Merge branch 'release/1.2.0'

Author: yurisldk

.env

@@ -0,0 +1,4 @@
+API_URL=http://localhost:3000/api
+PORT=30402
+BASE_URL=http://localhost:30402
+TEST_UTILS_TOKEN=foo.bar.baz

.env.development

@@ -0,0 +1,4 @@
+API_URL=http://localhost:30400/api
+PORT=80
+BASE_URL=http://localhost:80
+TEST_UTILS_TOKEN=foo.bar.baz

.env.production

@@ -44,7 +44,7 @@ module.exports = {
   },
   overrides: [
     {
-      files: ['src/shared/lib/test/**/*.{js,ts,jsx,tsx}'],
+      files: ['src/shared/lib/test/**/*.{js,ts,jsx,tsx}', 'cypress.config.ts', 'cypress/**'],
       rules: {
         'import/no-extraneous-dependencies': ['off'],
       },

.eslintrc.js

@@ -45,7 +45,7 @@ jobs:
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          password: ${{ secrets.GHCR_PAT }}
 
       - name: Build and Push Docker image
         uses: docker/build-push-action@v5

.github/workflows/release-pipeline.yml

@@ -50,7 +50,6 @@ report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 # Runtime data
 pids
 *.pid
-*.seed
 *.pid.lock
 
 # Directory for instrumented libs generated by jscoverage/JSCover

.gitignore

@@ -1,5 +1,20 @@
 # Versions
 
+## 1.2.0 (2025-06-29)
+
+### 🚀 Features
+
+- Added Cypress end-to-end testing framework with comprehensive user flow tests
+- Introduced data-test attributes for improved testability
+- Enabled strict null checks in TypeScript configuration for better type safety
+- Refactored environment variable management for clarity and multi-env support
+- Enhanced test support and coverage across UI components
+
+### 🐛 Bug Fixes
+
+- Fixed Docker login action to use GHCR_PAT instead of GITHUB_TOKEN
+- Minor CI/CD and workflow improvements
+
 ## 1.1.1 (2025-06-15)
 
 ### 🐛 Bug Fixes

CHANGELOG.md

@@ -1,35 +1,62 @@
 # 🙌 RealWorld example app 🍰 Feature-Sliced Design
 
-This codebase containing real world examples (CRUD, auth, advanced patterns, etc) that adheres to the [RealWorld](https://github.com/gothinkster/realworld) spec and API. Powered by [FSD (Feature-Sliced Design)](https://feature-sliced.github.io/documentation) architectural methodology.
+A modern implementation of the [RealWorld](https://github.com/gothinkster/realworld) app using [FSD (Feature-Sliced Design)](https://feature-sliced.github.io/documentation), React, TypeScript, and a contemporary frontend stack.
 
 ![Realworld example app](./logo.gif)
 
----
+## About the Project
 
-[![TypeScript][shields-typescript-domain]](https://www.typescriptlang.org/)
-[![Webpack][shields-webpack-domain]](https://webpack.js.org/)
-[![Jest][shields-jest-domain]](https://jestjs.io/)
-[![React][shields-react-domain]](https://react.dev/)
-[![React Router][shields-react-router-domain]](https://reactrouter.com/)
-[![React Query][shields-react-query-domain]](https://tanstack.com/query/v4/)
-[![Redux][shields-redux-domain]](https://redux.js.org/)
-[![Zod][shields-zod-domain]](https://zod.dev/)
-[![Feature-Sliced Design][shields-fsd-domain]](https://feature-sliced.github.io/documentation/)
-
-## Features
+This project is an educational and demonstration Medium-clone built with the Feature-Sliced Design (FSD) architectural approach and modern frontend tools. It is suitable for learning, experimentation, and as a template for large-scale applications.
 
 ![Preview][preview-domain]
 
-The example application is a social blogging site (i.e. a Medium.com clone) called "Conduit". It uses a custom API for all requests, including authentication.
-
-### Advanced Features
-
-- **Lazy Loading for React Components and React Router** – Components and routes are dynamically loaded only when needed, improving initial load times and optimizing performance.
-- **React Suspense** – Used for handling asynchronous component loading, providing a smooth user experience while waiting for data to load.
-- **Error Boundaries** – Ensures the application remains stable by catching JavaScript errors in component trees and displaying fallback UIs instead of crashing the app.
-- **Optimistic Updates with React Query** – Provides an enhanced user experience by updating the UI immediately before waiting for the server response, making interactions feel faster.
-- **Lazy Loading for Redux Slices** – Dynamically loads Redux slices when required, reducing the initial bundle size and improving app efficiency.
-- **Zod Validation for Backend Responses** – Ensures API responses adhere to expected structures using Zod contracts, improving reliability and preventing unexpected runtime errors.
+## Tech Stack
+
+- **React** 18+
+- **TypeScript**
+- **Feature-Sliced Design (FSD)**
+- **React Router**
+- **React Query**
+- **Redux Toolkit**
+- **React Hook Form**
+- **Webpack**
+- **Jest** (unit tests)
+- **Cypress** (e2e tests)
+- **Zod** (schema validation)
+- **CSS Modules**
+
+## Project Structure
+
+- `src/` — application source code
+  - `app/` — app initialization, routing, providers
+  - `pages/` — application pages (home, article, login, register, settings, 404, etc.)
+  - `widgets/` — large widgets (article feed, comments, etc.)
+  - `features/` — business features (authentication, articles, comments, etc.)
+  - `entities/` — business entities (article, comment, profile, etc.)
+  - `shared/` — reusable modules, utilities, UI components, API
+- `public/` — static files
+- `build/` — production build output
+- `coverage/` — test coverage reports
+- `cypress/` — e2e tests
+
+## Advanced Features
+
+- **Code Splitting & Lazy Loading** - React components and routes are loaded on demand, reducing initial bundle size and improving performance.
+- **React Suspense & Concurrent Features** - Handles asynchronous loading and leverages modern React features for a smoother user experience.
+- **Error Boundaries & Centralized Error Logging** - Prevents app crashes by catching JavaScript errors in component trees and displaying fallback UIs, with centralized error reporting.
+- **Optimistic UI Updates & Data Prefetching (React Query)** - Instantly updates the UI before server confirmation, prefetches and caches data for fast, responsive interactions.
+- **Dynamic Redux Slices** - Loads Redux slices only when needed, optimizing bundle size and state management.
+- **Type-Safe API Layer with Axios** - Centralized, strongly-typed API requests and error handling.
+- **Zod-based API Validation** - Validates backend responses with Zod schemas, ensuring data consistency and type safety.
+- **React Hook Form Integration** - Efficient, scalable form state management with validation and error display.
+- **Role-based Access & Permissions** - Permission checks for UI and API actions.
+- **Comprehensive Testing** - Includes unit (Jest) and e2e (Cypress) tests, with tag-based selection, custom commands, and coverage reports.
+- **CI/CD Integration** - Automated testing, linting, and formatting in the pipeline for reliable delivery.
+- **Environment-based Configuration** - Supports multiple environments via `.env` files and runtime variables.
+- **Feature-Sliced Design Architecture** - Strict adherence to FSD for scalable, maintainable code.
+- **Custom ESLint & Prettier Rules** - Enforced code style, import order, and formatting for consistency.
+- **Bundle Analysis & Dependency Graphs** - Visual tools for analyzing bundle size and module dependencies.
+- **Hot Module Replacement & Fast Refresh** - Instant feedback during development for a seamless DX.
 
 ### Dependency Graph
 
@@ -39,105 +66,57 @@ The example application is a social blogging site (i.e. a Medium.com clone) call
 
 ![Bundle Analyze][bundle-analyze-domain]
 
-**General functionality:**
-
-- Authenticate users via JWT (login/signup pages + logout button on settings page)
-- CRU- users (sign up & settings page - no deleting required)
-- CRUD Articles
-- CR-D Comments on articles (no updating required)
-- GET and display paginated lists of articles
-- Favorite articles
-- Follow other users
-
 ## Scripts
 
-- **`yarn start`** - Runs the Webpack development server with `webpack serve`, using development mode.
-- **`yarn build:dev`** - Compiles the project in development mode using Webpack.
-- **`yarn build:prod`** - Compiles the project in production mode using Webpack for optimized output.
-- **`yarn analyze`** - Builds the project in development mode and enables Webpack Bundle Analyzer for visualizing bundle contents.
-- **`yarn test`** - Runs Jest to execute unit tests.
-- **`yarn eslint`** - Runs ESLint to lint the `src` directory, automatically fixing issues and ensuring no unused disable directives remain.
-- **`yarn prettier`** - Formats the entire project using Prettier, respecting `.gitignore` rules.
-- **`yarn prepare`** - Initializes Husky and sets up pre-commit and pre-push Git hooks.
+- **`yarn start`** - Launches the Webpack development server with hot module replacement.
+- **`yarn build:dev`** - Builds the project in development mode.
+- **`yarn build:prod`** - Builds the project in production mode with optimizations.
+- **`yarn analyze`** - Builds and opens the Webpack Bundle Analyzer for bundle inspection.
+- **`yarn test`** - Runs all unit tests with Jest.
+- **`yarn eslint`** - Lints and auto-fixes code in the `src` directory.
+- **`yarn prettier`** - Formats the codebase using Prettier.
 - **`yarn graph`** - Generates a dependency graph of the `src` directory using `dependency-cruiser`.[^1]
+- **`yarn cy:open`** - Opens the Cypress UI for interactive e2e testing.
+- **`yarn cy:run`** - Runs all Cypress e2e tests in headless mode.
+- **`yarn prepare`** - Sets up Husky git hooks for pre-commit and pre-push.
+- **`yarn db:seed:dev`** - Seeds the development database via backend API.
+- **`yarn db:seed:prod`** - Seeds the production database via backend API.
 
 [^1]:
     This assumes the GraphViz `dot` command is available - on most linux and
     comparable systems this will be. In case it's not, see
     [GraphViz' download page](https://www.graphviz.org/download/) for instructions
     on how to get it on your machine.
 
-## Git Hooks and Formatting
-
-This project uses **Husky** and **lint-staged** to enforce code quality before commits and pushes.
-
-### Git hooks configured:
-
-- **pre-commit** – Runs ESLint and Prettier on staged files
-- **pre-push** – Runs `yarn test` to ensure tests pass before pushing
-
-### Formatting Commit
-
-The entire codebase has been formatted using ESLint and Prettier.
-To avoid noisy blame history caused by formatting-only changes, the formatting commit hash is listed in `.git-blame-ignore-revs`.
-
-To configure your local Git to ignore formatting-only commits in blame:
-
-```bash
-git config blame.ignoreRevsFile .git-blame-ignore-revs
-```
-
-## Getting started
-
-To get the frontend running locally:
-
-1. Clone this repo
-2. `yarn install` to install all the dependencies defined in a `package.json` file.
-3. `yarn start` to start webpack dev server.
-
-## 🧪 Demo Environment
-
-You can run both the frontend (this repo) and the backend ([node-express-realworld-example-app](https://github.com/yurisldk/node-express-realworld-example-app)) together using Docker Compose.
-
-A demo setup is available in [`ops/deploy/demo`](./ops/deploy/demo), which includes preconfigured services:
-
-- Frontend (React app)
-- Backend API (Node.js + Express + Prisma)
-- PostgreSQL database
-- PgAdmin for DB inspection
-
-### Run the fullstack demo
-
-Make sure Docker is installed, then from the project root run:
+## Demo Environment
 
-```bash
-docker-compose -f ops/deploy/demo/docker-compose.yml --env-file ops/deploy/demo/.env up --build -d
-```
+A ready-to-use demo environment is provided for running both the frontend (this repo) and the backend ([node-express-realworld-example-app](https://github.com/yurisldk/node-express-realworld-example-app)) together using Docker Compose.
 
-Once started, you can access:
+The setup in [`ops/deploy/demo`](./ops/deploy/demo) includes preconfigured services:
 
-- Frontend: http://localhost:30401
-- API: http://localhost:30400
-- PgAdmin: http://localhost:30433
+- **frontend** — React-based frontend client
+- **api** — Node.js/Express backend API with Prisma and PostgreSQL
+- **db** — PostgreSQL database for persistent storage
+- **pgadmin** — Admin UI for managing PostgreSQL
 
-## Backend Setup
+### Usage
 
-This project is fully compatible with my **[RealWorld Express + Prisma](https://github.com/yurisldk/node-express-realworld-example-app)** backend implementation.
+1. A `.env` file is already provided in the demo directory. No extra setup is needed.
+2. Start the environment:
+   ```bash
+   docker-compose -f ops/deploy/demo/docker-compose.yml --env-file ops/deploy/demo/.env up --build -d
+   ```
+3. Access the services:
+   - Frontend: <http://localhost:30401>
+   - API: <http://localhost:30400>
+   - PgAdmin: <http://localhost:30433>
 
-To set up the backend:
+**Notes:**
 
-1. Follow the installation instructions in the [RealWorld Express + Prisma repository](https://github.com/yurisldk/node-express-realworld-example-app).
-2. Ensure the backend is running locally or deployed.
+- PostgreSQL data is persisted via named volumes.
+- Images are pulled from GitHub Container Registry (GHCR).
+- On ARM-based systems (e.g., Apple Silicon), ensure Docker supports `linux/amd64` platform.
 
-[shields-react-router-domain]: https://img.shields.io/badge/React_Router-CA4245?style=for-the-badge&logo=react-router&logoColor=white
-[shields-react-query-domain]: https://img.shields.io/badge/-React%20Query-FF4154?style=for-the-badge&logo=react%20query&logoColor=white
-[shields-typescript-domain]: https://img.shields.io/badge/typescript-%23007ACC.svg?style=for-the-badge&logo=typescript&logoColor=white
-[shields-fsd-domain]: https://img.shields.io/badge/Feature--Sliced-Design?style=for-the-badge&color=F2F2F2&labelColor=262224&logoWidth=10&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAaCAYAAAC3g3x9AAAACXBIWXMAAALFAAACxQGJ1n/vAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAABISURBVHgB7dKxCQAgDETR0w2cws0cys2cwhEUBbsggikCuVekDHwSQFlYo7Q+8KnmtHdFWMdk2cl5wSsbxGSZw8dm8pX9ZHUTMBUgGU2F718AAAAASUVORK5CYII=
-[shields-react-domain]: https://img.shields.io/badge/react-%2320232a.svg?style=for-the-badge&logo=react&logoColor=%2361DAFB
 [dependency-graph-domain]: ./dependency-graph-preview.svg
 [preview-domain]: ./preview.gif
 [bundle-analyze-domain]: ./bundle-analyze.png
-[shields-webpack-domain]: https://img.shields.io/badge/Webpack-8DD6F9?style=for-the-badge&logo=Webpack&logoColor=white
-[shields-jest-domain]: https://img.shields.io/badge/Jest-C21325?style=for-the-badge&logo=jest&logoColor=white
-[shields-redux-domain]: https://img.shields.io/badge/Redux-593D88?style=for-the-badge&logo=redux&logoColor=white
-[shields-zod-domain]: https://img.shields.io/badge/Zod-000000?style=for-the-badge&logo=zod&logoColor=3068B7

README.md

@@ -0,0 +1,93 @@
+import cypressGrepPlugin from '@cypress/grep/src/plugin';
+import axios from 'axios';
+import { defineConfig } from 'cypress';
+import * as dotenv from 'dotenv';
+
+dotenv.config({ path: `.env.${process.env.NODE_ENV}` });
+
+export default defineConfig({
+  e2e: {
+    baseUrl: process.env.BASE_URL,
+    async setupNodeEvents(_on, config) {
+      cypressGrepPlugin(config);
+
+      const isRunMode = config.isTextTerminal;
+      if (isRunMode) {
+        const tags = getTagsForEnv();
+        if (tags) {
+          config.env.grepTags = tags.join(' ');
+          config.env.grepFilterSpecs = true;
+        }
+      }
+
+      try {
+        const user = await createE2ETestUser();
+        config.env.testUser = user;
+        return config;
+      } catch (error) {
+        console.error('[setupNodeEvents] Failed to create test user:', error);
+        throw error;
+      }
+    },
+    env: {
+      apiUrl: process.env.API_URL,
+    },
+  },
+});
+
+async function createE2ETestUser() {
+  const id = Date.now();
+  const userPayload = {
+    username: `e2e_user_${id}`,
+    email: `e2e_user_${id}@example.com`,
+    password: 'testpassword123',
+  };
+
+  try {
+    const response = await axios.post(
+      `${process.env.API_URL}/users`,
+      { user: userPayload },
+      {
+        headers: {
+          'Content-Type': 'application/json',
+        },
+      },
+    );
+
+    return {
+      ...response.data.user,
+      password: userPayload.password,
+    };
+  } catch (error) {
+    console.error('[createE2ETestUser] error:', error.response?.data || error.message);
+    throw error;
+  }
+}
+
+const TAGS_BY_ENV = {
+  preview: ['@smoke', '@access'],
+  develop: ['@functional', '@destructive', '@access'],
+  stage: ['@functional', '@destructive', '@access', '@prod-safe'],
+  prod: ['@smoke', '@prod-safe', '@access'],
+} as const;
+
+function getTagsForEnv() {
+  const env = process.env.CYPRESS_ENV;
+  if (!env) {
+    throw new Error(
+      '[cypress.config] CYPRESS_ENV is not defined. Set it to one of: preview, develop, stage, prod, debug',
+    );
+  }
+
+  if (env === 'debug') {
+    return null;
+  }
+
+  const tags = TAGS_BY_ENV?.[env as keyof typeof TAGS_BY_ENV];
+  if (!tags) {
+    throw new Error(
+      `[cypress.config] Unknown CYPRESS_ENV "${env}". Set it to one of: preview, develop, stage, prod, debug`,
+    );
+  }
+  return tags;
+}

cypress.config.ts

@@ -0,0 +1,20 @@
+describe('Access Control Flow', { tags: ['@access'] }, () => {
+  const protectedRoutes = ['/editor', '/settings'];
+
+  protectedRoutes.forEach((route) => {
+    it(`should redirect unauthenticated user from ${route} to /login`, () => {
+      cy.logout();
+      cy.visit(route);
+      cy.url().should('include', '/login');
+    });
+  });
+
+  it('should allow access to protected routes after login', () => {
+    cy.loginByApi();
+    cy.visit('/editor');
+    cy.getByTest('article-title-input').should('be.visible');
+
+    cy.visit('/settings');
+    cy.getByTest('settings-form').should('be.visible');
+  });
+});