feat: Add 12 enhancements - security, testing, UX, API docs, real-time, search, dark mode

Phase 1 - Security:
- Rate limiting middleware (auth, API routes)
- Input validation with express-validator
- Password reset flow (forgot/reset endpoints)
- Token refresh and logout endpoints

Phase 2 - Testing:
- Jest + Supertest + mongodb-memory-server setup
- Auth, tasks, and projects controller tests (25 tests)

Phase 3 - UX:
- Toast notification system (ToastContext + Toast component)
- Settings page with profile editing and password change

Phase 4 - API Documentation:
- Swagger/OpenAPI setup at /api-docs
- JSDoc annotations for auth routes

Phase 5 - Real-time:
- Socket.io server with JWT auth
- SocketContext for frontend real-time updates

Phase 6 - Search & Analytics:
- Global search endpoint (tasks, projects, users)
- SearchBar component with debounced search
- Reports page with sprint velocity charts

Phase 7 - UI:
- Dark mode with ThemeContext and CSS variables
- Keyboard shortcuts component (Ctrl+K for search)

Author: DevITJAX

DIAGRAMS.md

@@ -0,0 +1,121 @@
+// Architecture Trois Tiers - FlowOps
+// Compiler avec: dot -Tpng architecture_diagram.dot -o architecture_diagram.png
+// Ou: dot -Tsvg architecture_diagram.dot -o architecture_diagram.svg
+
+digraph ArchitectureTroisTiers {
+    // Configuration générale
+    graph [
+        rankdir=TB
+        splines=ortho
+        nodesep=0.8
+        ranksep=1.0
+        bgcolor="white"
+        fontname="Arial"
+        label=<<B>Architecture Trois Tiers</B>>
+        labelloc=t
+        fontsize=20
+    ]
+    
+    node [
+        shape=box
+        style="filled,rounded"
+        fontname="Arial"
+        fontsize=12
+        margin="0.3,0.2"
+    ]
+    
+    edge [
+        fontname="Arial"
+        fontsize=10
+        color="#333333"
+    ]
+    
+    // ===========================================
+    // COUCHE PRÉSENTATION
+    // ===========================================
+    subgraph cluster_presentation {
+        label=<<B>Couche Présentation</B>>
+        labelloc=t
+        style="rounded,filled"
+        fillcolor="#E3F2FD"
+        color="#1976D2"
+        fontcolor="#1976D2"
+        fontsize=14
+        
+        presentation [
+            label=<<TABLE BORDER="0" CELLBORDER="0" CELLSPACING="0">
+                <TR><TD><B>Présentation</B></TD></TR>
+                <TR><TD> </TD></TR>
+                <TR><TD>React + Vite + Nginx</TD></TR>
+            </TABLE>>
+            fillcolor="#BBDEFB"
+            color="#1976D2"
+        ]
+    }
+    
+    // ===========================================
+    // COUCHE MÉTIER
+    // ===========================================
+    subgraph cluster_metier {
+        label=<<B>Couche Métier</B>>
+        labelloc=t
+        style="rounded,filled"
+        fillcolor="#E8F5E9"
+        color="#388E3C"
+        fontcolor="#388E3C"
+        fontsize=14
+        
+        metier [
+            label=<<TABLE BORDER="0" CELLBORDER="0" CELLSPACING="0">
+                <TR><TD><B>Métier</B></TD></TR>
+                <TR><TD> </TD></TR>
+                <TR><TD>Node.js + Express.js</TD></TR>
+            </TABLE>>
+            fillcolor="#C8E6C9"
+            color="#388E3C"
+        ]
+    }
+    
+    // ===========================================
+    // COUCHE DONNÉES
+    // ===========================================
+    subgraph cluster_donnees {
+        label=<<B>Couche Données</B>>
+        labelloc=t
+        style="rounded,filled"
+        fillcolor="#FFF3E0"
+        color="#F57C00"
+        fontcolor="#F57C00"
+        fontsize=14
+        
+        donnees [
+            label=<<TABLE BORDER="0" CELLBORDER="0" CELLSPACING="0">
+                <TR><TD><B>Données</B></TD></TR>
+                <TR><TD> </TD></TR>
+                <TR><TD>Azure Cosmos DB (MongoDB)</TD></TR>
+            </TABLE>>
+            fillcolor="#FFE0B2"
+            color="#F57C00"
+            shape=cylinder
+        ]
+    }
+    
+    // ===========================================
+    // CONNEXIONS
+    // ===========================================
+    presentation -> metier [
+        label="  HTTPS / REST API  "
+        dir=both
+        style=bold
+        color="#1976D2"
+        fontcolor="#1976D2"
+    ]
+    
+    metier -> donnees [
+        label="  MongoDB Protocol  "
+        dir=both
+        style=bold
+        color="#388E3C"
+        fontcolor="#388E3C"
+    ]
+}

architecture_diagram.dot

@@ -0,0 +1,66 @@
+// Architecture Trois Tiers - Version Simple
+// Pour LaTeX: dot2texi ou directement avec graphviz
+// Compiler: dot -Tpng architecture_simple.dot -o architecture_simple.png
+
+digraph Architecture {
+    // Configuration
+    graph [
+        rankdir=TB
+        splines=line
+        nodesep=0.5
+        ranksep=0.8
+        bgcolor="transparent"
+        fontname="Helvetica"
+        label="Architecture Trois Tiers"
+        labelloc=t
+        fontsize=16
+    ]
+    
+    node [
+        shape=box
+        style="filled"
+        fontname="Helvetica"
+        fontsize=11
+        width=3
+        height=0.6
+    ]
+    
+    edge [
+        fontname="Helvetica"
+        fontsize=10
+    ]
+    
+    // Noeuds
+    presentation [
+        label="Présentation : React + Vite + Nginx"
+        fillcolor="#E3F2FD"
+    ]
+    
+    protocol1 [
+        label="↓ HTTPS / REST API"
+        shape=plaintext
+        fillcolor="transparent"
+    ]
+    
+    metier [
+        label="Métier : Node.js + Express.js"
+        fillcolor="#E8F5E9"
+    ]
+    
+    protocol2 [
+        label="↓ MongoDB Protocol"
+        shape=plaintext
+        fillcolor="transparent"
+    ]
+    
+    donnees [
+        label="Données : Azure Cosmos DB (MongoDB)"
+        fillcolor="#FFF3E0"
+    ]
+    
+    // Connexions (invisibles pour garder l'ordre)
+    presentation -> protocol1 [style=invis]
+    protocol1 -> metier [style=invis]
+    metier -> protocol2 [style=invis]
+    protocol2 -> donnees [style=invis]
+}

architecture_simple.dot

@@ -0,0 +1,88 @@
+const { Server } = require('socket.io');
+const jwt = require('jsonwebtoken');
+const User = require('../models/User');
+
+let io;
+
+const initializeSocket = (server) => {
+    io = new Server(server, {
+        cors: {
+            origin: process.env.FRONTEND_URL || 'http://localhost:5173',
+            methods: ['GET', 'POST'],
+            credentials: true
+        }
+    });
+
+    // Authentication middleware
+    io.use(async (socket, next) => {
+        try {
+            const token = socket.handshake.auth.token;
+            if (!token) {
+                return next(new Error('Authentication required'));
+            }
+
+            const decoded = jwt.verify(token, process.env.JWT_SECRET);
+            const user = await User.findById(decoded.id);
+
+            if (!user) {
+                return next(new Error('User not found'));
+            }
+
+            socket.user = user;
+            next();
+        } catch (err) {
+            next(new Error('Invalid token'));
+        }
+    });
+
+    io.on('connection', (socket) => {
+        console.log(`User connected: ${socket.user.name} (${socket.id})`);
+
+        // Join user's personal room
+        socket.join(`user:${socket.user._id}`);
+
+        // Join project rooms
+        socket.on('join:project', (projectId) => {
+            socket.join(`project:${projectId}`);
+            console.log(`${socket.user.name} joined project: ${projectId}`);
+        });
+
+        socket.on('leave:project', (projectId) => {
+            socket.leave(`project:${projectId}`);
+            console.log(`${socket.user.name} left project: ${projectId}`);
+        });
+
+        socket.on('disconnect', () => {
+            console.log(`User disconnected: ${socket.user.name}`);
+        });
+    });
+
+    return io;
+};
+
+const getIO = () => {
+    if (!io) {
+        throw new Error('Socket.io not initialized');
+    }
+    return io;
+};
+
+// Helper functions to emit events
+const emitToProject = (projectId, event, data) => {
+    if (io) {
+        io.to(`project:${projectId}`).emit(event, data);
+    }
+};
+
+const emitToUser = (userId, event, data) => {
+    if (io) {
+        io.to(`user:${userId}`).emit(event, data);
+    }
+};
+
+module.exports = {
+    initializeSocket,
+    getIO,
+    emitToProject,
+    emitToUser
+};

backend/config/socket.js

@@ -0,0 +1,84 @@
+const swaggerJsDoc = require('swagger-jsdoc');
+
+const options = {
+    definition: {
+        openapi: '3.0.0',
+        info: {
+            title: 'FlowOps API',
+            version: '1.0.2',
+            description: 'Project Management API - Jira-like task and project management system',
+            contact: {
+                name: 'FlowOps Team'
+            }
+        },
+        servers: [
+            {
+                url: 'http://localhost:3001/api',
+                description: 'Development server'
+            }
+        ],
+        components: {
+            securitySchemes: {
+                bearerAuth: {
+                    type: 'http',
+                    scheme: 'bearer',
+                    bearerFormat: 'JWT'
+                }
+            },
+            schemas: {
+                User: {
+                    type: 'object',
+                    properties: {
+                        id: { type: 'string' },
+                        name: { type: 'string' },
+                        email: { type: 'string', format: 'email' },
+                        role: { type: 'string', enum: ['admin', 'project_manager', 'member'] }
+                    }
+                },
+                Project: {
+                    type: 'object',
+                    properties: {
+                        _id: { type: 'string' },
+                        name: { type: 'string' },
+                        key: { type: 'string' },
+                        description: { type: 'string' },
+                        status: { type: 'string', enum: ['planned', 'in_progress', 'completed'] },
+                        owner: { type: 'string' },
+                        members: { type: 'array', items: { type: 'string' } },
+                        createdAt: { type: 'string', format: 'date-time' }
+                    }
+                },
+                Task: {
+                    type: 'object',
+                    properties: {
+                        _id: { type: 'string' },
+                        title: { type: 'string' },
+                        description: { type: 'string' },
+                        taskKey: { type: 'string' },
+                        type: { type: 'string', enum: ['task', 'bug', 'story', 'epic', 'subtask'] },
+                        status: { type: 'string', enum: ['todo', 'doing', 'review', 'done'] },
+                        priority: { type: 'string', enum: ['lowest', 'low', 'medium', 'high', 'highest'] },
+                        storyPoints: { type: 'number' },
+                        project: { type: 'string' },
+                        assignee: { type: 'string' },
+                        reporter: { type: 'string' },
+                        createdAt: { type: 'string', format: 'date-time' }
+                    }
+                },
+                Error: {
+                    type: 'object',
+                    properties: {
+                        success: { type: 'boolean', example: false },
+                        message: { type: 'string' }
+                    }
+                }
+            }
+        },
+        security: [{ bearerAuth: [] }]
+    },
+    apis: ['./routes/*.js']
+};
+
+const swaggerSpec = swaggerJsDoc(options);
+
+module.exports = swaggerSpec;