A comprehensive multi-tenant User Management System built with React, Redux Toolkit, React Router, React Hook Form, and Material UI. The system supports JWT-based authentication, session management, role-based access control, and CRUD operations for tenants, organizations, users, roles, privileges, and legal entities. All API calls are simulated with a robust mock API layer that includes realistic JWT token management.
- JWT Authentication & Session Management
- Secure login with email/password and tenant selection
- JWT token storage and automatic refresh
- Session persistence across browser reloads
- Automatic logout on token expiration
- Protected routes with authentication guards
- Multi-tenant Support
- Tenant-based data isolation
- Tenant selection during login
- Tenant-specific API endpoints
- CRUD Operations
- Complete CRUD for tenants, organizations, users, roles, privileges, legal entities
- Advanced data tables with filtering, sorting, pagination
- Form validation and error handling
- Role-Based Access Control (RBAC)
- Role assignment and management
- Privilege-based access control
- Conditional UI rendering based on permissions
- Modern UI/UX
- Responsive Material UI design
- Loading states and error boundaries
- Toast notifications and user feedback
- Mobile-responsive navigation
- Enterprise Architecture
- Redux Toolkit for state management
- React Hook Form for form handling
- Modular component structure
- Comprehensive error handling
- Frontend Framework: React 18+ (functional components, hooks)
- State Management: Redux Toolkit
- Routing: React Router v6
- Forms: React Hook Form with validation
- UI Library: Material UI (MUI) v5
- Data Tables: MUI DataGrid
- HTTP Client: Axios (for API abstraction)
- Authentication: JWT tokens with refresh mechanism
- Mock API: In-memory RESTful API simulation
frontend/src/
├── api/ # Mock API modules
│ ├── mockApi.js # JWT authentication & all endpoints
│ ├── tenantsApi.js # Tenant CRUD operations
│ ├── organizationsApi.js # Organization CRUD operations
│ ├── usersApi.js # User CRUD operations
│ ├── rolesApi.js # Role CRUD operations
│ ├── privilegesApi.js # Privilege CRUD operations
│ └── legalEntitiesApi.js # Legal entity CRUD operations
├── app/ # Redux store and slices
│ ├── store.js # Redux store configuration
│ ├── authSlice.js # JWT authentication state
│ ├── tenantsSlice.js # Tenant state management
│ ├── organizationsSlice.js # Organization state
│ ├── usersSlice.js # User state management
│ ├── rolesSlice.js # Role state management
│ ├── privilegesSlice.js # Privilege state
│ └── legalEntitiesSlice.js # Legal entity state
├── components/ # Reusable UI components
│ ├── ProtectedRoute.jsx # Authentication guard
│ └── DashboardCards.jsx # Dashboard metrics
├── layouts/ # App layout components
│ ├── AppLayout.jsx # Main layout wrapper
│ ├── Sidebar.jsx # Navigation sidebar
│ └── AppBar.jsx # Top app bar with user menu
├── pages/ # Feature pages
│ ├── LoginPage.jsx # JWT authentication
│ ├── Dashboard.jsx # Overview dashboard
│ ├── TenantsPage.jsx # Tenant management
│ ├── OrganizationsPage.jsx # Organization management
│ ├── UsersPage.jsx # User management
│ ├── RolesPage.jsx # Role management
│ ├── PrivilegesPage.jsx # Privilege management
│ └── LegalEntitiesPage.jsx # Legal entity management
├── utils/ # Utility functions
│ └── useAuth.js # JWT authentication hook
├── App.jsx # Main app component with routing
└── main.jsx # Application entry point
- Node.js 16+
- npm or yarn package manager
- Clone the repository
git clone <repository-url>
cd user_management_system- Install dependencies
cd frontend
npm install- Start development server
npm run dev- Open your browser and navigate to http://localhost:5173
- Email: Any valid email format (e.g.,
user@example.com) - Password: Any password with minimum 4 characters (e.g.,
1234) - Tenant ID: Select any tenant (1, 2, or 3)
Note: The system accepts any valid email and password combination as long as the email format is correct and password is at least 4 characters long.
- Navigate to
/login - Enter any valid email, password (min 4 chars), and select tenant
- System validates credentials and returns JWT tokens
- Tokens are stored securely in localStorage
- User is redirected to dashboard
- Access Token: Valid for 1 hour, used for API requests
- Refresh Token: Used to obtain new access tokens
- Automatic Refresh: Tokens refresh 5 minutes before expiration
- Session Persistence: Survives browser reloads
- Security: Automatic logout on token expiration
All application routes (except login) are protected and require authentication. Unauthenticated users are automatically redirected to the login page.
POST /api/v1/auth/login
Request: { email, password, tenant_id }
Response: { access_token, refresh_token, user_data }
All CRUD endpoints follow RESTful conventions:
Tenants
GET /api/v1/tenants- List all tenantsPOST /api/v1/tenants- Create tenantGET /api/v1/tenants/{id}- Get tenant detailsPUT /api/v1/tenants/{id}- Update tenantGET /api/v1/tenants/{id}/settings- Get tenant settings
Organizations
GET /api/v1/tenants/{tenant_id}/organizations- List organizationsPOST /api/v1/tenants/{tenant_id}/organizations- Create organizationGET /api/v1/tenants/{tenant_id}/organizations/{id}- Get organizationPUT /api/v1/tenants/{tenant_id}/organizations/{id}- Update organizationDELETE /api/v1/tenants/{tenant_id}/organizations/{id}- Delete organization
Users
GET /api/v1/tenants/{tenant_id}/users- List usersPOST /api/v1/tenants/{tenant_id}/users- Create userGET /api/v1/tenants/{tenant_id}/users/{id}- Get userPUT /api/v1/tenants/{tenant_id}/users/{id}- Update userGET /api/v1/me- Get current user profile
Roles
GET /api/v1/tenants/{tenant_id}/roles- List rolesPOST /api/v1/tenants/{tenant_id}/roles- Create roleGET /api/v1/tenants/{tenant_id}/roles/{id}- Get rolePUT /api/v1/tenants/{tenant_id}/roles/{id}- Update role
Privileges
GET /api/v1/tenants/{tenant_id}/privileges- List privilegesPOST /api/v1/tenants/{tenant_id}/privileges- Create privilegeGET /api/v1/tenants/{tenant_id}/privileges/{id}- Get privilegePUT /api/v1/tenants/{tenant_id}/privileges/{id}- Update privilege
Legal Entities
GET /api/v1/tenants/{tenant_id}/legal-entities- List legal entitiesPOST /api/v1/tenants/{tenant_id}/legal-entities- Create legal entityGET /api/v1/tenants/{tenant_id}/legal-entities/{id}- Get legal entityPUT /api/v1/tenants/{tenant_id}/legal-entities/{id}- Update legal entity
All API responses follow this structure:
{
"success": true,
"data": { /* response data */ },
"message": "Success message",
"trace_id": "unique-trace-id"
}Error responses include:
{
"success": false,
"error": {
"code": "ERROR_CODE",
"message": "Error description",
"details": {}
},
"trace_id": "unique-trace-id"
}ProtectedRoute: Authentication guard for protected pagesAppLayout: Main layout with sidebar and app barSidebar: Navigation menu with module groupingAppBar: Top bar with user menu and notificationsDashboardCards: Overview metrics display
All page components include:
- Data Tables: MUI DataGrid with sorting, filtering, pagination
- CRUD Forms: React Hook Form with validation
- Loading States: Skeleton loaders and progress indicators
- Error Handling: Toast notifications and error boundaries
- Confirmation Dialogs: Delete confirmations and action confirmations
- Redux Toolkit: Centralized state management
- Slices: Separate slices for each entity and authentication
- Async Thunks: API calls and side effects
- Selectors: Memoized state selectors for performance
- Login: User submits credentials → JWT tokens generated → Stored in localStorage
- Token Validation: Automatic checking on app load and periodically
- Token Refresh: Automatic refresh before expiration
- Logout: Clear tokens and redirect to login
- React Hook Form: All forms use RHF for validation and state
- Validation: Client-side validation with error messages
- Submission: Optimistic updates with error handling
- Material Design: Consistent design system
- Responsive Layout: Mobile-first approach
- Loading States: Skeleton screens and progress indicators
- Error Boundaries: Graceful error handling
- Toast Notifications: User feedback for actions
npm run dev # Start development server
npm run build # Build for production
npm run preview # Preview production build
npm run lint # Run ESLint- ESLint: Airbnb React style guide
- Prettier: Code formatting
- PropTypes: Component prop validation
- Unit tests for slices and components
- Integration tests for authentication flow
- E2E tests for critical user journeys
npm run buildThe build output will be in the dist/ directory, ready for deployment to any static hosting service.
- Development: Uses mock API with realistic data
- Production: Configure to use real API endpoints
- Token Expiration: 1-hour access tokens
- Refresh Tokens: Secure token renewal
- Token Validation: Payload verification
- Automatic Logout: Expired token handling
- localStorage Encryption: Sensitive data storage
- CSRF Protection: Token-based request validation
- XSS Prevention: Input sanitization and validation
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
This project is licensed under the MIT License.
For questions or issues, please refer to the project documentation or create an issue in the repository.