{"id":31498953,"url":"https://github.com/1999azzar/lilyopencms","last_synced_at":"2025-10-02T16:15:57.142Z","repository":{"id":311974628,"uuid":"1045808075","full_name":"1999AZZAR/LilyOpenCMS","owner":"1999AZZAR","description":"A comprehensive Flask-based content management system with advanced SEO features, multimedia management, and robust user permissions. Built for modern web publishing with automatic image optimization, comprehensive sitemap generation, and enterprise-grade security.","archived":false,"fork":false,"pushed_at":"2025-09-07T06:34:31.000Z","size":27010,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-09-07T08:33:35.000Z","etag":null,"topics":["cms-backend","cms-experiment","cms-framework","python"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/1999AZZAR.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-27T18:34:51.000Z","updated_at":"2025-09-07T06:32:19.000Z","dependencies_parsed_at":"2025-08-28T04:48:05.836Z","dependency_job_id":null,"html_url":"https://github.com/1999AZZAR/LilyOpenCMS","commit_stats":null,"previous_names":["1999azzar/lilyopencms"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/1999AZZAR/LilyOpenCMS","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1999AZZAR%2FLilyOpenCMS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1999AZZAR%2FLilyOpenCMS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1999AZZAR%2FLilyOpenCMS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1999AZZAR%2FLilyOpenCMS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/1999AZZAR","download_url":"https://codeload.github.com/1999AZZAR/LilyOpenCMS/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1999AZZAR%2FLilyOpenCMS/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278031705,"owners_count":25918417,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-02T02:00:08.890Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cms-backend","cms-experiment","cms-framework","python"],"created_at":"2025-10-02T16:15:51.756Z","updated_at":"2025-10-02T16:15:57.127Z","avatar_url":"https://github.com/1999AZZAR.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# LilyOpenCms - Modern Content Management System\n\nA comprehensive Flask-based content management system with advanced SEO features, multimedia management, and robust user permissions. Built for modern web publishing with automatic image optimization, comprehensive sitemap generation, and enterprise-grade security.\n\n## Features\n\n### Recent System Improvements (2025-09-08)\n\n- **✅ Aggressive Query Caching System**: Advanced caching with background refresh, smart preloading, and extended cache times\n  - Background refresh system that refreshes cache at 80% of timeout\n  - Smart preloading with prediction patterns for related queries\n  - Extended cache times (2x) for aggressive mode performance\n  - Preload queue system for background query execution\n  - Cache warming functionality for common queries on startup\n  - Enhanced statistics tracking (preloads, background refreshes, prediction accuracy)\n  - Aggressive caching decorators: `@cache_frontend_critical`, `@cache_user_dashboard`, `@cache_public_content`, `@cache_navigation_data`\n  - Applied to all major route files for maximum performance impact\n  - Thread-safe cache operations with proper locking\n  - Smart cache invalidation with pattern matching\n- **✅ SSR Optimization Dashboard**: Live refresh functionality with dynamic DOM updates\n  - Read-only endpoints for SSR statistics and cache stats\n  - Settings endpoints for template caching configuration\n  - Dynamic DOM updates without full page reload\n  - Settings persistence to `instance/app_settings.json`\n- **✅ Comment Edit \u0026 Delete System**: Comprehensive comment management with inline editing and deletion in user library\n- **✅ User Image Management**: Dedicated image management page with upload, edit, delete, and visibility controls\n- **✅ Enhanced Profile Layout**: Optimized profile.html to use more viewport width with improved spacing and layout\n- **✅ Content Deletion Request System**: Role-based content deletion with admin approval workflow for news and albums\n- **✅ SQLAlchemy Relationship Fixes**: Fixed User.news and User.albums relationships with explicit foreign_keys\n- **✅ Content Deletion Management UI**: Admin interface for managing content deletion requests with bulk operations\n- **✅ Enhanced Content Security**: Only admin-tier users can delete content directly, others must request approval\n- **✅ Smart Routing System**: Role-based dashboard routing (admin/superuser/owner → `/settings`, general users → `/dashboard`)\n- **✅ Template Context Integration**: Added `get_user_dashboard_url()` function to Flask template context processors\n- **✅ Consistent Navigation Experience**: All dashboard links now use smart routing for seamless navigation\n- **✅ Enhanced User Management System**: Advanced user listing with pagination, search, and filtering\n- **✅ User Creation API**: Admin user creation with role assignment and premium status\n- **✅ User Statistics Dashboard**: Real-time user statistics and role distribution\n- **✅ Backup API Endpoints**: Resolved 404 errors for roles and permissions\n- **✅ Permission Management**: Centralized permission system with 80+ granular permissions\n- **✅ Admin Sidebar Enhancement**: Sub-group navigation with permission-based visibility\n- **✅ Comprehensive Endpoint Testing**: 95% success rate with full authentication testing\n- **✅ Template Path Fixes**: All admin template paths corrected and verified\n- **✅ Authentication Enhancement**: Session-based testing with proper CSRF token handling\n- **✅ Error Handling**: Robust error handling and fallback mechanisms implemented\n- **✅ DOCX Upload Tool Enhancement**: Added quick link to news management for seamless workflow integration\n\n### Content Management\n\n- **Advanced News Management**: Create, edit, delete articles with rich text editing (edit via `/settings/create_news?news_id=\u003cid\u003e`, redirects back to `/settings/manage_news` or album chapters if `album_id` present)\n- **Album Management System**: Create albums containing multiple news/articles as chapters, like a novel structure\n- **Public Album Pages**: Dedicated album listing, detail pages, and chapter reader with markdown support\n- **Related Content Discovery**: Related albums carousel and author's other works sections\n- **Comment System**: Nested comments with like/dislike functionality, moderation, spam detection, and reporting system\n- **Rating System**: 5-star rating system with statistics, analytics, and distribution tracking for news and albums\n- **SEO Optimization**: Per-article SEO management (meta descriptions, keywords, Open Graph tags, Twitter Cards, Schema Markup)\n- **Content Scheduling**: Schedule posts for future publication\n- **Bulk Operations**: Mass edit, delete, and categorize content\n- **Content Archiving**: Archive old content while preserving access\n- **Content Duplication**: Clone articles for quick content creation\n- **Revision History**: Track changes and restore previous versions\n- **Related Articles**: Smart content suggestions\n- **Enhanced Settings Management**: Advanced admin dashboard with tabbed interface, real-time search, and optimized JavaScript architecture\n\n### Media Management\n\n- **Automatic Image Optimization**: WebP conversion, compression, and multiple thumbnail sizes\n- **User Image Management**: Dedicated image management page with upload, edit, delete, and visibility controls\n- **Image Visibility Control**: Toggle image visibility with proper permission checks\n- **Image Gallery Integration**: Seamless integration with content creation workflows\n- **YouTube Integration**: Embed and manage YouTube videos\n- **Gallery Management**: Organize and display image collections\n- **Media Usage Tracking**: See which images are used where\n- **Bulk Upload**: Multiple file upload with progress tracking\n- **CDN Ready**: Optimized for content delivery networks\n\n### User \u0026 Permission System\n\n- **Smart Routing System**: Role-based dashboard routing (admin/superuser/owner → `/settings`, general users → `/dashboard`)\n- **Template Context Integration**: Automatic dashboard selection based on user role\n- **Enhanced User Management**: Advanced user listing with pagination, search, and filtering\n- **User Creation System**: Admin user creation with role assignment and premium status\n- **User Statistics Dashboard**: Real-time user statistics and role distribution\n- **Custom Role System**: Beyond basic admin/general roles with 14 custom roles\n- **Granular Permissions**: Matrix-based access control with 80+ granular permissions\n- **Centralized Permission System**: Permission management with role-based inheritance\n- **User Activity Tracking**: Login history, content creation, admin actions\n- **Account Management**: Profile pictures, bios, social links\n- **User Performance Metrics**: Track user contributions and activity\n- **Account Suspension**: Temporary and permanent account restrictions\n- **Registration Approval**: Admin-controlled user registration\n- **Backup API Endpoints**: Resolved 404 errors for roles and permissions\n\n### SEO \u0026 Analytics\n\n- **SEO Leveling System**: Hierarchical SEO management with content-specific SEO taking precedence over root SEO\n- **Comprehensive Sitemaps**: XML sitemaps for all content types\n- **SEO Score Calculation**: Automated SEO scoring (0-100)\n- **Meta Tag Management**: Complete meta tag control\n- **Schema Markup**: JSON-LD structured data generation\n- **Social Media Optimization**: Open Graph and Twitter Card support\n- **Analytics Dashboard**: Content performance metrics\n- **Search Engine Optimization**: URL slugs, canonical URLs, robots.txt\n\n### Security \u0026 Performance\n\n- **Advanced Security**: Rate limiting, input validation, CSRF protection\n- **File Upload Security**: Virus scanning, type restrictions\n- **Session Management**: Secure session handling with auto-logout\n- **Database Security**: SQL injection protection with parameterized queries\n- **Aggressive Query Caching**: Advanced caching system with background refresh, smart preloading, and extended cache times\n- **Performance Optimization**: Redis caching, database optimization, lazy loading, progressive images, externalized JavaScript modules\n- **Performance Monitoring**: Real-time metrics, slow query detection, cache management\n- **Frontend Optimization**: Externalized JavaScript files for better caching and faster loading\n- **Cache Statistics**: Comprehensive cache performance tracking with preloads, background refreshes, and prediction accuracy\n\n### Premium \u0026 Subscription System\n\n- **Premium Content**: Exclusive content for subscribers\n- **Subscription Management**: Multiple subscription tiers\n- **Ad-Free Experience**: Premium users get ad-free browsing\n- **Content Gating**: Protect premium content with subscription requirements\n- **Payment Integration**: Ready for payment gateway integration\n\n### Content Deletion Request System\n\n- **Consistent Workflow**: All users (including admins) must request content deletion for approval\n- **Request Workflow**: Any user can request deletion of any content for admin approval\n- **Admin Approval**: Content moderators and admins approve/reject deletion requests\n- **Bulk Operations**: Efficient bulk approve/reject functionality for multiple requests\n- **Request Management**: Dedicated admin interface for managing deletion requests\n- **Audit Trail**: Complete tracking of who requested, when, and approval status\n- **Enhanced Security**: Prevents unauthorized content deletion while maintaining consistent workflownn### 🌐 Public API Endpointsn- **Multiplatform Access**: JSON endpoints for mobile apps, desktop clients, and third-party integrationsn- **News API**: Public endpoints for news articles and lists with filtering and paginationn- **Albums API**: Public endpoints for albums, chapters, and related contentn- **User Profiles API**: Public user profile data, statistics, and library accessn- **Categories \u0026 Tags API**: Public access to content categories and tag systemn- **Comments API**: Public comment retrieval with threading and moderationn- **Unified Search API**: Cross-content search with type filtering and paginationn- **No Authentication Required**: All endpoints are publicly accessible for multiplatform usage\n\n### Comment \u0026 Rating System\n\n- **Nested Comments**: Threaded comment system with replies\n- **Inline Comment Editing**: Edit comments directly in the user library with real-time updates\n- **Comment Deletion**: Delete comments with confirmation dialogs and DOM updates\n- **Like/Dislike System**: Users can like or dislike comments\n- **Comment Moderation**: Admin approval system with spam detection\n- **Comment Reporting**: Users can report inappropriate comments\n- **Spam Detection**: Automatic spam filtering with configurable rules\n- **User Library Integration**: Comment management in user library with edit/delete capabilities\n- **5-Star Rating System**: Rate news articles and albums (1-5 stars)\n- **Rating Statistics**: Average ratings, distribution, and analytics\n- **Rating Analytics**: Comprehensive rating dashboard for admins\n- **User Rating History**: Track all ratings by specific users\n- **Content Rating Protection**: Prevent duplicate ratings per user\n- **Rating Distribution**: Visual breakdown of 1-5 star ratings\n- **Top Rated Content**: Discover highest-rated articles and albums\n\n### Achievement System\n\n- **Comprehensive Gamification**: Track user activities and award achievements\n- **Streak Tracking**: Login, activity, and reading streaks with daily consistency\n- **Contribution Achievements**: Content creation milestones (articles, albums, images)\n- **Exploration Achievements**: Content engagement (comments, ratings, reading)\n- **Community Achievements**: Social interactions (likes, comments received)\n- **Milestone Achievements**: Level progression and point accumulation\n- **Points \u0026 Leveling**: Point-based progression system with automatic level-ups\n- **Achievement Categories**: Organized into 7 categories with visual indicators\n- **Progress Tracking**: Detailed progress history and completion rates\n- **Real-time Notifications**: Instant achievement unlock notifications\n- **Achievement Dashboard**: Comprehensive user achievement overview\n- **Performance Optimized**: Efficient tracking with database indexes and cleanup\n\n## Tech Stack\n\n### Backend\n\n- **Python 3.8+** - Core programming language\n- **Flask 2.x** - Web framework\n- **SQLAlchemy** - ORM and database management\n- **Safe Migration System** - Custom database migration system\n- **Flask-Login** - Authentication system\n- **Flask-WTF** - Form handling and CSRF protection\n- **Pillow (PIL)** - Image processing and optimization\n\n### Frontend\n\n- **Tailwind CSS** - Utility-first CSS framework\n- **JavaScript (ES6+)** - Modern JavaScript with externalized modules for optimal caching\n- **SimpleMDE** - Markdown editor\n- **Swiper.js** - Touch slider for featured content\n- **Advanced Search System** - Real-time search with dedicated results tab and highlighted matches\n\n### Database\n\n- **SQLite** - Default database (production-ready alternatives supported)\n- **PostgreSQL/MySQL** - Production database options\n\n### Deployment\n\n- **Gunicorn** - WSGI server\n- **Passenger** - Alternative WSGI server\n- **Docker** - Containerization ready\n\n## Installation\n\n### Prerequisites\n\n- Python 3.8 or higher\n- pip package manager\n- Git\n- Redis (for performance optimizations)\n\n### Quick Start\n\n1. **Clone the repository**\n\n   ```bash\n   git clone \u003crepository-url\u003e\n   cd LilyOpenCms\n   ```\n2. **Create virtual environment**\n\n   ```bash\n   python -m venv .venv\n   source .venv/bin/activate  # On Windows: .venv\\Scripts\\activate\n   ```\n3. **Install dependencies**\n\n   ```bash\n   pip install -r requirements.txt\n   ```\n4. **Set up Redis (Required for performance optimizations)**\n\n   **Ubuntu/Debian:**\n\n   ```bash\n   sudo apt update\n   sudo apt install redis-server\n   sudo systemctl start redis-server\n   sudo systemctl enable redis-server\n   ```\n\n   **macOS:**\n\n   ```bash\n   brew install redis\n   brew services start redis\n   ```\n\n   **Windows:**\n\n   ```bash\n   # Download from https://redis.io/download\n   # Or use WSL2 with Ubuntu instructions above\n   ```\n\n   **Using the provided setup script:**\n\n   ```bash\n   chmod +x optimizations/setup_redis.sh\n   ./optimizations/setup_redis.sh\n   ```\n5. **Set up environment variables**\n\n   ```bash\n   cp .env.example .env\n   # Edit .env with your configuration\n   ```\n6. **Initialize database**\n\n   ```bash\n   flask db upgrade\n   ```\n7. **Seed initial data (optional)**\n\n   ```bash\n   cd helper\n   python generate_user.py\n   python add_chategories.py\n   python add_fake_news.py\n   python add_fake_images.py\n   python add_videos.py\n   python init_footer_data.py\n   ```\n8. **Set up achievement system (optional)**\n\n   ```bash\n   # Initialize achievement system with default categories and achievements\n   python helper/init_achievement_system.py\n\n   # Test the achievement system\n   python test/test_achievement_system.py\n   ```\n9. **Run the application**\n\n   ```bash\n   python main.py\n   ```\n\n   Open `http://127.0.0.1:5000` in your browser.\n\n### Redis Configuration\n\nThe application uses Redis for caching and performance optimizations. Make sure Redis is running before starting the application.\n\n**Verify Redis is running:**\n\n```bash\nredis-cli ping\n# Should return: PONG\n```\n\n**Test Redis connection from Python:**\n\n```bash\npython -c \"import redis; r = redis.Redis(); print('Redis connection:', r.ping())\"\n```\n\n**Redis Configuration Options:**\n\n- **Default**: `redis://localhost:6379/0`\n- **With Password**: `redis://:password@localhost:6379/0`\n- **Custom Host/Port**: Set `REDIS_HOST` and `REDIS_PORT` in `.env`\n\n## Documentation\n\n### Core Documentation\n\n- **[Documentation Index](docs/README.md)** - Complete documentation index and navigation\n- **[API Documentation](docs/api.md)** - Complete API reference with endpoints and examples\n- **[Admin UI Guide](docs/admin_ui.md)** - Comprehensive admin interface documentation\n- **[Sitemap Documentation](docs/SITEMAP_DOCUMENTATION.md)** - Complete sitemap system guide\n- **[Development Roadmap](docs/TODO.md)** - Current development status and progress tracking\n- **[Achievement System Guide](docs/ACHIEVEMENT_SYSTEM_GUIDE.md)** - Comprehensive achievement system documentation\n\n### Performance \u0026 Optimization\n\n- **[Performance \u0026amp; Optimizations – Comprehensive](docs/PERFORMANCE_OPTIMIZATIONS_COMPREHENSIVE.md)** - Complete performance guide with quick start and advanced topics\n- **[Performance Optimization Guide](docs/PERFORMANCE_OPTIMIZATION.md)** - Comprehensive performance optimization\n- **[Performance Quick Start](docs/PERFORMANCE_QUICK_START.md)** - Quick setup for performance features\n- **[Advanced Optimizations](docs/ADVANCED_OPTIMIZATIONS.md)** - Advanced optimization techniques\n- **[Optimization Reorganization](docs/OPTIMIZATION_REORGANIZATION.md)** - Optimization system structure\n\n### System Implementation\n\n- **[Current System Status](docs/CURRENT_SYSTEM_STATUS.md)** - Current implementation status overview\n- **[Implementation Summary](docs/IMPLEMENTATION_SUMMARY.md)** - Current system implementation status\n- **[Final Implementation Summary](docs/FINAL_IMPLEMENTATION_SUMMARY.md)** - Complete implementation overview\n- **[Premium System Implementation](docs/PREMIUM_SYSTEM_IMPLEMENTATION.md)** - Premium content system guide\n- **[Premium Content \u0026amp; Subscription – Comprehensive](docs/PREMIUM_SYSTEM_COMPREHENSIVE.md)** - Premium content and subscription system\n- **[Subscription System Status](docs/SUBSCRIPTION_SYSTEM_STATUS.md)** - Subscription feature status\n- **[Comment \u0026amp; Rating System – Comprehensive](docs/COMMENT_RATING_COMPREHENSIVE.md)** - Complete comment and rating system documentation\n- **[Comment Rating System](docs/COMMENT_RATING_SYSTEM.md)** - Comment and rating system documentation\n- **[Premium Content System](docs/PREMIUM_CONTENT_SYSTEM.md)** - Premium content and subscription features\n- **[Weighted Rating System](docs/WEIGHTED_RATING_SYSTEM.md)** - Advanced rating algorithms and analytics\n- **[Unified News System](docs/UNIFIED_NEWS_SYSTEM.md)** - News and article management system\n- **[Contact Details Guide](docs/CONTACT_DETAILS_GUIDE.md)** - Contact information management\n- **[SEO Leveling System](docs/seo_leveling_system.md)** - Hierarchical SEO management with content-specific overrides\n- **[SEO Leveling Comprehensive](docs/SEO_LEVELING_COMPREHENSIVE.md)** - Hierarchical SEO management system\n\n### UI/UX \u0026 Design\n\n- **[Card Design System](docs/CARD_DESIGN_SYSTEM.md)** - Complete card design system with 4 distinct designs\n- **[Card Design Troubleshooting](docs/CARD_DESIGN_TROUBLESHOOTING.md)** - Troubleshooting guide for card design issues\n\n### Ads \u0026 Marketing\n\n- **[Ads Injection System – Comprehensive](docs/ADS_INJECTION_COMPREHENSIVE.md)** - Ads injection architecture and roadmap\n\n### Content \u0026 Media\n\n- **[Album View Count Implementation](docs/ALBUM_VIEW_COUNT_IMPLEMENTATION.md)** - View count tracking for albums\n- **[Share System Fix](docs/SHARE_SYSTEM_FIX.md)** - Social sharing system implementation\n\n### Deployment \u0026 Configuration\n\n- **[Deployment Guide](docs/DEPLOYMENT_GUIDE.md)** - Complete deployment guide for DirectAdmin hosting and other environments\n\n## SEO Leveling System\n\nThe SEO Leveling System implements a hierarchical approach to SEO data management, ensuring that content-specific SEO takes precedence over root SEO settings. This prevents the root SEO from always taking over and allows for proper content-specific optimization.\n\n### Key Features\n\n- **Hierarchical SEO Management**: Content-specific SEO takes precedence over root SEO\n- **URL Pattern Detection**: Automatic detection of news articles (`/news/\u003cid\u003e/\u003ctitle\u003e`) and albums (`/album/\u003cid\u003e/\u003ctitle\u003e`)\n- **Content-Specific Overrides**: News and album SEO fields override root SEO settings\n- **Template Integration**: Updated `base.html` to use unified `seo_data` structure\n- **SEO Override Blocks**: Enhanced `reader.html` and `album_detail.html` with content-specific SEO blocks\n- **Proper OG Types**: Articles use `og:type=article`, albums use `og:type=book`\n- **Fallback System**: Root SEO provides sensible defaults when content-specific SEO is not available\n\n### SEO Hierarchy (Priority Order)\n\n1. **Content-Specific SEO** (Highest Priority)\n\n   - News/Article SEO\n   - Album SEO\n   - Chapter SEO\n2. **Root SEO** (Fallback)\n\n   - Page-specific root SEO settings\n   - Default values\n3. **Brand Defaults** (Lowest Priority)\n\n   - Brand identity settings\n   - Hardcoded fallbacks\n\n### Implementation Details\n\n- **Context Processor**: `inject_seo_data()` handles SEO leveling logic\n- **URL Detection**: Automatic detection of content types based on URL patterns\n- **Template Blocks**: Content templates can override SEO data using template blocks\n- **Backward Compatibility**: Existing SEO functionality remains unchanged\n- **Performance Optimized**: Efficient SEO data retrieval and caching\n\nFor detailed implementation information, see [SEO Leveling System Documentation](docs/seo_leveling_system.md).\n\n### Development\n\n- **[Development Roadmap](docs/TODO.md)** - Current development status and future plans\n- **[Helper Scripts README](helper/README.md)** - Helper scripts documentation and usage\n- **[Routes Utils README](routes/utils/README.md)** - Permission and role management system documentation\n\n## Configuration\n\n### Environment Variables\n\nCreate a `.env` file in the root directory:\n\n```env\n# Flask Configuration\nSECRET_KEY=your-secret-key-here\nFLASK_ENV=development\nFLASK_DEBUG=True\n\n# Database Configuration\nDATABASE_URI=sqlite:///instance/LilyOpenCms.db\n\n# File Upload Configuration\nMAX_CONTENT_LENGTH=16777216  # 16MB max file size\nUPLOAD_FOLDER=static/uploads\n\n# Email Configuration (optional)\nMAIL_SERVER=smtp.gmail.com\nMAIL_PORT=587\nMAIL_USE_TLS=True\nMAIL_USERNAME=your-email@gmail.com\nMAIL_PASSWORD=your-app-password\n\n# YouTube API (optional)\nYOUTUBE_API_KEY=your-youtube-api-key\n\n# External Services (optional)\nGOOGLE_ANALYTICS_ID=GA-XXXXXXXXX-X\n\n# Performance Optimization (optional)\nREDIS_URL=redis://localhost:6379/0\nREDIS_HOST=localhost\nREDIS_PORT=6379\nREDIS_PASSWORD=\n```\n\n## Performance Optimizations\n\nLilyOpenCms includes comprehensive performance optimizations organized in the `optimizations/` package:\n\n### Quick Setup\n\n```bash\n# Install Redis and configure performance optimizations\nchmod +x optimizations/setup_redis.sh\n./optimizations/setup_redis.sh\n\n# Access performance dashboard\n# Visit: http://localhost:5000/admin/performance\n```\n\n### Key Features\n\n- **Aggressive Query Caching**: Advanced caching system with background refresh, smart preloading, and extended cache times\n- **Redis Caching**: Fast data retrieval with intelligent cache invalidation\n- **Database Optimization**: Connection pooling, query optimization, automatic indexing\n- **Frontend Optimization**: Lazy loading, progressive images, asset optimization, externalized JavaScript modules\n- **Performance Monitoring**: Real-time metrics, slow query detection, cache management\n- **JavaScript Optimization**: Externalized modules for better caching and faster loading times\n- **Cache Statistics**: Comprehensive performance tracking with preloads, background refreshes, and prediction accuracy\n\n### Documentation\n\n- [Performance Optimization Guide](docs/PERFORMANCE_OPTIMIZATION.md)\n- [Quick Start Guide](docs/PERFORMANCE_QUICK_START.md)\n- [Advanced Optimizations](docs/ADVANCED_OPTIMIZATIONS.md)\n- [Optimizations Package README](optimizations/README.md)\n\n## API Endpoints\n\n### Content Management\n\n- `GET /api/news` - List news articles with filtering\n- `POST /api/news` - Create new article\n- `PUT /api/news/\u003cid\u003e` - Update article\n- `DELETE /api/news/\u003cid\u003e` - Delete article (admin-tier users only)\n- `POST /api/news/\u003cid\u003e/request-deletion` - Request article deletion (non-admin users)\n- `GET /api/news/deletion-requests` - Get news deletion requests (admin only)\n- `POST /api/news/\u003cid\u003e/approve-deletion` - Approve news deletion request (admin only)\n- `POST /api/news/\u003cid\u003e/reject-deletion` - Reject news deletion request (admin only)\n- `PATCH /api/news/\u003cid\u003e/visibility` - Toggle visibility\n- `PATCH /api/news/\u003cid\u003e/archive` - Archive article\n- `PATCH /api/news/\u003cid\u003e/unarchive` - Unarchive article\n- `POST /api/news/\u003cid\u003e/duplicate` - Duplicate article\n- `GET /api/albums` - List albums with filtering\n- `POST /api/albums` - Create new album\n- `PUT /api/albums/\u003cid\u003e` - Update album\n- `DELETE /api/albums/\u003cid\u003e` - Delete album (admin-tier users only)\n- `POST /admin/albums/\u003cid\u003e/request-deletion` - Request album deletion (non-admin users)\n- `GET /admin/albums/deletion-requests` - Get album deletion requests (admin only)\n- `POST /admin/albums/\u003cid\u003e/approve-deletion` - Approve album deletion request (admin only)\n- `POST /admin/albums/\u003cid\u003e/reject-deletion` - Reject album deletion request (admin only)\n- `PATCH /api/albums/\u003cid\u003e/visibility` - Toggle album visibility\n- `PATCH /api/albums/\u003cid\u003e/archive` - Archive album\n- `PATCH /api/albums/\u003cid\u003e/unarchive` - Unarchive album\n- `POST /api/albums/\u003cid\u003e/chapters` - Add chapter to album\n- `DELETE /api/albums/\u003cid\u003e/chapters/\u003cchapter_id\u003e` - Remove chapter from album\n\n### Comment System\n\n- `GET /api/comments/\u003ccontent_type\u003e/\u003ccontent_id\u003e` - Get comments for news/album with pagination\n- `POST /api/comments` - Create new comment (requires authentication)\n- `PUT /api/comments/\u003ccomment_id\u003e` - Update comment with success response (owner or admin only)\n- `DELETE /api/comments/\u003ccomment_id\u003e` - Delete comment with success response (owner or admin only)\n- `GET /api/account/library/comments` - Get user's library comments with edit/delete capabilities\n- `POST /api/comments/\u003ccomment_id\u003e/like` - Like/unlike comment\n- `POST /api/comments/\u003ccomment_id\u003e/report` - Report comment for moderation\n- `GET /admin/comments` - Admin comment moderation interface\n- `POST /admin/comments/\u003ccomment_id\u003e/approve` - Approve comment (admin only)\n- `POST /admin/comments/\u003ccomment_id\u003e/reject` - Reject comment (admin only)\n- `POST /admin/comments/\u003ccomment_id\u003e/mark-spam` - Mark comment as spam (admin only)\n- `POST /admin/comments/\u003ccomment_id\u003e/delete` - Admin delete comment\n\n### Rating System\n\n- `GET /api/ratings/\u003ccontent_type\u003e/\u003ccontent_id\u003e` - Get rating statistics for news/album\n- `POST /api/ratings` - Create or update rating (requires authentication)\n- `DELETE /api/ratings/\u003ccontent_type\u003e/\u003ccontent_id\u003e` - Delete user's rating\n- `GET /api/ratings/stats` - Get overall rating statistics\n- `GET /api/ratings/user/\u003cuser_id\u003e` - Get all ratings by specific user\n- `GET /admin/ratings` - Admin rating management interface\n- `POST /admin/ratings/\u003crating_id\u003e/delete` - Admin delete rating\n- `GET /admin/ratings/analytics` - Admin rating analytics dashboard\n\n### Public Album Pages\n\n- `GET /albums` - Public album listing page with filtering and search\n- `GET /album/\u003calbum_id\u003e/\u003calbum_title\u003e` - Album detail page with author info and chapters\n- `GET /album/\u003calbum_id\u003e/chapter/\u003cchapter_id\u003e/\u003cchapter_title\u003e` - Chapter reader with markdown support\n\n### Media Management\n\n- `GET /api/images` - List images with filtering\n- `POST /api/images` - Upload image\n- `PUT /api/images/\u003cid\u003e` - Update image\n- `DELETE /api/images/\u003cid\u003e` - Delete image\n- `PATCH /api/images/\u003cid\u003e/visibility` - Toggle image visibility\n- `GET /user/\u003cusername\u003e/images` - User image management page\n- `POST /user/\u003cusername\u003e/images/upload` - Upload image to user gallery\n- `PUT /user/\u003cusername\u003e/images/\u003cimage_id\u003e/update` - Update user image\n- `DELETE /user/\u003cusername\u003e/images/\u003cimage_id\u003e/delete` - Delete user image\n- `GET /api/youtube_videos` - List YouTube videos\n- `POST /api/youtube_videos` - Add YouTube video\n- `PUT /api/youtube_videos/\u003cid\u003e` - Update video\n- `DELETE /api/youtube_videos/\u003cid\u003e` - Delete video\n\n### User Management\n\n- `GET /api/users` - List users with pagination, search, and filtering (role, status, verification)\n- `POST /api/users` - Create user with role assignment and premium status\n- `GET /api/users/\u003cuser_id\u003e/details` - Get comprehensive user details and statistics\n- `POST /api/users/\u003cuser_id\u003e/reset-password` - Reset user password (admin only)\n- `GET /api/users/stats` - Get overall user statistics and role distribution\n- `GET /api/pending/stats` - Get pending registration statistics\n- `PUT /api/users/\u003cid\u003e` - Update user\n- `DELETE /api/users/\u003cid\u003e` - Delete user\n- `PATCH /api/users/\u003cid\u003e/verify` - Toggle user verification\n- `PATCH /api/users/\u003cid\u003e/status` - Toggle user status\n- `POST /api/users/\u003cid\u003e/suspend` - Suspend user\n- `POST /api/users/\u003cid\u003e/unsuspend` - Unsuspend user\n- `GET /api/registrations/pending` - Get pending registrations\n- `POST /api/registrations/\u003cid\u003e/approve` - Approve registration\n- `POST /api/registrations/\u003cid\u003e/reject` - Reject registration\n- `POST /api/user/request-account-deletion` - Request account deletion (general users only)\n- `GET /api/users/deletion-requests` - Get account deletion requests (admin only)\n- `POST /api/users/\u003cid\u003e/approve-deletion` - Approve account deletion request (admin only)\n- `POST /api/users/\u003cid\u003e/reject-deletion` - Reject account deletion request (admin only)\n\n### Roles \u0026 Permissions\n\n- `GET /api/roles` - List roles (backup implementation in routes_users.py)\n- `POST /api/roles` - Create role\n- `PUT /api/roles/\u003cid\u003e` - Update role\n- `DELETE /api/roles/\u003cid\u003e` - Delete role\n- `GET /api/permissions` - List permissions (backup implementation in routes_users.py)\n- `POST /api/permissions` - Create permission\n- `PUT /api/permissions/\u003cid\u003e` - Update permission\n- `DELETE /api/permissions/\u003cid\u003e` - Delete permission\n\n### Navigation Management\n\n- `GET /api/navigation-links` - List navigation links\n- `POST /api/navigation-links` - Create navigation link\n- `PUT /api/navigation-links/\u003cid\u003e` - Update navigation link\n- `DELETE /api/navigation-links/\u003cid\u003e` - Delete navigation link\n- `POST /api/navigation-links/bulk-update` - Bulk update navigation links\n\n### SEO \u0026 Analytics\n\n- `GET /sitemap.xml` - Main sitemap\n- `GET /sitemap-news.xml` - News-specific sitemap\n- `GET /sitemap-index.xml` - Sitemap index\n- `GET /robots.txt` - Search engine directives\n- `GET /api/analytics/visitors` - Visitor statistics\n- `GET /api/analytics/content` - Content analytics\n- `GET /api/analytics/activity` - Activity logs\n- `GET /api/analytics/performance` - Performance metrics\n\n### Premium \u0026 Subscription\n\n- `GET /api/subscriptions/plans` - Get subscription plans\n- `POST /api/subscriptions/create` - Create subscription\n- `POST /api/subscriptions/cancel` - Cancel subscription\n- `GET /api/subscriptions/status` - Get subscription status\n- `POST /api/subscriptions/update-ad-preferences` - Update ad preferences\n- `GET /api/subscriptions/check-premium-access` - Check premium access\n\n## Authentication \u0026 Authorization\n\n### User Roles\n\n- **SUPERUSER**: Full system access with all permissions\n- **ADMIN**: Content and user management with limited system access\n- **GENERAL**: Basic content creation and personal management\n\n### Smart Routing System\n\n- **Role-Based Navigation**: Automatic dashboard routing based on user role\n- **Admin/Superuser/Owner**: Redirected to `/settings` (admin dashboard)\n- **General Users**: Redirected to `/dashboard` (reader dashboard)\n- **Template Integration**: All dashboard links use smart routing via `get_user_dashboard_url()` function\n- **Login Integration**: Login redirects use the same smart routing logic\n- **Consistent Experience**: Seamless navigation across all templates\n\n### Permission System\n\n- **Enhanced User Management**: Advanced user listing with pagination, search, and filtering\n- **User Creation System**: Admin user creation with role assignment and premium status\n- **User Statistics Dashboard**: Real-time user statistics and role distribution\n- **Granular Permissions**: Matrix-based access control with 80+ granular permissions\n- **Centralized Permission System**: Permission management with role-based inheritance\n- **Role-based Access**: Automatic permission assignment based on roles\n- **Activity Logging**: Comprehensive audit trails for all actions\n- **Session Management**: Secure session handling with auto-logout\n- **Comprehensive Testing**: All endpoints tested with different user roles\n- **Template Path Verification**: All admin templates properly configured\n- **Error Handling**: Robust error handling for permission violations\n- **Backup API Endpoints**: Resolved 404 errors for roles and permissions\n\n## SEO Features\n\n### Sitemap Generation\n\n- **Main Sitemap**: All content types with proper priorities\n- **News Sitemap**: News-specific optimization with publication dates\n- **Sitemap Index**: For large sites with multiple sitemaps\n- **SEO Integration**: Uses meta_robots, seo_slug, priorities, and changefreq\n\n### SEO Management\n\n- **Meta Tags**: Description, keywords, author, language, robots\n- **Open Graph**: Social media optimization for Facebook, LinkedIn\n- **Twitter Cards**: Twitter-specific optimization\n- **Schema Markup**: JSON-LD structured data for search engines\n- **SEO Scoring**: Automated SEO analysis (0-100 scale)\n- **Canonical URLs**: Prevent duplicate content issues\n- **URL Optimization**: SEO-friendly slugs and redirects\n\n## UI/UX Features\n\n### Design System\n\n- **Tailwind CSS**: Utility-first styling with custom configuration\n- **Responsive Design**: Mobile-first approach with breakpoint optimization\n- **Dark Mode**: Theme switching capability with persistent preferences\n- **Toast Notifications**: User feedback system with multiple types\n- **Loading States**: Comprehensive loading indicators and skeleton screens\n\n### Components\n\n- **Dynamic Sidebar**: Role-based navigation with collapsible sections\n- **Pagination**: Efficient content browsing with configurable page sizes\n- **Search \u0026 Filter**: Advanced content discovery with multiple filters and real-time search results\n- **Bulk Operations**: Efficient content management with batch processing\n- **Modal System**: Reusable modal components for forms and confirmations\n- **Data Tables**: Sortable, filterable tables with bulk actions\n- **Tabbed Interfaces**: Advanced tabbed navigation with search integration and state management\n\n## Database Models\n\n### Core Models\n\n- **User**: Authentication, profiles, roles, permissions, activity tracking\n- **News**: Articles with SEO, scheduling, archiving, related content\n- **Album**: Album management with chapters, completion status, hiatus tracking, author relationships\n- **AlbumChapter**: Chapter relationships between albums and news articles\n- **Category**: Content organization with hierarchical structure\n- **Image**: Media management with optimization, usage tracking\n- **YouTubeVideo**: Video content with metadata and embedding\n- **TeamMember**: Team management with roles and contact information\n\n### Comment \u0026 Rating Models\n\n- **Comment**: User comments on news/albums with moderation, spam detection, nested replies\n- **CommentLike**: Like/dislike system for comments with user tracking\n- **CommentReport**: Comment reporting system for inappropriate content\n- **Rating**: 5-star rating system for news/albums with statistics and analytics\n\n### SEO \u0026 Brand Models\n\n- **BrandIdentity**: Brand assets, colors, typography, guidelines\n- **SocialMedia**: Social media links and platform management\n- **ContactDetail**: Contact information and location data\n- **NavigationLink**: Navigation menu management with internal/external links\n\n### Legal \u0026 Policy Models\n\n- **PrivacyPolicy**: Privacy policy content and versioning\n- **MediaGuideline**: Media guidelines and usage policies\n- **VisiMisi**: Vision and mission statements\n- **Penyangkalan**: Disclaimer and legal disclaimers\n- **PedomanHak**: Rights and guidelines documentation\n\n### System Models\n\n- **UserRole**: Role definitions and permissions\n- **Permission**: Granular permission system\n- **CustomRole**: Custom role creation and management\n- **UserActivity**: Activity logging and audit trails\n- **ShareLog**: Social sharing tracking and analytics\n\n## Deployment\n\n### Development\n\n```bash\npython main.py\n```\n\n### Production with Gunicorn\n\n```bash\ngunicorn --bind 0.0.0.0:8000 main:app\n```\n\n### Production with Passenger\n\n```bash\n# Configure passenger_wsgi.py\npassenger start\n```\n\n### Docker Deployment\n\n```dockerfile\nFROM python:3.9-slim\nWORKDIR /app\nCOPY requirements.txt .\nRUN pip install -r requirements.txt\nCOPY . .\nEXPOSE 8000\nCMD [\"gunicorn\", \"--bind\", \"0.0.0.0:8000\", \"main:app\"]\n```\n\n## Testing\n\n### Running Tests\n\n```bash\n# Install dependencies\npip install -r requirements.txt\n\n# Run all tests\npython test/run_tests.py\n\n# Run quick tests\npython test/quick_test.py\n\n# Run comprehensive endpoint tests (NEW)\npython test/test_comprehensive_endpoints.py\n\n# Run specific tests\npython test/test_seo_leveling.py\npython test/test_authentication.py\npython test/test_user_management.py\n```\n\n### Test Coverage\n\n- **Core System Tests**: Authentication, user management, database models\n- **Performance Tests**: Monitoring, caching, optimization\n- **Feature Tests**: Comments, ratings, assets, navigation\n- **SEO Tests**: SEO leveling system, content-specific SEO overrides\n- **Infrastructure Tests**: Redis connection, subscription system\n- **Comprehensive Endpoint Tests**: Full endpoint testing with different user roles (no login, general, admin, superuser)\n- **Authentication \u0026 Authorization Tests**: Session-based testing with proper CSRF token handling\n- **Template Path Tests**: Verification of all admin template paths and rendering\n- **Permission System Tests**: Role-based access control verification across all endpoints\n\n### SEO Leveling Test\n\nThe SEO leveling system includes comprehensive tests to verify:\n\n- ✅ Content-specific SEO takes precedence over root SEO\n- ✅ URL pattern detection for news and album pages\n- ✅ Template integration with SEO override blocks\n- ✅ Proper OG types (article for news, book for albums)\n- ✅ Fallback system with root SEO and brand defaults\n\n```bash\n# Run SEO leveling test specifically\npython test/test_seo_leveling.py\n```\n\n### Comprehensive Endpoint Testing (NEW)\n\nThe system includes comprehensive endpoint testing with session-based authentication:\n\n- ✅ **95% Success Rate**: 28/30 endpoints working correctly\n- ✅ **Authentication Testing**: All user roles (general, admin, superuser) tested\n- ✅ **Permission System**: Role-based access control verified\n- ✅ **Template Paths**: All admin template paths fixed and verified\n- ✅ **Session Management**: Proper CSRF token handling and session management\n- ✅ **Error Handling**: Comprehensive error handling and fallback mechanisms\n\n**Test Coverage:**\n\n- Comment moderation endpoints\n- Rating management endpoints\n- Ads management endpoints\n- Analytics endpoints\n- User management endpoints\n- Subscription endpoints\n- SEO management endpoints\n\n```bash\n# Run comprehensive endpoint tests\npython test/test_comprehensive_endpoints.py\n```\n\n## Contributing\n\n1. Fork the repository\n2. Create a feature branch (`git checkout -b feature/amazing-feature`)\n3. Commit your changes (`git commit -m 'Add amazing feature'`)\n4. Push to the branch (`git push origin feature/amazing-feature`)\n5. Open a Pull Request\n\n### Development Guidelines\n\n- Follow PEP 8 Python style guide\n- Write tests for new features\n- Update documentation for API changes\n- Use conventional commit messages\n- Ensure all tests pass before submitting PR\n\n## License\n\nThis project is licensed under the CC0 License - see the [LICENSE](LICENSE) file for details.\n\n## Support\n\n- **Documentation**: Check the [docs/](docs/) folder for comprehensive guides\n- **Issues**: Report bugs via GitHub Issues\n- **Discussions**: Use GitHub Discussions for questions\n- **Email**: Contact the development team\n\n## Acknowledgments\n\n- Flask community for the excellent web framework\n- Tailwind CSS for the utility-first CSS framework\n- All contributors who have helped improve LilyOpenCms\n\n---\n\n**LilyOpenCms** - Modern content management for the digital age.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1999azzar%2Flilyopencms","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F1999azzar%2Flilyopencms","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1999azzar%2Flilyopencms/lists"}