- Refactored POST /auth/login to issue a 15-minute Access Token and a 30-day Refresh Token.
- Added POST /auth/refresh endpoint to automatically issue new Access Tokens and extend the Refresh Token's lifespan by 30 days upon use (Sliding Expiration).
- Built an HTTP interceptor wrapper (apiFetch) in dataService.ts that automatically catches 401 Unauthorized errors, calls the refresh endpoint, updates localStorage, and silently retries the original request without logging the user out.
- Fixed database initialization where default origins were seeded without color_classes.
- Added a visual color picker to the Origens admin page to allow users to assign colors to origin tags.
- Updated Dashboard Pie Chart to read the color classes correctly and display them.
- Dropped simple origins table in favor of origin_groups and origin_items to match the Funnels architecture.
- Added origin_group_id to teams table to assign specific origins to specific teams.
- Updated /admin/origins page to support creating origin groups, adding origin items to them, and assigning teams to groups.
- Updated Dashboard and UserDetail pages to dynamically load the exact origin items belonging to the active team/user.
- Updated Login.tsx to automatically redirect users to the dashboard if a valid token is already present in localStorage.
- Refactored getUserById to properly throw server/network errors instead of silently returning undefined.
- Updated AuthGuard in App.tsx to gracefully handle network errors without destroying the user's valid localStorage tokens.
- Added api_keys table to database schema.
- Added API Key authentication middleware to express router.
- Created GET /api/integration/users endpoint for n8n to map agents.
- Created POST /api/integration/attendances endpoint to accept webhooks from n8n.
- Added UI in UserProfile (for Admins/Owners) to generate, view, and revoke API keys.
- Fixed audio playback by rendering a hidden audio tag to comply with browser policies.
- Renamed DELETE /notifications to /notifications/clear-all to prevent route conflicts.
- Notifications badge now clears automatically when the tray is opened.
- Translated notification types to Portuguese (SUCESSO, AVISO, ERRO, INFO).
- Implemented team deletion functionality for Admins.
- Updated DB schema to support multiple funnels (funnels table) and their stages (funnel_stages table).
- Added funnel_id to teams table to link teams to specific funnels.
- Redesigned /admin/funnels page ('Meus Funis') to allow creating multiple funnels, managing their stages, and assigning them to teams.
- Updated Dashboard, UserDetail, and AttendanceDetail to dynamically load the correct funnel based on the selected team or user's assigned team.
- Modified attendances.funnel_stage in DB from ENUM to VARCHAR.
- Created tenant_funnels table and backend API routes to manage custom stages.
- Added /admin/funnels page for Admins/Managers to create, edit, order, and color-code their funnel stages.
- Updated Dashboard, UserDetail, and AttendanceDetail to fetch and render dynamic funnel stages instead of hardcoded enums.
- Added defensive checks and logging to GET /users/:idOrSlug to fix sporadic 500 errors during impersonation handoffs.
- Prevented the browser's atob() function from throwing a 'String contains an invalid character' exception by adding proper Base64 padding to the JWT payload before decoding.
- Added sound_enabled column to users table with a default of true.
- Implemented a pleasant pop sound (notification.mp3) that plays when a new unread notification arrives.
- Added a toggle in the User Profile page allowing users to enable/disable the sound.
- Added notifications table with auto-migration on startup.
- Created backend endpoints for fetching and managing notifications.
- Implemented interactive notification tray in the header with unread badges.
- Added automated triggers for organization creation and user registration completion.
- Restricted Agent search to Attendances only.
- Enabled Super Admin search for Organizations (Tenants).
- Fixed user avatar URL construction in search results.
- Added Organizations category to search dropdown for Super Admins.
- Added /api/search endpoint with strict role-based data isolation.
- Created searchGlobal function in dataService.
- Refined header UI with an interactive, categorized search results dropdown.
- Updated all email templates to a clean light theme and changed button text to 'Finalizar Cadastro'.
- Enforced a strict 15-minute expiration on all auth/reset tokens.
- Created SetupAccount flow distinct from ResetPassword to capture user name during admin init.
- Refined dark mode to a premium True Black (Onyx) palette using Zinc.
- Fixed Dashboard KPI visibility and true period-over-period trend logic.
- Enhanced TeamManagement with global tenant filtering for Super Admins.
- Implemented secure User URL routing via slugs instead of raw UUIDs.
- Enforced strict Agent-level RBAC for viewing attendances.
- Fixed real backend deletion for tenants
- Allowed super_admins to manage other super_admins in Global Users
- Filtered teams based on selected tenant in user creation
- Protected system tenant from deletion
- Enforced tenant isolation and Role-Based Access Control across all API routes
- Implemented secure profile avatar upload using multer and UUIDs
- Redesigned UI with a premium "Onyx & Gold" Charcoal dark mode
- Added Funnel Stage and Origin filters to Dashboard and User Detail pages
- Replaced "Referral" with "Indicação" across the platform and database
- Optimized Dockerfile and local environment setup for reliable deployments
- Fixed frontend syntax errors and improved KPI/Chart visualizations
- Implemented real JWT authentication and persistent user sessions
- Replaced all hardcoded mock data with dynamic MySQL-backed API calls
- Created new 'Times' (Teams) dashboard with performance metrics
- Renamed 'Equipe' to 'Membros' and centralized team management
- Added Role-Based Access Control (RBAC) for Admin/Manager/Agent roles
- Implemented secure invite-only member creation and password setup flow
- Enhanced Login with password visibility and real-time validation
- Added safe delete confirmation modal and custom Toast notifications
Adds initial backend API endpoints for fetching users and attendances, including basic filtering. Sets up the frontend routing with a layout component and includes placeholder pages for dashboard, users, and login. Refactors the README for local development setup.
