Goods Inventory follows a classic three-tier architecture — a React SPA (single-page application) in the browser, a Flask REST API as the middle tier, and a MySQL database as persistent storage. Each tier has a clearly defined responsibility: the frontend handles user interaction and state, the API enforces business logic and authentication, and the database provides durable, relational storage for all inventory data.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/AndresLopezCorrales/Goods-Inventory/llms.txt
Use this file to discover all available pages before exploring further.
High-level flow
The diagram below traces the path of a typical public lookup — a user searching for a responsible party by name:User enters a name in the browser
The React SPA renders the
BuscadorResponsables component. As the user types, the frontend fires a request to the Flask API.GET /api/responsables/buscar
The request hits the Home blueprint. No authentication is required. The query string carries the search term, e.g.
?name=Martinez.MySQL query executes
SQLAlchemy translates the lookup into a
SELECT against the responsible table, filtering rows whose name column matches the search term.JSON response returned
The API serialises the matching rows using each model’s
to_dict() method and returns a JSON array to the browser.Backend structure
The Flask application is bootstrapped inside acreate_app() factory in main.py. On startup it:
- Loads
.envvariables — database credentials, server host, JWT secret, and token expiry are all read from environment variables, keeping secrets out of source control. - Creates the MySQL database if it doesn’t already exist, using a server-level connection before the app database URI is configured.
- Initialises SQLAlchemy by binding the
dbinstance to the app and callingdb.create_all()to materialise any missing tables. - Imports Excel data —
load_excel_data()seeds theareasandarticulostables from bundled.xlsfiles on the first run. - Registers blueprints — route modules are attached via
register_blueprints(), keeping the factory function clean. - Configures CORS and JWT — all origins are permitted for API routes, and JWT access tokens are issued with a configurable expiry window.
main.py
Blueprint organization
Routes are split into two blueprints based on whether they require authentication.Home blueprint (public)
These endpoints are accessible without a JWT token and power the read-only public interface:| Method | Endpoint | Description |
|---|---|---|
GET | /api/responsables/buscar | Search for responsible parties by name |
GET | /api/ubicaciones/{id} | Retrieve locations for a given responsible |
GET | /api/items/{id} | Retrieve items assigned to a location |
POST | /api/revisiones | Submit a new revision record |
Admin blueprint (JWT-protected)
These endpoints require a validAuthorization: Bearer <token> header and are used exclusively by the admin dashboard:
| Method | Endpoint | Description |
|---|---|---|
POST | /api/login | Authenticate and receive a JWT access token |
GET | /api/admin/responsables/buscar | Admin-scoped responsible search |
GET | /api/admin/ubicaciones/buscar | Admin-scoped location search |
GET | /api/admin/responsables/{id}/ubicaciones | List locations for a specific responsible (admin view) |
GET | /api/admin/items/{id} | Retrieve items assigned to a location (admin view) |
GET | /api/admin/locations/{id}/revisions | List all revisions for a location (admin view) |
Frontend routing
The React application uses React Router v6 and defines the following client-side routes inApp.jsx:
| Path | Component | Access |
|---|---|---|
/ | BuscadorResponsables | Public — the main search landing page |
/ubicaciones/:responsableId | Ubicaciones | Public — lists locations for a responsible |
/items/:ubicacionId | Items | Public — lists items within a location |
/admin | AdminPage | Public — login form for administrators |
/dashboard | Dashboard | Protected — admin home after login |
/admin/responsable/:id | AdminResponsablesUbicacion | Protected — manage a responsible’s locations |
/admin/ubicacion/:id_location | AdminUbicacionRevisiones | Protected — manage revisions for a location |
All admin routes (such as
/dashboard, /admin/responsable/:id, and /admin/ubicacion/:id_location) check for a JWT token in localStorage on mount. If no token is found, the router immediately redirects the user to /admin to log in.