# 📋 GoHorse Jobs - Tarefas Lista detalhada de tarefas para evitar retrabalho. > **Last Updated:** 2026-02-16 --- ## ✅ Recentemente Concluído ### 2024-12-26 - [x] **Email System** - Backend: EmailService (LavinMQ producer) - NestJS: Email consumer + Nodemailer - Migrations: email_settings, email_templates - [x] **Email Templates Admin UI** - Frontend: `/dashboard/admin/email-templates` - CRUD: List, Create, Edit, Delete - [x] **Avatar Upload** - Backend: StorageService (pre-signed URLs) - Migration: avatar_url column - Frontend: profileApi.uploadAvatar - [x] **Public Job Posting** - Frontend: `/jobs/new` page - 3-step wizard (Company + Job + Confirm) - [x] **Documentation** - BACKEND.md reescrito completo - BACKOFFICE.md reescrito completo - API_SECURITY.md atualizado - ROADMAP.md atualizado ### 2024-12-25 - [x] Profile page fixes (500 error) - [x] Type mismatches resolved - [x] Comprehensive logging added ### 2024-12-24 - [x] Ticket system integration - [x] Settings page (Theme, Logo) - [x] Chat tables (Appwrite) - [x] System settings table --- ## 🔥 Sprint Atual ### Backend - [ ] AI matching algorithm - [ ] Webhook sistema ### Frontend - [ ] PWA manifest - [ ] Service worker - [ ] Offline support ### Backoffice - [ ] Revenue reports - [ ] User analytics - [ ] Export features ### Adiado (fora do escopo por enquanto) - [ ] Video interviews endpoint --- ## 🚧 Não Fazer (Evitar Retrabalho) > ⚠️ **IMPORTANTE:** Estas tarefas NÃO devem ser feitas pois já foram resolvidas. | Tarefa | Motivo | |--------|--------| | Criar core_companies | REMOVIDO - Usar `companies` | | Criar core_users | REMOVIDO - Usar `users` | | Email via API direta | REMOVIDO - Usar LavinMQ queue | | Avatar upload direto | REMOVIDO - Usar pre-signed URLs | | psql para migrations | REMOVIDO - Usar `go run ./cmd/manual_migrate` | --- ## 📝 Notas de Implementação ### IDs do Banco - **UUID v7:** users, companies, jobs, applications, notifications, tickets - **SERIAL:** regions, cities, job_posting_prices ### Autenticação - Backend: JWT em HttpOnly cookie OU Authorization header - Frontend: Usa cookies automaticamente - Backoffice: Suporta ambos (Bearer e Cookie) ### Senhas - BCrypt com 10 rounds - PASSWORD_PEPPER obrigatório em produção - Hash: `bcrypt.hash(password + PEPPER, 10)` ### Uploads - Pre-signed URLs via `/api/v1/storage/upload-url` - Direct upload to S3/R2 - Update profile with key via PATCH ### Emails ``` Go Backend → Publish to LavinMQ (mail_queue) ↓ NestJS → Consume → Fetch template → Render → Send ``` --- ## 🔗 Referências - [DATABASE.md](DATABASE.md) - Schema do banco - [ROADMAP.md](ROADMAP.md) - Roadmap geral - [API_SECURITY.md](API_SECURITY.md) - Segurança - [DEVOPS.md](DEVOPS.md) - Infraestrutura - [MCP_INTEGRATION.md](MCP_INTEGRATION.md) - Integração MCP via JSON - [UNIFIED_STATUS.md](UNIFIED_STATUS.md) - Consolidação de status e pendências --- ## ✅ Verificação de Pendências (2026-03-09) Status conferido na branch `dev`: - Sprint atual permanece em aberto: - AI matching algorithm - Webhook sistema - PWA manifest - Service worker - Offline support - Revenue reports - User analytics - Export features - Itens adiados: - Video interviews endpoint