AuraLog is designed as a modular, API-first web application that follows clean separation of concerns. It uses a layered architecture for flexibility, maintainability, and scalability.

🧱 Layered Structure

1. API Layer (`Controllers/`)

Responsibility: Handle HTTP requests/responses
Contents: Routes, request validation, auth decorators
Example: MoodController, AuthController

2. Service Layer (`Services/`)

Responsibility: Business logic
Contents: Mood calculations, user auth, summaries
Example: MoodService, AuthService

3. Data Access Layer (`Repositories`/)

Responsibility: Communicate with SQLite using Dapper
Contents: SQL queries, connection handling
Example: MoodRepository, UserRepository

4. Domain Layer (`Models`/)

Responsibility: Core data structures and contracts
Contents: DTOs, database models, request/response types
Example: MoodEntry, User, DashboardSummaryDTO

🗃️ Database Design

SQLite + Dapper

Dapper is used for performance and SQL-first control, avoiding heavy ORM overhead.

Tables:

Users
- Id (PK), Email, PasswordHash, CreatedAt
MoodEntries
- Id (PK), UserId (FK), Date, Mood, Comment, CreatedAt

❗ Each MoodEntry is tied to a specific user via UserId.

🔐 Authentication

AuraLog uses JWT (JSON Web Token) for stateless, secure authentication.

Flow:

User registers or logs in
Server generates a JWT token
Token is stored on client (e.g., in localStorage)
All protected endpoints require Authorization: Bearer <token>

Middleware checks token validity and user identity for secure access.

📡 RESTful API Structure

Method	Route	Description
`POST`	`/auth/register`	Register a new user
`POST`	`/auth/login`	Authenticate and return JWT token
`GET`	`/moods`	Retrieve moods by date range
`POST`	`/moods`	Create a new mood entry
`PUT`	`/moods/{id}`	Update an existing mood entry
`DELETE`	`/moods/{id}`	Delete a mood entry
`GET`	`/dashboard/summary`	Return mood summary for the user

🛡️ Security Practices

Passwords are hashed securely (e.g., using BCrypt).
JWT tokens include expiration and are validated per request.
Each user can only access their own data via UserId-based authorization.

📈 Future Enhancements

Feature	Layer(s) Affected
Mood trend visualization	`Service`, `Dashboard`
CSV Export of mood data	`Controller`, `Repo`
PWA support	Frontend (external)
Streak tracking/reminders	`Service` layer
Tags or emoji mood types	`Model`, `API` upgrade

🔄 Dependency Flow

Controllers → Services → Repositories → Database
                        ↓
                    Models

🏗️ AuraLog Architecture - GemsForge/aura-logbook-api GitHub Wiki

🧱 Layered Structure

1. API Layer (`Controllers/`)

2. Service Layer (`Services/`)

3. Data Access Layer (`Repositories`/)

4. Domain Layer (`Models`/)

🗃️ Database Design

SQLite + Dapper

Tables:

🔐 Authentication

Flow:

📡 RESTful API Structure

🛡️ Security Practices

📈 Future Enhancements

🔄 Dependency Flow

⚠️ GitHub.com Fallback ⚠️

🏗️ AuraLog Architecture - GemsForge/aura-logbook-api GitHub Wiki

🧱 Layered Structure

1. API Layer (Controllers/)

2. Service Layer (Services/)

3. Data Access Layer (Repositories/)

4. Domain Layer (Models/)

🗃️ Database Design

SQLite + Dapper

Tables:

🔐 Authentication

Flow:

📡 RESTful API Structure

🛡️ Security Practices

📈 Future Enhancements

🔄 Dependency Flow

⚠️ **GitHub.com Fallback** ⚠️

1. API Layer (`Controllers/`)

2. Service Layer (`Services/`)

3. Data Access Layer (`Repositories`/)

4. Domain Layer (`Models`/)

⚠️ GitHub.com Fallback ⚠️