History

Adrian Flores Cortes 3d8bf17b72 docs(payments): Add Developer Guidelines (ST4.2.5) Comprehensive developer guidelines for payment system development. New Files: - docs/.../OQI-005-payments-stripe/DEVELOPER-GUIDELINES.md (900+ lines) - Complete reference for payment development - PCI-DSS compliance rules (DO's and DON'Ts) - Backend development guidelines - Frontend development guidelines - Testing guidelines (unit + E2E) - Common pitfalls and how to avoid them - Code review checklist - Deployment checklist - Troubleshooting guide - Examples and templates Sections: 1. Overview - Architecture summary, tech stack, compliance level 2. PCI-DSS Compliance Rules - What's allowed vs prohibited 3. Backend Development - File structure, endpoints, webhooks, database 4. Frontend Development - Stripe Elements, checkout flow, error handling 5. Testing Guidelines - Unit tests, E2E tests, component tests 6. Common Pitfalls - 5 common mistakes and how to avoid them 7. Code Review Checklist - Security, quality, Stripe integration 8. Deployment Checklist - Environment, security, testing, monitoring 9. Troubleshooting - Common issues and solutions 10. Examples & Templates - Complete flow examples Key Guidelines: ✅ DO's: - Use Payment Intents (server-side processing) - Use Stripe Elements (client-side tokenization) - Verify webhook signatures - Store only tokens/IDs (pm_xxx, pi_xxx) - Use HTTPS everywhere - Log payment events (without sensitive data) - Write E2E tests for PCI-DSS compliance ❌ DON'Ts: - Accept card data in backend - Store PAN, CVV, or expiry in database - Create native card inputs - Store card data in React state - Skip webhook signature verification - Use HTTP (only HTTPS) - Log sensitive data PCI-DSS Compliance: ✅ ALLOWED: - Store last 4 digits - Store card brand - Store Stripe tokens (pm_xxx, pi_xxx, cus_xxx) - Store customer name ❌ PROHIBITED: - Store full PAN (card number) - Store CVV/CVC - Store expiry date - Store PIN Common Pitfalls: 1. Accepting card data in backend → Block sensitive fields 2. Storing full PAN in database → Use tokens only 3. Native card inputs → Use Stripe CardElement 4. Not verifying webhook signatures → Use constructEvent 5. Logging sensitive data → Filter sensitive fields Code Examples: - Wallet deposit flow (complete end-to-end) - Subscription checkout (Stripe hosted) - Payment Intent creation (backend) - Stripe Elements integration (frontend) - Webhook signature verification - Database schema (safe vs prohibited) Testing Examples: - Unit tests (Stripe service mocked) - E2E tests (PCI-DSS compliance) - Component tests (CardElement rendering) - Integration tests (webhook handling) Deployment Checklist: - Environment variables configured - Stripe webhooks set up - SSL/TLS enabled - Security headers configured - Rate limiting enabled - All tests passing (45+ PCI-DSS tests) - Monitoring and alerts configured Target Audience: - Backend developers (Express.js, TypeScript) - Frontend developers (React, Stripe.js) - DevOps engineers (deployment, monitoring) - Code reviewers (security validation) - New team members (onboarding) Status: BLOCKER-002 (ST4.2) - Developer guidelines complete Task: #5 ST4.2.5 - Actualizar developer guidelines pagos Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2026-01-26 22:03:47 -06:00
..
00-notas	feat(ml): Complete FASE 11 - BTCUSD update and comprehensive documentation alignment	2026-01-07 09:31:29 -06:00
00-vision-general	[DOCS] docs: Add Software Requirements Specification (SRS)	2026-01-25 02:12:17 -06:00
01-arquitectura	docs: Move EA bridge architecture to organized location	2026-01-26 18:58:31 -06:00
02-definicion-modulos	docs(payments): Add Developer Guidelines (ST4.2.5)	2026-01-26 22:03:47 -06:00
04-fase-backlog	feat(ml): Complete FASE 11 - BTCUSD update and comprehensive documentation alignment	2026-01-07 09:31:29 -06:00
90-transversal	docs: Move SECURITY.md to transversal location	2026-01-26 19:03:25 -06:00
95-guias-desarrollo	feat(ml): Complete FASE 11 - BTCUSD update and comprehensive documentation alignment	2026-01-07 09:31:29 -06:00
97-adr	feat(ml): Complete FASE 11 - BTCUSD update and comprehensive documentation alignment	2026-01-07 09:31:29 -06:00
99-analisis	docs(analisis): Add development plan and update _MAP.md	2026-01-07 13:05:40 -06:00
_MAP.md	docs: Update _MAP.md after ST3.2 reorganization	2026-01-26 19:06:04 -06:00
API.md	docs: Reduce API.md to overview referencing swagger.yml	2026-01-26 19:03:23 -06:00
README.md	feat(ml): Complete FASE 11 - BTCUSD update and comprehensive documentation alignment	2026-01-07 09:31:29 -06:00

README.md

id	title	type	project	version	updated_date
README	Trading PlatformIA - Documentacion del Proyecto	Documentation	trading-platform	1.0.0	2026-01-04

Trading PlatformIA - Documentacion del Proyecto

Ultima actualizacion: 2025-12-05 Version: 1.0.0 Estado: En Desarrollo Activo Tipo: SaaS Trading Platform con IA

Proposito

Este directorio contiene la documentacion completa del proyecto Trading PlatformIA, una plataforma SaaS de trading e inversion que integra:

Predicciones ML - XGBoost para prediccion de max/min de precios
Plataforma Educativa - Cursos de trading con sistema de niveles
Trading Dashboard - Charts en tiempo real con predicciones
Sistema de Pagos - Integracion completa con Stripe

Estado Actual del Desarrollo

Componentes Implementados

Componente	Estado	Descripcion
Backend NestJS	✅ Completo	API REST con TypeORM y PostgreSQL
Frontend React	✅ Completo	Vite + TailwindCSS + React Router
ML Services	✅ Completo	FastAPI + XGBoost predictor
Base de Datos	✅ Completo	PostgreSQL con 5 schemas, 44 tablas
Autenticacion	✅ Completo	JWT + Refresh Tokens
Modulo Cursos	✅ Completo	CRUD completo con categorias
Pagos Stripe	✅ Completo	Suscripciones + Webhooks

Endpoints Disponibles

Backend (NestJS - Puerto 3000):

POST /auth/login - Autenticacion
POST /auth/register - Registro
GET /courses - Listar cursos
POST /payments/create-payment-intent - Crear pago
POST /payments/subscriptions - Crear suscripcion

ML Services (FastAPI - Puerto 8000):

GET /api/predict/{symbol} - Predicciones de precio
POST /api/train/{symbol} - Entrenar modelo
GET /api/training/status - Estado del entrenamiento
GET /health - Health check

Mapa de Navegacion

docs/
├── 00-vision-general/           # Vision, alcance, arquitectura
│   ├── VISION-PRODUCTO.md
│   ├── ARQUITECTURA-GENERAL.md
│   └── STACK-TECNOLOGICO.md
│
├── 01-fase-mvp/                 # FASE 1: MVP (6 epicas)
│   ├── OQI-001-fundamentos-auth/
│   ├── OQI-002-education/
│   ├── OQI-003-trading-charts/
│   ├── OQI-004-investment-accounts/
│   ├── OQI-005-payments-stripe/
│   └── OQI-006-ml-signals/
│
├── 02-fase-growth/              # FASE 2: Crecimiento
│
├── 03-fase-enterprise/          # FASE 3: Enterprise
│
├── 90-transversal/              # Cross-cutting concerns
│   ├── sprints/
│   ├── roadmap/
│   └── inventarios/
│
├── 95-guias-desarrollo/         # Guias tecnicas
│   ├── backend/
│   ├── frontend/
│   ├── ml-engine/
│   └── database/
│
├── 96-quick-reference/          # Referencias rapidas
│
├── 97-adr/                      # Architecture Decision Records
│
└── 98-standards/                # Estandares del proyecto

Stack Tecnologico Actual

Capa	Tecnologia	Version	Estado
Frontend	React + Vite + TypeScript	19.x / 6.x / 5.x	✅
UI Framework	TailwindCSS + shadcn/ui	3.x	✅
State Management	Zustand	5.x	✅
Backend API	NestJS + TypeScript	11.x / 5.x	✅
ORM	TypeORM	0.3.x	✅
ML Engine	Python + FastAPI	3.11 / 0.115	✅
ML Models	XGBoost + scikit-learn	2.x / 1.x	✅
Base de Datos	PostgreSQL	16.x	✅
Pagos	Stripe	20.x	✅
Auth	JWT + Passport	-	✅

Arquitectura del Sistema

┌─────────────────────────────────────────────────────────────────┐
│                        FRONTEND (React 19)                       │
│                   Vite + TailwindCSS + Zustand                   │
│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐           │
│  │  Login   │ │Dashboard │ │ Courses  │ │Predictions│           │
│  └──────────┘ └──────────┘ └──────────┘ └──────────┘           │
│                         Puerto 5173                              │
└─────────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────────┐
│                    BACKEND API (NestJS 11)                       │
│                   TypeORM + PostgreSQL                           │
│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐           │
│  │   Auth   │ │  Users   │ │ Courses  │ │ Payments │           │
│  └──────────┘ └──────────┘ └──────────┘ └──────────┘           │
│                         Puerto 3000                              │
└─────────────────────────────────────────────────────────────────┘
         │                              │
         ▼                              ▼
┌─────────────────┐          ┌─────────────────────────────────────┐
│   PostgreSQL    │          │       ML SERVICES (FastAPI)         │
│   Puerto 5433   │          │           Puerto 8000               │
│                 │          │  ┌──────────┐ ┌──────────┐         │
│ - public        │          │  │ XGBoost  │ │ Feature  │         │
│ - auth          │          │  │ Predictor│ │Engineering│         │
│ - education     │          │  └──────────┘ └──────────┘         │
│ - trading       │          │  ┌──────────┐ ┌──────────┐         │
│ - billing       │          │  │  Market  │ │ Training │         │
│                 │          │  │   Data   │ │ Pipeline │         │
└─────────────────┘          │  └──────────┘ └──────────┘         │
                              └─────────────────────────────────────┘

Configuracion de Stripe

Productos Configurados

Plan	Producto ID	Price ID	Precio
Basic	`prod_TYA4rxBGz3ZEl1`	`price_1Sb3k64dPtEGmLmpeAdxvmIu`	$19/mes
Pro	`prod_TYA4ZpGaV1eMai`	`price_1Sb3k64dPtEGmLmpm5n5bbJH`	$49/mes
Premium	`prod_TYA4MrWX4h8CSF`	`price_1Sb3k74dPtEGmLmpHfLpUkvQ`	$99/mes

Webhook Endpoint

URL: https://[tu-dominio]/payments/webhook
Eventos:
  - payment_intent.succeeded
  - payment_intent.payment_failed
  - customer.subscription.updated
  - customer.subscription.deleted

Modelo ML - XGBoost Predictor

Caracteristicas (30+ features)

Volatilidad: volatility_5, volatility_10, volatility_20, ATR
Momentum: momentum_5, momentum_10, momentum_20, ROC
Medias Moviles: SMA, EMA, ratios de precio
Indicadores: RSI, MACD, Bollinger Bands
Volumen: volume_ratio, volume_sma

Metricas de Entrenamiento

Metrica	Valor
MAE High	0.099%
MAE Low	0.17%
Samples	500 candles
Horizonte	30 min (6 candles)

Variables de Entorno

Backend (.env)

# Database
DB_HOST=localhost
DB_PORT=5433
DB_DATABASE=trading_platform
DB_USERNAME=trading
DB_PASSWORD=***

# JWT
JWT_SECRET=***
JWT_EXPIRES_IN=1d

# ML Service
ML_SERVICE_URL=http://localhost:8000

# Stripe
STRIPE_SECRET_KEY=sk_test_***
STRIPE_WEBHOOK_SECRET=whsec_***

# App
PORT=3000
FRONTEND_URL=http://localhost:5173

Comandos Utiles

Desarrollo

# Backend
cd apps/backend && npm run start:dev

# Frontend
cd apps/frontend && npm run dev

# ML Services
cd apps/ml-services && conda activate trading-ml && uvicorn src.api.server:app --reload --port 8000

# Base de datos
PGPASSWORD=*** psql -h localhost -p 5433 -U trading -d trading_platform

Build

# Backend
cd apps/backend && npm run build

# Frontend
cd apps/frontend && npm run build

Proximos Pasos

Conectar Backend con PostgreSQL
Implementar modulo de cursos
Conectar Frontend con Backend
Integrar modelos ML reales
Implementar pagos Stripe
Crear pagina de Predictions en Frontend
Implementar WebSocket para precios en tiempo real
Agregar mas instrumentos (ETH, XAU, EUR)
Implementar sistema de notificaciones
Deploy a produccion

Referencias

Documentacion actualizada: 2025-12-05