Dev (#565)

* Remove root.html template and associated styles/scripts

* refactor: remove unused backend scripts and team-related files

- Deleted entrypoint.sh and wait-for-postgres.sh as they are no longer needed.
- Removed gunicorn.sh and migrate.sh scripts to streamline deployment.
- Cleaned up teams app by deleting models, serializers, views, migrations, and URLs related to teams.
- Added new board detail page and task management functionality in the frontend.

* Refactor newsletter management: remove newsletter.js, update email and phone fields in contacts and leads, enhance form handling, and clean up unsubscribe functionality.

* Add environment variables, implement theme management, and update cookie settings for JWT

* Refactor project references from 'opensource-startup-crm' to 'Django-CRM' across the frontend codebase, updating links, images, and text to reflect the new repository name. Removed unnecessary animations and improved code readability in the login page.

* feat: Implement multi-tenancy

* feat: Add enterprise documentation and AI-related markdown files, alongside minor code refactoring and import cleanup.

* feat: Enable row-level security (RLS) for multi-tenancy across all applications.

* chore: Remove numerous frontend site pages and server-side scripts, add `.mcp.json` and `TODO.md`, and update documentation.

* app folder removed

* auth fix

* api url fix

* type fix

* chore: Add project TODO list and mcpServers configuration, and fix RLS middleware to skip unresolved URLs.

* feat: Rebrand project to BottleCRM, update README with new SvelteKit/Django REST architecture, and enhance RLS context middleware.

* feat: Add shadcn-svelte mcp config and project TODO list, and enhance Django cookie security settings.

* .

Author: ashwin31

README.md

@@ -1,175 +1,237 @@
-# Django-CRM
-
-============
-
-Django CRM is opensource CRM developed on django framework. It has all
-the basic features of CRM to start with. We welcome code contributions
-and feature requests via github.
-
-## Project Status and Future Direction
-
-### Background
-
-9 years ago, I launched this project with a mission to provide startups with a free, open-source, and customizable CRM solution, addressing the high subscription costs of commercial alternatives. Initially developed as a Django full-stack application, the project evolved significantly with the support of a dedicated team. However, maintaining the team and covering salaries depleted resources, and I was unable to renew the domain. Recognizing the need for a modernized user experience, I explored updating the frontend with React but ultimately faced financial and team constraints.
-
-### Moving Forward
-
-To align with the project’s vision and address these challenges, I’ve shifted development to a new repository using **SvelteKit** and **Prisma** for a robust, fast, and feature-rich framework. A Minimum Viable Product (MVP) was released last week at [MicroPyramid/Django-CRM](https://github.com/MicroPyramid/Django-CRM).
-
-#### Key Updates:
-
--   **Current Repository:** No further updates will be made to this repository.
-    
--   **New Repository:** Development will continue in the new SvelteKit-based repository.
-    
--   **Mobile App:** Enhancements to the Flutter-based mobile app [MicroPyramid/flutter-crm](https://github.com/MicroPyramid/flutter-crm) will depend on increased user engagement or support from a paying client.
-    
-
-### Future Vision
-
-This project is far from dead, it’s evolving. I’m committed to its growth and open to discussions about its direction, contributions, or potential collaborations. Feel free to reach out with ideas or feedback.
-
-Thank you for your support and understanding.
-
-## Runcode 
-
- Runcode is online developer workspace. It is cloud based simple, secure and ready to code workspaces, assuring high performance & fully configurable coding environment. With runcode you can run django-crm(API) with one-click.
+# BottleCRM
+
+A modern, open-source CRM platform built with Django REST Framework and SvelteKit.
+
+![License](https://img.shields.io/badge/license-MIT-blue.svg)
+![Python](https://img.shields.io/badge/python-3.10+-green.svg)
+![Django](https://img.shields.io/badge/django-5.x-green.svg)
+![SvelteKit](https://img.shields.io/badge/sveltekit-2.x-orange.svg)
+![Svelte](https://img.shields.io/badge/svelte-5-orange.svg)
+
+## Overview
+
+BottleCRM is a full-featured Customer Relationship Management system designed for startups and small businesses. It combines a powerful Django REST API backend with a modern SvelteKit frontend, featuring multi-tenant architecture with PostgreSQL Row-Level Security (RLS) for enterprise-grade data isolation.
+
+**Try it free**: [bottlecrm.io](https://bottlecrm.io/)
+
+## Features
+
+### Core CRM Modules
+- **Leads** - Track and manage sales leads through your pipeline
+- **Accounts** - Manage company/organization records
+- **Contacts** - Store and organize contact information
+- **Opportunities** - Track deals and sales opportunities
+- **Cases** - Customer support case management
+- **Tasks** - Task management with calendar and Kanban board views
+- **Invoices** - Create and manage invoices
+
+### Platform Features
+- **Multi-Tenant Architecture** - PostgreSQL RLS for secure data isolation between organizations
+- **JWT Authentication** - Secure token-based authentication
+- **Team Management** - Organize users into teams with role-based access
+- **Activity Tracking** - Comprehensive audit logs and activity history
+- **Comments & Attachments** - Collaborate with comments and file attachments on any record
+- **Tags** - Flexible tagging system for organizing records
+- **Email Integration** - AWS SES integration for transactional emails
+- **Background Tasks** - Celery + Redis for async task processing
+
+## Tech Stack
+
+### Backend
+- **Django 5.x** with Django REST Framework
+- **PostgreSQL** with Row-Level Security (RLS)
+- **Redis** for caching and Celery broker
+- **Celery** for background task processing
+- **JWT** for authentication
+- **AWS S3** for file storage
+- **AWS SES** for email delivery
+
+### Frontend
+- **SvelteKit 2.x** with Svelte 5 (runes)
+- **TailwindCSS 4** for styling
+- **shadcn-svelte** UI components
+- **Zod** for schema validation
+- **Axios** for API communication
+- **Lucide** icons
+
+## Quick Start
+
+### Prerequisites
+- Python 3.10+
+- Node.js 18+ with pnpm
+- PostgreSQL 14+
+- Redis
+
+### Backend Setup
+
+```bash
+# Clone the repository
+git clone https://github.com/MicroPyramid/Django-CRM.git
+cd Django-CRM
+
+# Create and activate virtual environment
+cd backend
+python -m venv venv
+source venv/bin/activate  # On Windows: venv\Scripts\activate
+
+# Install dependencies
+pip install -r requirements.txt
 
+# Set up environment variables (see env.md for details)
+cp .env.example .env
+# Edit .env with your database and other settings
 
-- Open below link to create django-crm workspace on [RunCode](https://runcode.io/ "RunCode"). It will create django-crm API
+# Run migrations
+python manage.py migrate
 
-    [![RunCode](https://runcode-app-public.s3.amazonaws.com/images/dark_btn.png)](https://runcode.io)
+# Create a superuser
+python manage.py createsuperuser
 
-- After running API, Go to Frontend UI [React CRM](https://github.com/MicroPyramid/react-crm "React CRM") project to create new workspace with runcode.
+# Start the development server
+python manage.py runserver
+```
 
-## Docs
+### Frontend Setup
 
-Please [Click Here](http://django-crm.readthedocs.io "Click Here") for latest documentation.
+```bash
+# In a new terminal, from the project root
+cd frontend
 
-## Project Modules
-This project contains the following modules:
-- Contacts
-- Companies
-- Leads
-- Accounts
-- Invoices (todo)
-- Cases (todo)
-- Opportunity (todo)
+# Install dependencies
+pnpm install
 
-## Try for free [here](https://bottlecrm.io/)
+# Start the development server
+pnpm run dev
+```
 
-## Installation Guide
+### Start Celery Worker
 
-We recommend ubuntu 20.04. These instructions are verified for ubuntu 20.04.
+```bash
+# In a new terminal
+cd backend
+source venv/bin/activate
+celery -A crm worker --loglevel=INFO
+```
 
-#### To install system requirements
+### Access the Application
+- **Frontend**: http://localhost:5173
+- **API Documentation**: http://localhost:8000/swagger-ui/
+- **Admin Panel**: http://localhost:8000/admin/
 
-```
-sudo apt update && sudo apt upgrade -y
+## Docker Setup
 
-sudo apt install python-is-python3 xvfb libfontconfig wkhtmltopdf python3-dev python3-pip build-essential libssl-dev libffi-dev python3-venv redis-server redis-tools virtualenv -y
+```bash
+# Build and run with Docker Compose
+docker build -t bottlecrm:latest -f docker/dockerfile .
+docker-compose -f docker/docker-compose.yml up
 ```
 
-#### Install dependencies
-
-##### Optional (based on personal choice)
+## Project Structure
 
 ```
-sudo apt update && sudo apt upgrade -y && sudo apt install zsh python3-virtualenv
+Django-CRM/
+├── backend/                 # Django REST API
+│   ├── accounts/           # Accounts module
+│   ├── cases/              # Cases module
+│   ├── common/             # Shared models, utilities, RLS
+│   ├── contacts/           # Contacts module
+│   ├── invoices/           # Invoices module
+│   ├── leads/              # Leads module
+│   ├── opportunity/        # Opportunities module
+│   ├── tasks/              # Tasks module
+│   └── crm/                # Django project settings
+├── frontend/               # SvelteKit frontend
+│   ├── src/
+│   │   ├── lib/           # Components, stores, utilities
+│   │   └── routes/        # SvelteKit routes
+│   │       ├── (app)/     # Authenticated app routes
+│   │       └── (no-layout)/ # Auth pages (login, etc.)
+│   └── static/            # Static assets
+└── docker/                 # Docker configuration
+```
 
-sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+## Multi-Tenancy & Security
 
-pip install virtualenvwrapper
+BottleCRM uses PostgreSQL Row-Level Security (RLS) to ensure complete data isolation between organizations. Every database query is automatically filtered by organization context, providing enterprise-grade security.
 
-echo "source /home/ubuntu/.local/bin/virtualenvwrapper.sh" >> ~/.zshrc
-```
+```bash
+# Check RLS status
+python manage.py manage_rls --status
 
-If you want to install postgres, follow https://www.postgresql.org/download/
-#### To modify postgresql root password
+# Verify RLS user configuration
+python manage.py manage_rls --verify-user
 
-```
-sudo -u postgres psql
-ALTER USER postgres WITH PASSWORD 'root';
+# Test data isolation
+python manage.py manage_rls --test
 ```
 
-#### Create and activate a virtual environment.
-if you installed and configured virtualenv wrapper then use the following
-``` 
-mkvirtualenv <env_name>
-workon <env_name>
-```
-or else
-```
-virtualenv venv
-source venv/bin/activate
-```
-Install the project's dependency after activating env
-
-```
-pip install -r requirements.txt
-```
+## Development
 
-### Env variables
+### Backend Commands
 
-* Then refer to `env.md` for environment variables and keep those in the `.env` file in the current folder as your project is in.
+```bash
+# Run tests
+cd backend && pytest
 
+# Format code
+black . && isort .
 
-### Docker / docker-compose
-in order to use docker, please run the next commands after cloning repo:
-```
-docker build -t djcrm:1 -f docker/dockerfile .
-docker-compose -f docker/docker-compose.yml up
+# Check dependencies
+pipdeptree
+pip-check -H
 ```
 
-**Note**: you must have docker/docker-compose installed on your host. 
-### next steps
+### Frontend Commands
 
+```bash
+cd frontend
 
-```
-python manage.py migrate
-python manage.py runserver
-```
-- Then open http://localhost:8000/swagger-ui/ in your browser to explore API.
-
-- After running API, Go to Frontend UI [React CRM](https://github.com/MicroPyramid/react-crm "React CRM") project to configure Fronted UI to interact with API.
+# Type checking
+pnpm run check
 
+# Linting
+pnpm run lint
 
-## Start celery worker in another terminal window
+# Formatting
+pnpm run format
+```
 
-celery -A crm worker --loglevel=INFO
+## API Documentation
 
-### Useful tools and packages
+The API follows RESTful conventions:
 
 ```
-pipdeptree # to see pip dependency tree
-black # to format code to meet python coding standards
-pip-check -H  # to see upgradable packages
-isort # to sort imports in python
+GET/POST       /api/<module>/                 # List/Create
+GET/PUT/DELETE /api/<module>/<pk>/            # Detail/Update/Delete
+GET/POST       /api/<module>/comment/<pk>/    # Comments
+GET/POST       /api/<module>/attachment/<pk>/ # Attachments
 ```
 
-### Community
+Interactive API documentation is available at `/swagger-ui/` when running the backend.
 
-**Note: This repository is no longer actively maintained.** For the latest development and community support, please visit our new SvelteKit-based CRM project:
+## Contributing
 
--   **New Project**: [MicroPyramid/Django-CRM](https://github.com/MicroPyramid/Django-CRM)
--   Follow [@micropyramid](<https://twitter.com/micropyramid>) on Twitter
--   For questions about the legacy Django CRM, check [past issues](<https://github.com/MicroPyramid/Django-CRM/issues>)
--   For new feature requests and active development, visit the [new repository](https://github.com/MicroPyramid/Django-CRM)
--   For commercial support [Contact us](https://micropyramid.com/contact-us/)
+We welcome contributions! Please see our contributing guidelines for details.
 
-## Credits
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feature/amazing-feature`)
+3. Commit your changes (`git commit -m 'Add amazing feature'`)
+4. Push to the branch (`git push origin feature/amazing-feature`)
+5. Open a Pull Request
 
-### Contributors
+## Community
 
-This project exists thanks to all the people who contributed during its active development!
+- **Issues**: [GitHub Issues](https://github.com/MicroPyramid/Django-CRM/issues)
+- **Twitter**: [@micropyramid](https://twitter.com/micropyramid)
+- **Commercial Support**: [Contact us](https://micropyramid.com/contact-us/)
 
-![image](https://opencollective.com/django-crm/contributors.svg?width=890&button=false)
+## License
 
-### Legacy Project Notice
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
 
-This Django CRM repository is now in maintenance mode. While we welcome your feedback and appreciate past contributions, active development has moved to our new SvelteKit-based CRM solution at [MicroPyramid/Django-CRM](https://github.com/MicroPyramid/Django-CRM).
+## Contributors
 
-For commercial support [Contact us](https://micropyramid.com/contact-us/)
+This project exists thanks to all the people who contributed.
 
-# Trigger deploy
+![Contributors](https://opencollective.com/django-crm/contributors.svg?width=890&button=false)
 

backend/common/middleware/rls_context.py

@@ -110,6 +110,7 @@ class RequireOrgContext:
         "/api/auth/me/",
         "/api/auth/switch-org/",
         "/api/auth/google/",
+        "/api/org/",
         "/admin/",
         "/swagger-ui/",
         "/api/schema/",
@@ -121,6 +122,15 @@ def __init__(self, get_response):
     def __call__(self, request):
         # Check if path requires org context
         if not self._is_exempt(request.path):
+            # Skip check for URLs that don't resolve (let Django return 404)
+            from django.urls import resolve
+            from django.urls.exceptions import Resolver404
+
+            try:
+                resolve(request.path)
+            except Resolver404:
+                return self.get_response(request)
+
             if not hasattr(request, "org") or request.org is None:
                 from rest_framework.exceptions import PermissionDenied
 

backend/crm/server_settings.py

@@ -32,7 +32,9 @@
 
 EMAIL_BACKEND = "django_ses.SESBackend"
 
-SESSION_COOKIE_DOMAIN = ".bottlecrm.com"
+SESSION_COOKIE_DOMAIN = ".bottlecrm.io"
+SESSION_COOKIE_SECURE = True      # Only send session cookie over HTTPS
+CSRF_COOKIE_SECURE = True         # Only send CSRF cookie over HTTPS
 
 sentry_sdk.init(
     dsn=os.environ["SENTRY_DSN"],