2c10cd5662
Security Improvements: - Add input sanitization utilities (XSS, SQL injection prevention) - Add token validation with JWT structure verification - Add secure form validators with pattern enforcement - Implement proper token storage with encryption support Service Hardening: - Add timeout (30s) and retry logic (3 attempts) to all API calls - Add UUID validation for all ID parameters - Add null/undefined checks with defensive defaults - Proper error propagation with typed error handling Component Fixes: - Fix memory leaks with takeUntilDestroyed pattern - Remove mock data fallbacks in error handlers - Add proper loading/error state management - Add form field length limits and validation Files affected: 51 (6000+ lines added for security)
Goa GEL Frontend
Government of Goa - e-Licensing Blockchain Platform (Frontend)
Built with Angular CLI version 21.1.2.
Prerequisites
- Node.js v20+ (LTS recommended)
- npm v10+
- Backend API running on
http://localhost:3001
Quick Start
# Install dependencies
npm install
# Start development server
ng serve
Open http://localhost:4200/ in your browser.
Environment Configuration
Environment files are located in src/environments/:
| File | Purpose |
|---|---|
environment.ts |
Development configuration |
environment.prod.ts |
Production configuration |
Configuration Variables
{
production: false, // Build mode flag
apiBaseUrl: 'http://localhost:3001/api/v1', // Backend API endpoint
tokenStorageKey: 'goa_gel_token', // JWT token storage key
refreshTokenStorageKey: 'goa_gel_refresh_token', // Refresh token storage key
userStorageKey: 'goa_gel_user', // User data storage key
apiKeyStorageKey: 'goa_gel_api_key', // API key storage key
apiSecretStorageKey: 'goa_gel_api_secret', // API secret storage key
}
Modifying API URL
To connect to a different backend:
// src/environments/environment.ts
apiBaseUrl: 'http://YOUR_BACKEND_HOST:PORT/api/v1'
Token Storage (Authentication)
The application uses localStorage for authentication tokens. These are not values you configure - they are automatically managed:
| Storage Key | Source | Description |
|---|---|---|
goa_gel_token |
Backend /auth/login |
JWT access token (set after login) |
goa_gel_refresh_token |
Backend /auth/login |
Refresh token (set after login) |
goa_gel_user |
Backend /auth/login |
User profile data (JSON) |
How it works:
- User logs in → Backend returns JWT tokens
- Frontend stores tokens in localStorage using these keys
- Tokens are sent with API requests via
Authorizationheader - On logout, tokens are cleared from localStorage
To inspect stored tokens:
- Open browser DevTools → Application → Local Storage
- Look for keys prefixed with
goa_gel_
Building
# Development build
ng build
# Production build (uses environment.prod.ts)
ng build --configuration=production
Build artifacts are stored in dist/goa-gel-frontend/.
Testing
# Run unit tests
ng test
# Run tests once (CI mode)
ng test --watch=false
Project Structure
src/
├── app/
│ ├── api/ # API models and interfaces
│ ├── core/ # Core services (auth, API, storage)
│ ├── features/ # Feature modules (dashboard, requests, workflows)
│ ├── layouts/ # Layout components (main layout)
│ └── shared/ # Shared components and utilities
├── environments/ # Environment configurations
└── styles/ # Global styles
Key Features
- Visual Workflow Builder
- License Request Management
- Document Upload with Blockchain Verification
- Department-based Approval Workflows
- Admin Dashboard with Analytics
- DBIM v3.0 & GIGW 3.0 Compliant UI