From 57d6de62f28258dfc040dcb977aa846e4fc65b63 Mon Sep 17 00:00:00 2001
From: mikestefanello <552328+mikestefanello@users.noreply.github.com>
Date: Sun, 20 Apr 2025 13:56:00 -0400
Subject: [PATCH] Updated readme.

---
 README.md | 31 +++++++++++++++++++++++++++----
 1 file changed, 27 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 94362e4..d2f62e8 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,8 @@
     * [Screenshots](#screenshots)
 * [Getting started](#getting-started)
   * [Dependencies](#dependencies)
+  * [Getting the code](#getting-the-code)
+  * [Create an admin account](#create-an-admin-account)
   * [Start the application](#start-the-application)
   * [Live reloading](#live-reloading)
 * [Service container](#service-container)
@@ -39,6 +41,7 @@
   * [Login / Logout](#login--logout)
   * [Forgot password](#forgot-password)
   * [Registration](#registration)
+  * [Admins](#admins)
   * [Authenticated user](#authenticated-user)
     * [Middleware](#middleware)
   * [Email verification](#email-verification)
@@ -72,6 +75,7 @@
   * [Node caching](#node-caching)
   * [Flash messaging](#flash-messaging)
 * [Pager](#pager)
+* [Admin panel](#admin-panel)
 * [Cache](#cache)
   * [Set data](#set-data)
   * [Get data](#get-data)
@@ -145,17 +149,24 @@ Originally, Postgres and Redis were chosen as defaults but since the aim of this
 
 Ensure that [Go](https://go.dev/) is installed on your system.
 
-### Start the application
+### Getting the code
 
-After checking out the repository, from within the root, simply run `make run`:
+Start by checking out the repository. Since this repository is a _template_ and not a Go _library_, you **do not** use `go get`.
 
 ```
 git clone git@github.com:mikestefanello/pagoda.git
 cd pagoda
-make run
 ```
 
-Since this repository is a _template_ and not a Go _library_, you **do not** use `go get`.
+### Create an admin account
+
+In order to access the [admin panel](#admin-panel), you must log in with an admin user and in order to create your first admin user account, you must use the command-line. Execute `make admin EMAIL=your@email.com` from the root of the codebase, and an admin account will be generated using that email address. The console will print the randomly-generated password for the account.
+
+Once you have one admin account, you can use that account to manage other users and admins from within the UI.
+
+### Start the application
+
+From within the root of the codebase, simply run `make run`.
 
 By default, you should be able to access the application in your browser at `localhost:8000`. Your data will be stored within the `dbs` directory. If you ever want to quickly delete all data, just remove this directory.
 
@@ -174,6 +185,7 @@ The container is located at `pkg/services/container.go` and is meant to house al
 - Configuration
 - Database
 - Files
+- Graph
 - Mail
 - ORM
 - Tasks
@@ -343,6 +355,11 @@ The actual registration of a user is not handled within the `AuthClient` but rat
 
 A route is provided for the user to register at `user/register`.
 
+
+### Admins
+
+A checkbox field has been added to the `User` entity type to indicate if the user has admin access. If your app requires a more robust authorization system, such as roles and permissions, you could easily replace this field and adjust all usage of it accordingly. If a user has this field checked, they will be able to access the [admin panel](#admin-panel). [Middleware](#middleware) is provided to easily restrict access to routes based on admin status.
+
 ### Authenticated user
 
 The `AuthClient` has two methods available to get either the `User` entity or the ID of the user currently logged in for a given request. Those methods are `GetAuthenticatedUser()` and `GetAuthenticatedUserID()`.
@@ -353,6 +370,8 @@ Registered for all routes is middleware that will load the currently logged in u
 
 If you wish to require either authentication or non-authentication for a given route, you can use either `middleware.RequireAuthentication()` or `middleware.RequireNoAuthentication()`.
 
+If you wish to restrict a route to admins only, you can use `middleware.RequireAdmin`.
+
 ### Email verification
 
 Most web applications require the user to verify their email address (or other form of contact information). The `User` entity has a field `Verified` to indicate if they have verified themself. When a user successfully registers, an email is sent to them containing a link with a token that will verify their account when visited. This route is currently accessible at `/email/verify/:token` and handled by `pkg/handlers/auth.go`.
@@ -815,6 +834,10 @@ Methods include:
 
 There is currently no generic component to easily render a pager, but the homepage does have an example.
 
+## Admin panel
+
+// TODO
+
 ## Cache
 
 As previously mentioned, the default cache implementation is a simple in-memory store, backed by [otter](https://github.com/maypok86/otter), a lockless cache that uses [S3-FIFO](https://s3fifo.com/) eviction. The `Container` houses a `CacheClient` which is a useful wrapper to interact with the cache (see examples below). Within the `CacheClient` is the underlying store interface `CacheStore`. If you wish to use a different store, such as Redis, and want to keep using the `CacheClient`, simply implement the `CacheStore` interface with a Redis library and adjust the `Container` initialization to use that.