Internal reference
For pauliemarket.com engineers building the platform, client dashboard, and mobile apps. Not for external distribution.
Architecture
Repositories & key paths
| Path | Role |
|---|---|
dashboard_v2/routes/api.php | Canonical route list — update external docs when this changes |
dashboard_v2/app/Http/Controllers/Api/V1/PaulieMarketConsoleController.php | Pool/ticket/payment logic |
dashboard_v2/app/Http/Controllers/Api/V1/AuthController.php | Login, client credentials, profile |
dashboard_v2/app/Services/PaulieMarketOrganizationContext.php | Org resolution (subdomain, header, query) |
client_dashboard_v1/src/api/client.js | Reference API consumer |
pauliemarket.com/docs/PLATFORM_REFERENCE.md | Product/business model (not API) |
pauliemarket.com/external/ | This documentation site |
dashboard_v2/docs/TENANT_ROLLOUT.md | Per-club DB provisioning |
Local setup
Laravel API
cd dashboard_v2
composer install
cp .env.example .env
php artisan key:generate
php artisan migrate
php artisan db:seed
php artisan passport:install
php artisan serve
.env highlights:
PaulieMarket_CORS_ORIGINS=http://localhost:5173PaulieMarket_TENANT_BASE_DOMAIN=— set for subdomain tenant routingPaulieMarket_PASSWORD_CLIENT_SECRET/PaulieMarket_SERVICE_CLIENT_SECRET— optional fixed OAuth secrets
Client dashboard
VITE_API_URL=http://127.0.0.1:8000/api
VITE_OAUTH_CLIENT_ID=1 # from oauth_clients table
Demo data
php artisan pauliemarket:fresh-demo
Permission matrix
| Permission / gate | Effect |
|---|---|
pauliemarket_access | All authenticated /v1/pauliemarket/* read routes |
pauliemarket_manage | Platform-wide write (assign, fund, settle) + bypass org admin check |
pauliemarket.org.manage middleware | Org membership role admin or owner, OR pauliemarket_manage |
user_management_access | Bots list, trade history, late90s analytics |
trading:read | /v1/trading/* operator API (separate from pauliemarket product) |
Seeded roles: admin and operator have pauliemarket_access + pauliemarket_manage; viewer is read-only.
Regression script: dashboard_v2/scripts/test_pauliemarket_authorization.php
Multi-tenant rollout
Organizations can use a dedicated MySQL database (pauliemarket_club_{slug}) for member PII while the platform registry stays on pauliemarket_platform. See dashboard_v2/docs/TENANT_ROLLOUT.md for:
php artisan pauliemarket:provision-tenant {slug}- Subdomain routing via
PaulieMarket_TENANT_BASE_DOMAIN - Demo tenant credentials
Flask mirror (dev only)
api/pauliemarket_console.py serves /api/pauliemarket/* from pauliemarket_data/platform.json with no authentication. Path prefix differs from Laravel (/api/pauliemarket/ vs /api/v1/pauliemarket/).
/api/v1/* only.
Testing
php dashboard_v2/scripts/test_pauliemarket_authorization.php— 19 auth/permission checks- Manual: login as
admin@pauliemarket.comandclient@pauliemarket.comvia client dashboard - Partner contract: diff
routes/api.phpagainstpauliemarket.com/external/v1/index.htmlwhen shipping API changes
Future: OpenAPI
Generate pauliemarket.com/external/openapi/pauliemarket-v1.yaml from Laravel routes for Postman import (aligned with Future Ticketing partner workflow).
Maintaining external docs
- Route added/changed → update
pauliemarket.com/external/v1/index.html - Auth or org behavior changed → update
howto.htmlandmobile.html - Product model changed → update
pauliemarket.com/docs/PLATFORM_REFERENCE.md(separate from API docs) - Deploy static
pauliemarket.com/external/to CDN (e.g.external.pauliemarket.com)