# Current State > **Purpose:** Quick-reference file showing exactly where the project stands. > **For Claude Code:** Read this first to understand what's done and what's next. > **Last Updated:** February 14, 2026 --- ## Active Phase: Phase 2.5 - Step Library Foundation (In Progress) --- ## What's Complete ### Backend (100%) - FastAPI project structure with 25+ API endpoints - PostgreSQL database with Docker, 30+ Alembic migrations - User authentication (JWT, register, login, refresh, logout, invite codes) - Refresh token rotation with JTI-based revocation - Trees CRUD with full-text search (FTS index) - Sessions tracking with decisions, outcomes, and variables - Export API (Markdown, Text, HTML) - Role-based access control (super_admin, team_admin, engineer, viewer) - Production-ready logging with correlation IDs - 100+ integration tests - Rate limiting on auth endpoints (disabled in DEBUG) - Audit log table with JSONB details - Soft delete for trees with cascade cleanup ### Frontend (Phase 2 Complete) - React 19 + Vite + TypeScript + Tailwind setup - Authentication UI (login, register) - Tree library/browsing page with grid/list/table views - Tree navigation interface (session player) - Session management with history and detail pages - Export functionality (download) - **Tree Editor** — Form-based with visual preview, Zustand + immer + zundo (undo/redo) - **Markdown rendering** in session player and node editor - **Monochrome Design System** — Dark-only, glass-morphism cards, Inter font, theme toggle removed - **Tree Organization** — Categories, tags (autocomplete), user folders (3-level hierarchy), filters - **RBAC & Permissions** — `usePermissions` hook, ProtectedRoute with role guards, permission-based UI hiding - **Session Scratchpad** — Floating overlay (Ctrl+/), auto-save, markdown preview - **Admin Panel** — 8 pages (dashboard, users, invite codes, audit logs, plan limits, feature flags, settings, categories) - **Session Quick Wins** (Issues #51-#55): - Session timer (`useSessionTimer` hook, MM:SS / HH:MM:SS) - Keyboard hints (Tab focuses notes) - Repeat Last Session (prefills metadata from localStorage) - Session auto-recovery (resume incomplete sessions) - Copy step to clipboard - Delete tree button in all view modes - **Session Outcomes** — Outcome modal on session completion, step timing tracking - **Settings page** at `/settings` — Default export format preference - **Session Sharing** — ShareSessionModal, SharedSessionPage (`/shared/sessions/:token`), MySharesPage (`/my-shares`), share link copy/manage from navigation page - **Procedural Editor UX** — Section headers as first-class step type, "More Options" collapsible for advanced fields, URL intake field type, improved tag input (comma/semicolon/Tab delimiters) - **Type-aware Routing** — Centralized `getTreeNavigatePath` helper, procedural sessions route to `/flows/:id/navigate`, resume support in procedural navigator, safety redirect in troubleshooting navigator ### Security Hardening (Phases A-D Complete) - Registration role hardcoded to `engineer` - HTML export XSS fix (html.escape) - Secret key validator (rejects default when DEBUG=False) - Role CHECK constraint on users table - Tree access check on session start - Centralized permissions in `permissions.py` - `is_active` field on User model, enforced in auth - Admin user management endpoints (6 endpoints) - Refresh token rotation with JTI-based revocation - Password complexity validation (uppercase, lowercase, digit, min 10 chars) - Soft delete cascade cleanup (folder/tag junctions) - SQL wildcard escaping in tag search ### Backend Schema Features (Not Yet in Frontend) - **Tree Forking** (migration 022) — `parent_tree_id`, `root_tree_id`, `fork_depth`, `fork_reason` - **Tree Sharing** (migration 024) — tree share links - **Enhanced Invite Codes** (migration 030) — email, assigned_plan, trial_duration_days ### Documentation - CLAUDE.md (project context for Claude Code) - LESSONS-LEARNED.md (bugs and fixes reference) - Design system guide, component examples - Feature specifications through Phase 4 - Rebrand implementation guide --- ## What's In Progress | Task | Status | Notes | |------|--------|-------| | Step Library Frontend | In Progress | Backend complete, frontend UI pending | | Procedural Flows Lifecycle | In Progress | Resume support done, full run chooser/reuse pending | | Tree Forking UI | Planning | Backend schema complete (migration 022) | --- ## What's Next (Priority Order) ### Immediate (Phase 2.5 Completion) 1. Step Library Frontend UI (browse, search, rate/review) 2. Procedural Flows run lifecycle (RunChooserModal, intake reuse/prefill) 3. Tree Forking UI and workflow ### Soon (Phase 3) - File attachments for sessions - Offline capability - Client context system - Advanced analytics dashboard ### Later (Phase 4) - PSA integrations (ConnectWise, Kaseya) - PowerShell automation framework - Enterprise features (SSO, white-label) --- ## Environment Quick Reference ### Start Development ```powershell docker start patherly_postgres cd backend && .\venv\Scripts\activate && uvicorn app.main:app --reload cd frontend && npm run dev ``` ### URLs - Frontend: http://localhost:5173 - Backend API: http://localhost:8000 - API Docs: http://localhost:8000/api/docs ### Run Tests ```powershell cd backend && pytest --override-ini="addopts=" ``` --- ## Blockers / Known Issues | Issue | Workaround | Status | |-------|------------|--------| | pytest-asyncio version conflict | Use 0.24.0 | Documented | | No local psql on Windows | Use `docker exec` | Documented |