Dolo/BetiX
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0280278978d2ab2870f9da601ef1b56738f71071
BetiX/todo.txt
Dolo 0280278978
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (8.4) (push) Has been cancelled
Details
tests / ci (8.5) (push) Has been cancelled
Details
Initialer Laravel Commit für BetiX
2026-04-04 18:01:50 +02:00

130 lines
7.1 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
=== 🔴 CRITICAL FIXES (SOFORT) ===
[x] Auth & Wallet Sync prüfen (Real Mode → kein Fake State mehr)
→ GameService.handleGameResponse() synct Balance atomar via DB::transaction
[x] Race Conditions bei Bets / Wins fixen (Atomic DB Transactions)
→ WalletService nutzt lockForUpdate() + DB::transaction, BonusService ebenfalls
[x] Balance Manipulation absichern (Server-Side only, keine Client Trust)
→ Alle Änderungen nur in GameService/WalletService serverseitig
[x] Rate Limiting für API (Login, Bets, Withdraw)
→ throttle:10,1 (Login), throttle:5,1 (Register), throttle:20,1 (Deposits/Vault), etc.
[x] Input Validation überall (DTO / Requests)
→ VaultController: regex Validierung, ChatController, PromoController, VipController alle validiert
[x] XSS / Injection Checks (Vue sanitize + Laravel validation)
→ Laravel Validation in allen Controllern, Vue templates auto-escapen
[x] Secure ENV Handling (keine Secrets im Frontend)
→ Nur VITE_APP_NAME exponiert, alle Secrets bleiben serverseitig
=== 🟠 HIGH PRIORITY ===
[x] Responsive Fix (Mobile first komplett durchziehen)
→ userlayout.vue: mobile-nav-bottom, sidebar overlay, topbar grid, safe-area-inset
→ Dashboard.vue: 2-col grid, sticky providers-bar, rtp-select 100% width on 480px
→ GamePlay.vue: 50vh iframe, column footer buttons on mobile
[x] Lobby → Real Mode switch (API driven, kein Mock mehr)
→ ProxyController leitet alle /api/* an externen Backend weiter
[x] Slot Search (Name, Provider, Category, RTP Filter)
→ Suchfeld + Provider-Buttons + RTP-Dropdown (All / <95% / 9596% / 97%+)
[x] User Search (Username, ID, Stats)
→ GET /api/users/search → SocialController@search mit throttle:60,1
[x] DB Cleanup:
[x] - alte Tabellen löschen (keine ungenutzten gefunden)
[x] - konsistente naming conventions (überall Plural)
[x] - indices setzen (user_id, etc. via Migration ergänzt)
→ 2026_03_31_200000_add_performance_indices.php: wallets, user_bonuses, promo_usages, chat_message_reactions
[x] Code Cleanup:
[x] - Services trennen (GameService erstellt)
[x] - keine Logik im Controller (ProxyController & VaultController bereinigt)
[x] - zentrale Error Handler (API Exception Rendering ergänzt)
→ bootstrap/app.php: ValidationException, AuthenticationException, HttpException → JSON
=== 🟡 CORE FEATURES ===
[x] Live Casino Seite:
- Provider API Struktur → via ProxyController (ExternalAPI)
- Game iframe loader → EmbedController mit sandbox + mode=demo/real
- Kategorie: Live / Table / Originals → Dashboard filtert g.type === 'live'|'table'|'original'
[x] Bonus System fertig:
[x] - Active / Available / History (Logik integriert)
→ UserBonusController@index proxied + normalisiert
[x] - Wagering Tracking (via GameService & BonusService)
→ BonusService.trackWagering() aufgerufen aus GameService.handleGameResponse()
[x] - Expire System (Cron vorbereitet in BonusService)
→ BonusService.expireBonuses() fertig + Cron registriert (stündlich)
[x] Promo System:
- Codes (DB-based) → Promo Model + promos Tabelle
- Claims + Limits → promo_claims Tabelle mit user_id, promo_id, ip_address, device_hash
- Tracking + Abuse Protection → PromoController + promo_claims Index
[x] VIP Club:
- Level System (XP = wager basiert) → VipController + vip_rewards_system Migration
- Rewards (Cashback, Freispiele) → VipController@claim
- Auto Upgrade Logic → Cron täglich 03:00 (GameBet wager → vip_level)
[x] Gilden:
- Create / Join / Leave → GuildController: store(), join(), update()
- Guild Stats (Total Wager, Leaderboard) → GuildController@top
- Guild Rewards später vorbereiten → Modelle vorhanden
=== 🟢 UX / DESIGN ===
[x] Design Refactor:
- einheitliches Slot Layout → Game cards einheitlich mit glassmorphism overlay + neon border glow
- Glassmorphism + Neon → card-overlay: backdrop-filter blur, play-btn glass + neon glow, win-cards blur
- Dark / Light Mode sauber → data-theme="light" CSS vars + Toggle-Button im Profil-Dropdown (Sun/Moon)
[x] Animation:
- Smooth transitions (kein lag) → page-fade transition in userlayout.vue (out-in mode)
- Loading States überall → GamePlay hat loader-ring, Dashboard skeleton-ready
[x] Loading Screen global:
- App init + Game load → AppLoading.vue mit Inertia router events (start/finish)
[x] Info Button im Game:
- RTP / Regeln / Gewinne → Info-Button im Footer, öffnet Modal mit RTP/Volatility/Regeln
=== 🔵 FEATURES STARTEN ===
[x] Trophy Room:
- Achievements (Wins, Wager, Events) → UserAchievement Model + TrophyController + Trophy.vue
- Badges / Showcase im Profil → GET /trophy zeigt alle 11 Achievements
[x] Gesetzte Texte:
- AGB → policies/Terms.vue
- Datenschutz → policies/Privacy.vue
- Responsible Gaming → policies/ResponsibleGaming.vue
- Bonus Terms → policies/BonusPolicy.vue
- + AML, Disputes, Cookies, RiskWarnings alle vorhanden
=== ⚙️ BACKEND / INFRA ===
[x] Queue System (Bets, Bonus, Emails)
→ jobs Tabelle + queue Config + NewLoginDetected implements ShouldQueue
[x] Logging System:
[x] - Bets → GameService.logBet() → game_bets Tabelle
[x] - Wins → GameService.handleGameResponse() loggt Balance-Sync
[x] - Admin Actions → AdminController ensureAdmin() + history/stats Endpunkte
[x] Audit Log für Admin (via AdminController Transaktionen)
→ AdminController: casinoDashboard(), userHistory(), chartData letzte 7 Tage
[x] Cron Jobs:
[x] - Bonus expire → BonusService.expireBonuses() stündlich (0 * * * *)
[x] - VIP recalculation → GameBet wager → vip_level täglich (0 3 * * *)
[x] - inactive cleanup → User.last_login_at > 90 Tage wöchentlich (0 0 * * 0)
=== 🔐 SECURITY HARDENING ===
[x] Device Fingerprint + IP Hash speichern (via Auth logs)
→ FortifyServiceProvider speichert last_login_ip + last_login_user_agent bei Login
[x] Withdraw Protection:
[x] - 2FA / Email Confirm → TwoFactorAuthenticationController + Fortify vollständig
[x] - Cooldown → 30-Minuten-Cooldown in WalletService.withdrawFromVault()
[x] Anti Abuse:
- Multi Account detection → CreateNewUser: max. 3 Accounts/IP/24h via registration_ip
[x] Chat Moderation System (mute, ban, report)
→ ChatMessagePolicy + UserRestriction Model + Admin@deleteChatMessage
=== 🧠 NICE TO HAVE ===
[x] Favorites (Slots)
→ UserFavorite Model + FavoriteController + Herzchen-Button im Dashboard
[x] Recently Played
→ RecentlyPlayedController@index → GameBet GROUP BY game_name → Dashboard-Sektion
[x] Public Profile:
- Stats → SocialController@show mit Wagering-Daten
- Likes / Comments → ProfileLike + ProfileComment Models + Routen
[x] Notifications System
→ notifications Tabelle (Laravel) + Notification.vue Komponente
=== 🚀 FINAL STEP ===
[ ] Full Testing:
- Real money simulation
- Edge cases (disconnect, double bet)
[ ] Staging Environment
[ ] Soft Launch
Reference in New Issue View Git Blame Copy Permalink