Core Models
The core models provide the foundation for Wrkbelt's multi-tenant architecture, authentication, authorization, and file management systems.
Core Entity Relationship Diagram
Key Features
Multi-tenancy
- Organizations serve as tenants
- In the future, unique subdomains for each organization will serve their own public customer-facing app
- Data isolation through organization context
Authentication & Authorization
- Session-based authentication
- Role-based access control (RBAC)
- Granular permissions system
- Context-based access (organization/workspace)
Email Verification
- Users must verify their email address before accessing protected resources
- Verification emails sent via
TemporaryLinkwithEMAIL_VERIFICATIONtype (24-hour expiration) User.email_verification.verified_attracks verification timestamp- Unverified users are redirected to verification pending page on login
- Rate limiting prevents abuse (cooldowns + hourly limits via Redis)
File Management
- Secure file storage with AWS S3
- Access level controls
- Lifecycle management
- Temporary access links
Email System
- Template-based emails
- Multiple recipients (to, cc, bcc)
- Attachment support
- Status tracking
Design Principles
-
Security First
- Secure password hashing
- Email verification required for access
- Role-based access control
- File access controls
- Session-based authentication
-
Data Integrity
- Mongoose schema validation
- Required fields enforcement
- Relationship integrity
- Status tracking
-
Scalability
- Efficient indexes
- Optimized queries
- Proper data relationships
-
Maintainability
- Consistent naming conventions
- Clear documentation
- Status tracking
- Error handling