rhl-lieferscheine/Docs/PLANS.md

Project Plans

Current Phase

• Phase: pre-launch v2 hardening and rollout preparation
• Goal: replace the currently used v1 with a more reliable and operationally safer v2

Known Direction

• Move the repository into GitLab and establish a repeatable CI/CD pipeline.
• Introduce HTTPS via reverse proxy so secure cookie-based authentication works without workarounds.
• Harden MongoDB and auth-related security paths for production rollout.
• Add basic operational observability without turning the project into an oversized platform effort.
• Keep UI and DX polish focused on proven user value.

Near-Term Priorities

• RHL-011 Production HTTPS and reverse proxy
• RHL-031 Backend auth security hardening
• RHL-010 CI/CD workflow
• RHL-013 MongoDB hardening and production settings
• RHL-014 Observability, logging, and basic monitoring
• If infrastructure work is blocked, fall back to RHL-039, RHL-036, RHL-035, RHL-033, RHL-034, and RHL-040

Future Considerations

• RHL-028 admin UX scaling only if real daily pain points appear.
• Password Reset Phase B if there is a real business need for a token/email-based reset flow.
• Any environment model beyond main and production should stay minimal and justified.