers/webhooks) - Event notifications
- [Error Handling](/developers/errors) - Error codes and handling
- [Authentication](/developers/authentication) - Token management
- [Core APIs](/developers/core-apis) - Application and document APIs
- [Blockchain APIs](/developers/blockchain-apis) - Certificate verification
- [Webhooks](/developers/webhooks) - Event notifications
- [Error Handling](/developers/errors) - Error codes and handling

94
Documentation/developers/sdks.md Normal file
View File

@@ -0,0 +1,94 @@
# SDKs & Libraries
## JavaScript/TypeScript SDK
### Installation
```bash
npm install @tlas/sdk
```
### Usage
```typescript
import { TLASClient } from '@tlas/sdk';
const client = new TLASClient({
baseUrl: 'https://api.tlas.gov.in/v1',
clientId: 'your-client-id',
clientSecret: 'your-client-secret'
});
// Submit application
const application = await client.applications.create({
licenseType: 'TRADE_LICENSE',
applicantId: 'DL-12345678',
data: { ... }
});
// Check status
const status = await client.applications.getStatus(application.id);
// Verify certificate
const verification = await client.certificates.verify('GOA/TRADE/2026/00001');
```
## Python SDK
### Installation
```bash
pip install tlas-sdk
```
### Usage
```python
from tlas import TLASClient
client = TLASClient(
base_url='https://api.tlas.gov.in/v1',
client_id='your-client-id',
client_secret='your-client-secret'
)
# Submit application
application = client.applications.create(
license_type='TRADE_LICENSE',
applicant_id='DL-12345678',
data={...}
)
# Check status
status = client.applications.get_status(application['id'])
# Verify certificate
result = client.certificates.verify('GOA/TRADE/2026/00001')
```
## Java SDK
### Maven
```xml
<dependency>
<groupId>gov.in.tlas</groupId>
<artifactId>tlas-sdk</artifactId>
<version>1.0.0</version>
</dependency>
```
### Usage
```java
TLASClient client = new TLASClient.Builder()
.baseUrl("https://api.tlas.gov.in/v1")
.credentials("client-id", "client-secret")
.build();
Application app = client.applications()
.create("TRADE_LICENSE", "DL-12345678", data);
VerificationResult result = client.certificates()
.verify("GOA/TRADE/2026/00001");
```

77
Documentation/developers/webhooks.md Normal file
View File

@@ -0,0 +1,77 @@
# Webhooks
## Overview
TLAS sends webhook notifications for key events. Configure webhook endpoints to receive real-time updates.
## Configuration
Register webhook endpoint:
```http
POST /webhooks
Authorization: Bearer <token>
{
"url": "https://your-system.com/webhook",
"events": ["application.approved", "certificate.issued"],
"secret": "your-webhook-secret"
}
```
## Event Types
| Event | Trigger |
|-------|---------|
| `application.submitted` | New application received |
| `application.approved` | Application approved |
| `application.rejected` | Application rejected |
| `application.returned` | Returned for corrections |
| `certificate.issued` | License NFT minted |
| `certificate.revoked` | License revoked |
## Payload Format
```json
{
"event": "application.approved",
"timestamp": "2026-02-09T10:00:00Z",
"data": {
"applicationId": "APP-2026-00001",
"licenseType": "TRADE_LICENSE",
"applicantId": "DL-12345678"
}
}
```
## Signature Verification
Verify webhook authenticity using HMAC-SHA256:
```javascript
const crypto = require('crypto');
function verifySignature(payload, signature, secret) {
const expected = crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected)
);
}
```
Header: `X-Webhook-Signature: sha256=<signature>`
## Retry Policy
Failed deliveries (non-2xx response) are retried:
- 1st retry: 1 minute
- 2nd retry: 5 minutes
- 3rd retry: 30 minutes
- 4th retry: 2 hours
- 5th retry: 24 hours
After 5 failures, webhook is disabled. Re-enable via API.