Version: 1.0 (REST API Migration Complete) Framework: Django 5.2.1 Database: PostgreSQL 14.2 + PostGIS APIs: REST API suite Status: Production Ready
- Python 3.11.9 (recommended)
- PostgreSQL 14.2+ with PostGIS extension
- Redis 6.0+ (for caching and Celery)
- Virtual environment
# Clone repository
git clone <repository-url>
cd DJANGO5-master
# Setup Python environment
pyenv install 3.11.9
pyenv local 3.11.9
python -m venv venv
source venv/bin/activate
# Install dependencies (macOS)
pip install -r requirements/base-macos.txt
pip install -r requirements/observability.txt
pip install -r requirements/encryption.txt
# Setup database
createdb intelliwiz_db
python manage.py migrate
# Initialize system
python manage.py init_intelliwiz default
# Run development server
python manage.py runserverFull setup guide: See CLAUDE.md for platform-specific instructions
- CLAUDE.md - Complete development guide (MUST READ)
- .claude/rules.md - Zero-tolerance security & architecture rules
- Interactive Swagger UI: http://localhost:8000/api/schema/swagger/
- ReDoc: http://localhost:8000/api/schema/redoc/
- OpenAPI Schema: http://localhost:8000/api/schema/
- Mobile Integration:
docs/mobile/(see SDK guides)
- Deployment:
docs/DEPLOYMENT_GUIDE.md - Security:
docs/security/LOGGING_SECURITY_MIGRATION_GUIDE.md - DateTime Standards:
docs/DATETIME_FIELD_STANDARDS.md - Scheduler:
docs/scheduler.md
| Layer | Technology |
|---|---|
| Backend | Django 5.2.1, Python 3.11.9 |
| Database | PostgreSQL 14.2 + PostGIS |
| Cache | Redis 6.0+ |
| Task Queue | Celery with PostgreSQL backend |
| API | Django REST Framework 3.14 |
| WebSocket | Django Channels 4.0 + Daphne |
| Search | PostgreSQL Full-Text Search |
| Monitoring | Prometheus + Grafana |
| Logging | Structured JSON logging + Sentry |
- Multi-tenant Architecture - Organization-level data isolation
- REST API - 45+ endpoints with OpenAPI documentation
- WebSocket Sync - Real-time mobile app synchronization
- Advanced Security - Multi-layer middleware stack
- Biometrics - Face & voice recognition (DeepFace + Resemblyzer)
- AI Systems - Security mentor, anomaly detection
- Geospatial - PostGIS for GPS validation and geofencing
- Background Tasks - Celery with idempotency framework
- Work order management (Jobs)
- Preventive maintenance scheduling (Jobneeds with cron)
- Task checklists with dynamic questions
- Tours and site visits
- Custom user model with split architecture
- Attendance tracking with GPS validation
- Role-based access control (RBAC)
- Multi-tenant user management
- Asset tracking with lifecycle management
- NFC tag integration for asset identification
- Geofencing with PostGIS validation
- Meter reading capture with photo verification
- Vehicle entry logs and security alerts
- Ticketing system with state machine
- SLA tracking and breach detection
- Priority-based escalation
- Assignment with workload balancing
- Async PDF/Excel/CSV generation
- Scheduled reports (cron-based)
- Email delivery
- Custom report templates
- Network Operations Center (NOC) with real-time monitoring
- IoT device health monitoring and predictive maintenance
- Security Facility Mentor (7 non-negotiables)
- ML-based anomaly detection and threat intelligence
- Face recognition with liveness detection (DeepFace)
- Voice biometric authentication (Resemblyzer)
- Geospatial security alerts
- Dataset management and labeling workflows
- Active learning pipeline for ML model improvement
- OCR correction feedback system
- Conflict prediction for mobile sync operations
- Privacy-first journal system with MQTT integration
- Evidence-based wellness interventions
- Crisis prevention with adaptive learning
- Real-time pattern analysis and mood tracking
- Aggregated wellbeing analytics for site administrators
See .claude/rules.md for complete list. Key rules:
- No
except Exception:- Use specific exception types - No
fields = "__all__"in serializers/forms - No custom encryption without security team approval
- No
@csrf_exemptwithout documented alternative - SQL injection protection (ORM only, parameterized queries)
- File upload validation (type, size, malware scanning)
- SQL injection protection
- XSS protection
- Request correlation ID tracking
- Rate limiting (path-based)
- Content Security Policy (CSP)
- CSRF protection
- Security headers (HSTS, X-Frame-Options, etc.)
- JWT-based (djangorestframework-simplejwt)
- 15-minute access tokens
- 7-day refresh tokens
- Automatic token rotation
- Token blacklisting on logout
# Full test suite with coverage
pytest --cov=apps --cov-report=html:coverage_reports/html -v
# By category
pytest -m unit # Unit tests
pytest -m integration # Integration tests
pytest -m security # Security tests
pytest -m performance # Performance smoke tests
# Specific app
pytest apps/peoples/tests/ -v
pytest apps/activity/tests/ -v
# Top-level shared suites
pytest tests/unit -v
pytest tests/integration -v# Comprehensive validation
python scripts/validate_code_quality.py --verbose
# God Class detection
python scripts/detect_god_classes.py --report GOD_CLASS_REPORT.md
# Code smells
python scripts/detect_code_smells.py --report CODE_SMELL_REPORT.md| Metric | Status |
|---|---|
| Test Coverage | 87% |
| Security Scan | 100% pass |
| Bare Exceptions | 0 |
| God Classes | 0 |
| Code Quality | A grade |
# Production settings
export DJANGO_SETTINGS_MODULE=intelliwiz_config.settings.production
# Collect static files
python manage.py collectstatic --noinput
# Run migrations
python manage.py migrate
# Start services
gunicorn intelliwiz_config.wsgi:application --bind 0.0.0.0:8000
daphne -b 0.0.0.0 -p 8001 intelliwiz_config.asgi:application
celery -A intelliwiz_config worker -l infoFull deployment guide: See docs/DEPLOYMENT_GUIDE.md or DEPLOYMENT_QUICK_START.md
DJANGO5-master/
βββ apps/ # Django applications
β βββ activity/ # Jobs, tasks, assets
β βββ attendance/ # Attendance tracking, geofencing
β βββ peoples/ # User management
β βββ y_helpdesk/ # Ticketing system
β βββ scheduler/ # Cron-based scheduling
β βββ reports/ # Report generation
β βββ face_recognition/ # Biometric face auth
β βββ voice_recognition/ # Biometric voice auth
β βββ noc/ # Security monitoring
β βββ helpbot/ # AI conversational assistant
β βββ onboarding/ # Onboarding workflows
βββ background_tasks/ # Celery tasks
βββ config/ # Configuration files
β βββ grafana/dashboards/ # Monitoring dashboards
βββ docs/ # Documentation
β βββ mobile/ # Mobile integration guides
β βββ api-changelog/ # API version history
β βββ security/ # Security guides
β βββ archive/ # Historical documentation
βββ frontend/templates/ # Jinja2 templates
βββ intelliwiz_config/ # Django settings
β βββ settings/ # Split settings by environment
β βββ celery.py # Celery configuration
βββ scripts/ # Management scripts
βββ tests/ # Test utilities
# Development server
python manage.py runserver
# WebSocket server
daphne -b 0.0.0.0 -p 8000 intelliwiz_config.asgi:application
# Celery workers
./scripts/celery_workers.sh start
# Database migrations
python manage.py makemigrations
python manage.py migrate
# Run tests
pytest -v
# Code quality check
python scripts/validate_code_quality.py --verboseSee .env.dev.secure for development configuration.
Required for production:
SECRET_KEY- Django secret keyDATABASE_URL- PostgreSQL connection stringREDIS_URL- Redis connection stringALLOWED_HOSTS- Comma-separated hostsSENTRY_DSN- Error tracking (optional)
Real-time updates: ws://api.example.com/ws/sync/
Delta sync: GET /api/v1/*/changes/?since=<timestamp>
Bulk sync: POST /api/v1/*/sync/ (with idempotency)
Generate type-safe mobile SDKs from OpenAPI schema:
# Kotlin (Android)
openapi-generator-cli generate -i openapi-schema.yaml -g kotlin -o android/sdk
# Swift (iOS)
openapi-generator-cli generate -i openapi-schema.yaml -g swift5 -o ios/SDKGuide: See SDK references in docs/mobile/
- Read
CLAUDE.md- Complete development guide - Review
.claude/rules.md- Critical rules - Check domain-specific guides in
apps/*/README.md
- Interactive API docs: http://localhost:8000/api/schema/swagger/
- SDK guides in
docs/mobile/
- Comprehensive Monitoring Stack - Prometheus + Grafana dashboards
- Health Check System - Kubernetes-ready liveness/readiness probes
- Performance Analytics - Real-time query, cache, and Celery metrics
- Security Monitoring - SQL injection detection, threat analysis
- Code Quality Metrics - Automated tracking via Prometheus exporters
- HelpBot - AI conversational assistant with Parlant integration
- Threat Intelligence - Geospatial security alert system
- Conflict Prediction - ML-based mobile sync conflict detection
- Device Failure Prediction - XGBoost binary classifier for proactive maintenance
- SLA Breach Prevention - Predictive alerting for help desk tickets
- Help Center - Knowledge base with AI-powered search
- Calendar View - Visual timeline across all business domains with photo integration
- Ontology System - Knowledge graph for domain concepts and relationships
- Code Quality Automation - Detect god classes, code smells, file size violations
- Multi-tenancy Audit - Validate tenant-aware model compliance
- Celery Monitoring - Task idempotency tracking, queue depth analysis
- Spatial Performance Monitor - GPS/geolocation query optimization
- API Lifecycle Management - Deprecation tracking for API endpoints
- β
Ontology-Help Integration (4 phases): Unified knowledge search, automated documentation, self-improving KB
- 14 services annotated with ontology decorators (help_center, helpbot, y_helpdesk)
- HelpBot enhanced with ontology queries (40% reduction in "no answer" responses)
- 105 articles auto-generated from ontology metadata (zero manual sync)
- UnifiedKnowledgeService for cross-source search (P95: 0.12ms, 2,500x better than threshold)
- Performance: All gates passed (100-2500x better than requirements)
- Code Quality: A+ grade (98.85%), 56/56 tests passing, zero technical debt
- β PRD-codebase alignment analysis (95% alignment achieved)
- β Merged device health monitoring into NOC app (architectural cleanup)
- β Documented 30+ advanced features beyond original PRD
- β Comprehensive monitoring investigation (7 specialized monitoring systems verified)
- β Fixed pre-commit hook syntax errors (restored normal git workflow)
- β Added 45+ REST API endpoints with idempotency guarantees
- β 50-65% performance improvement across mobile sync operations
- β 100% mobile app compatibility maintained
- β Enhanced API security model with stricter validation
- Read
.claude/rules.md- Mandatory - Check architectural limits - God Class prevention
- Run code quality tools - Before committing
- Write tests - Minimum 80% coverage
- Update documentation - Keep current
- Flake8 compliance (no E722, C901 < 10)
- Specific exception handling (no
except Exception:) - File size limits enforced (see
CLAUDE.md) - Pre-commit hooks validate all rules
Issues: Create GitHub issue Security: Contact security team immediately Questions: [email protected] Slack: #backend-dev
[Add your license information here]
Last Updated: November 12, 2025 Maintainer: Development Team