June 2025 Monthly Summary for 101-Coconsulting/TC3005B.501 projects Key deliverables by area: - Frontend authentication, session management, and security enhancements: Consolidated authentication improvements, session handling, JWT usage, token propagation, login/logout UX, and development-time security hardening to deliver secure, seamless user sessions across client and server. Representative commits include: fix: cookies (f3ed87a4e21144dea0e18bb1f0a1382ee3808f85), fix: cookies and login (81846e8e42755874b1360c1f2f93e18e4b43ab32), fetch: jwt request (e45592cd28bdca22d5edd9bab041006a1e002144), feat: update api client to use autocerts (db1e855a9850150cf7af3c4b31f8dd7ee3c883b6). - Travel Request Data Flow Improvement: Refactored TravelRequestForm to use an explicit user_id prop instead of cookies, improving data flow, testability, and reliability of travel request creation, drafting, and confirmation. Representative commit: feat: add login page (4ce3e70306d1e0cd89b41c555be0753babd6b8a8). - Expense Receipt and Approval Workflow: UI/workflow enhancements for receipts, including an approval modal, modal wrapper refactor, FinishRequestButton activation when all receipts are reviewed, plus re-upload capabilities. Representative commits: fix: button color (758b3e2aba55ebac4ad80952b0e21a78e1c0eeff), feat: button (volver a subit) if state is (rechazado) (258d118bab062009d6b0d6782a5e399baecdcb77), fix: add (resubir comprobante) (8af40214c84bae5cbf4640c109b83f863632120a). - File Uploads and Downloads Security and Validation: Token-based secure file uploads, fix default XML path for uploads, and validate file types; adjust download links to environment-based API base URL for reliability. Representative commits: fix: error upload pdf and xdm build (c4e06834f112a08d6122d0e0d10c5dccf29e5899), that the user can upload any type of document (a8862d048e804cad865001274ec84cb74a5ac4bd), updated download (6231ffe4d9fccb0e54aa4ca8f37e03b463b7a10b). - End-to-End Tests for Request and Authentication Flows: Cypress-based end-to-end tests covering login, logout, request ID identification, navigation to request details, and status validation to ensure core flows work as expected. Representative commit: feat: add cypress test 107 (aa4ea87c8ef9129ceea04b8516079d8af5150014). Backend updates across the same period: - User Authentication and Session Management with Cookie-based Auth: Implemented cookie-based login with multiple HTTP-only cookies (token, role, username, user ID, department ID), configured CORS for credentials and allowed origins, integrated cookie-parser, and added a logout endpoint to clear session cookies while enforcing httpOnly on user cookies. Representative commits: feat: updated and added login cookies (bc24949a4d806d1aca13238989214f3153a5ea6c), added logout endpoint (189ebc687718bb3b9bd8b2236a64f315a45fd3e9), updated userController httpOnly (09cee26d0c31583147f5cb2d8cd0c1f3e86f80e2). Overall impact and accomplishments: - Strengthened security and resilience of user sessions across frontend and backend, reducing risk and improving user experience with seamless authentication and logout flows. - Improved data integrity and testability for travel requests, enabling faster validation and lower regression risk. - Streamlined expense workflows with robust approvals and re-upload capabilities, shortening cycle times. - Hardened file handling and download reliability, supporting enterprise-grade usage with environment-aware routing. - Expanded automated test coverage (Cypress) to validate core flows, increasing confidence in releases. Technologies and skills demonstrated: - Frontend: React/TypeScript patterns, JWT-based authentication, token propagation, UI modals, environment-based API base URL usage, and Cypress-based end-to-end testing. - Backend: Cookie-based authentication with httpOnly cookies, CORS with credentials, logout endpoints, and cookie-parser integration. - Testing and quality: End-to-end test coverage for auth and request flows, plus testability improvements across data structures. Notes: This summary reflects key work items and representative commits across frontend and backend during June 2025, focusing on business value, reliability, and security.

May 2025 monthly summary for 101-Coconsulting/TC3005B.501-Frontend. This month focused on delivering core frontend capabilities that unlock secure access, streamlined workflow, and reliable development data, while stabilizing the development environment with robust data handling fixes. Key business value was delivered through secure user onboarding, scalable travel approvals, and end-to-end expense processing with data integrity. Key features delivered: - User Authentication System: Implemented a new login page and form component; handles username/password submission, token storage, and redirects to dashboard on success. Commits include: 48af5bf3bf8a2e6da0742e771225f3f922065f44 (feat: added login form and page). - Travel Request Approval and Verification UI: Centralized travel request approval actions with a reusable TravelRequestActionWrapper; added verification view (Comprobaciones) and client-only wrapper adjustments. Commits include: 6b440ce386953bf9d05f4a9e0db664e3da3a43ae (feat: added TravelRequestActionWrapper and fixed RequestApproval); dec804f56c0e8b3d909db4081e2b2ee48ad1d9d3 (fix: some changes); 112ff06eece5ccd3a3379a149bd095d5648769a9 (feat: add comprobaciones pages). - Expense Management and Verification: Introduced expense receipts management, verification workflow, and travel expense file uploads (PDF/XML) with validations and UI components. Commits include: e77ac1c90a2736ac0d60a41b34804e299908f80d (feat: add comprobantes); 6b7a432a56bac026eab79a3c32b759b4456dfe88 (feat: ExpensesForm added); ad5132130f36eeaff9e8c333fabfee66f7b49648 (feat: add conection to upload psf and xml to mongo (only works on the branch 230 backend)); 7af50f95b632d0879622faac9a7dcf13e6550c3d (feat: add conection to upload psf and xml to mongo (only works on the branch 230 backend)); 29c4c13d6273e500ed20962f2eedf5b4f103c8c6 (fix: correction of alert to send expeses form); ea870a8f315a81dbbb011ba5b7ead15d1f9c73df (fix: correction of alert to send expeses form). - Data Handling and Dummy Data Fixes: Resolved data handling issues and inconsistencies in development dummy data (e.g., user-request-2). Commits include: 7416e6a6f67b9910c9920eaa210442500c28f796 (fix: dummy data user-request-2); c1e2a79defa119aa3283a6ee1498158800d09995 (fix: data).

April 2025 focused on advancing UI consistency, component reusability, and role-based user experiences in the frontend repository. Delivered three core features with a design-system-first approach, enabling faster development and better alignment with design specs.