From c2c48a03e83bbb43be44d0c6f43005dde386de9e Mon Sep 17 00:00:00 2001
From: Sebastian Frick <sebastian@monkeysquad.de>
Date: Tue, 17 Feb 2026 22:08:51 +0100
Subject: [PATCH] refactor: restructure repository with separate backend and
 frontend directories

- Move Java backend to backend/ directory
- Create frontend/ directory for TypeScript TUI and future WebUI
- Update .gitignore for Node.js and worktrees
- Update README.md with new repository structure
- Copy documentation to backend/
---
 .gitignore                                    |  13 +
 README.md                                     |  94 +++++-
 TODO.md                                       |   4 +-
 backend/.factorypath                          |  92 ++++++
 backend/CLAUDE.md                             |  47 +++
 .../INTEGRATION_TESTS_SUMMARY.md              |   0
 backend/README.md                             | 188 +++++++++++
 TESTING_GUIDE.md => backend/TESTING_GUIDE.md  |   0
 .../TEST_FILES_INDEX.md                       |   0
 TEST_SUMMARY.md => backend/TEST_SUMMARY.md    |   0
 backend/TODO.md                               |  13 +
 .../UNIT_TESTS_README.md                      |   0
 {docs => backend/docs}/QUICK_START.md         |   0
 {docs => backend/docs}/USER_MANAGEMENT.md     |   0
 ...15-fleischerei-erp-feature-definition.docx | Bin
 ...2-15-fleischerei-erp-feature-definition.md |   0
 ...16-abhangigkeitsanalyse-fleischerei-erp.md |   0
 {docs => backend/docs}/mvp/ddd/00-overview.md |   0
 .../docs}/mvp/ddd/01-domain-classification.md |   0
 .../docs}/mvp/ddd/02-bounded-contexts.md      |   0
 .../docs}/mvp/ddd/03-ubiquitous-language.md   |   0
 .../docs}/mvp/ddd/04-production-bc.md         |   0
 .../docs}/mvp/ddd/04-produktions-kontext.md   |   0
 .../docs}/mvp/ddd/05-qualitaets-kontext.md    |   0
 .../docs}/mvp/ddd/05-quality-bc.md            |   0
 .../docs}/mvp/ddd/06-labeling-bc.md           |   0
 .../mvp/ddd/07-bestandsfuehrungs-kontext.md   |   0
 .../docs}/mvp/ddd/07-inventory-bc.md          |   0
 .../docs}/mvp/ddd/08-procurement-bc.md        |   0
 .../docs}/mvp/ddd/09-filiales-bc.md           |   0
 .../docs}/mvp/ddd/10-supporting-bcs.md        |   0
 {docs => backend/docs}/mvp/ddd/README.md      |   0
 .../tickets/001-code-review-usermanagement.md | 292 ++++++++++++++++++
 pom.xml => backend/pom.xml                    |   0
 .../de/effigenix/EffigenixApplication.java    |   0
 .../usermanagement/AssignRole.java            |   0
 .../usermanagement/AuditEvent.java            |   0
 .../usermanagement/AuditLogger.java           |   0
 .../usermanagement/AuthenticateUser.java      |   0
 .../usermanagement/ChangePassword.java        |   0
 .../usermanagement/CreateUser.java            |   0
 .../application/usermanagement/GetUser.java   |   0
 .../application/usermanagement/ListUsers.java |   0
 .../application/usermanagement/LockUser.java  |   0
 .../usermanagement/PasswordHasher.java        |   0
 .../usermanagement/RemoveRole.java            |   0
 .../usermanagement/SessionManager.java        |   0
 .../usermanagement/UnlockUser.java            |   0
 .../usermanagement/UpdateUser.java            |   0
 .../command/AssignRoleCommand.java            |   0
 .../command/AuthenticateCommand.java          |   0
 .../command/ChangePasswordCommand.java        |   0
 .../command/CreateUserCommand.java            |   0
 .../command/UpdateUserCommand.java            |   0
 .../usermanagement/dto/RoleDTO.java           |   0
 .../usermanagement/dto/SessionToken.java      |   0
 .../usermanagement/dto/UserDTO.java           |   0
 .../domain/filiales/FilialesAction.java       |   0
 .../domain/inventory/InventoryAction.java     |   0
 .../domain/labeling/LabelingAction.java       |   0
 .../domain/procurement/ProcurementAction.java |   0
 .../domain/production/ProductionAction.java   |   0
 .../domain/quality/QualityAction.java         |   0
 .../effigenix/domain/sales/SalesAction.java   |   0
 .../domain/usermanagement/PasswordHash.java   |   0
 .../domain/usermanagement/Permission.java     |   0
 .../usermanagement/RepositoryError.java       |   0
 .../effigenix/domain/usermanagement/Role.java |   0
 .../domain/usermanagement/RoleId.java         |   0
 .../domain/usermanagement/RoleName.java       |   0
 .../domain/usermanagement/RoleRepository.java |   0
 .../effigenix/domain/usermanagement/User.java |   0
 .../domain/usermanagement/UserError.java      |   0
 .../domain/usermanagement/UserId.java         |   0
 .../domain/usermanagement/UserRepository.java |   0
 .../domain/usermanagement/UserStatus.java     |   0
 .../infrastructure/audit/AuditLogEntity.java  |   0
 .../audit/AuditLogJpaRepository.java          |   0
 .../audit/DatabaseAuditLogger.java            |   0
 .../config/UseCaseConfiguration.java          |   0
 .../security/ActionToPermissionMapper.java    |   0
 .../security/BCryptPasswordHasher.java        |   0
 .../security/JwtAuthenticationDetails.java    |   0
 .../security/JwtAuthenticationFilter.java     |   0
 .../security/JwtSessionManager.java           |   0
 .../security/JwtTokenProvider.java            |   0
 .../security/SecurityConfig.java              |   0
 .../SpringSecurityAuthorizationAdapter.java   |   0
 .../persistence/entity/RoleEntity.java        |   0
 .../persistence/entity/UserEntity.java        |   0
 .../persistence/mapper/RoleMapper.java        |   0
 .../persistence/mapper/UserMapper.java        |   0
 .../repository/JpaRoleRepository.java         |   0
 .../repository/JpaUserRepository.java         |   0
 .../repository/RoleJpaRepository.java         |   0
 .../repository/UserJpaRepository.java         |   0
 .../usermanagement/web/README.md              |   0
 .../web/controller/AuthController.java        |   0
 .../web/controller/RoleController.java        |   0
 .../web/controller/UserController.java        |   0
 .../web/dto/AssignRoleRequest.java            |   0
 .../web/dto/ChangePasswordRequest.java        |   0
 .../web/dto/CreateUserRequest.java            |   0
 .../usermanagement/web/dto/ErrorResponse.java |   0
 .../usermanagement/web/dto/LoginRequest.java  |   0
 .../usermanagement/web/dto/LoginResponse.java |   0
 .../web/dto/RefreshTokenRequest.java          |   0
 .../web/dto/UpdateUserRequest.java            |   0
 .../web/exception/GlobalExceptionHandler.java |   0
 .../exception/UserErrorHttpStatusMapper.java  |   0
 .../web/config/OpenApiConfig.java             |   0
 .../shared/common/ApplicationError.java       |   0
 .../de/effigenix/shared/common/Result.java    |   0
 .../de/effigenix/shared/security/Action.java  |   0
 .../de/effigenix/shared/security/ActorId.java |   0
 .../shared/security/AuthorizationPort.java    |   0
 .../effigenix/shared/security/BranchId.java   |   0
 .../effigenix/shared/security/ResourceId.java |   0
 .../src}/main/resources/application.yml       |   0
 .../001-create-user-management-schema.xml     |   0
 .../002-seed-roles-and-permissions.sql        |   0
 .../002-seed-roles-and-permissions.xml        |   0
 .../changes/003-create-audit-logs-table.xml   |   0
 .../changelog/changes/004-seed-admin-user.sql |   0
 .../changelog/changes/004-seed-admin-user.xml |   0
 .../db/changelog/db.changelog-master.xml      |   0
 .../usermanagement/AuthenticateUserTest.java  |   0
 .../usermanagement/ChangePasswordTest.java    |   0
 .../usermanagement/CreateUserTest.java        |   0
 .../usermanagement/PasswordHashTest.java      |   0
 .../domain/usermanagement/RoleIdTest.java     |   0
 .../domain/usermanagement/RoleTest.java       |   0
 .../domain/usermanagement/UserIdTest.java     |   0
 .../domain/usermanagement/UserTest.java       |   0
 .../security/BCryptPasswordHasherTest.java    |   0
 .../persistence/mapper/RoleMapperTest.java    |   0
 .../persistence/mapper/UserMapperTest.java    |   0
 .../web/AuthControllerIntegrationTest.java    |   0
 .../web/SecurityIntegrationTest.java          |   0
 .../web/UserControllerIntegrationTest.java    |   0
 .../src}/test/resources/application-test.yml  |   0
 141 files changed, 734 insertions(+), 9 deletions(-)
 create mode 100644 backend/.factorypath
 create mode 100644 backend/CLAUDE.md
 rename INTEGRATION_TESTS_SUMMARY.md => backend/INTEGRATION_TESTS_SUMMARY.md (100%)
 create mode 100644 backend/README.md
 rename TESTING_GUIDE.md => backend/TESTING_GUIDE.md (100%)
 rename TEST_FILES_INDEX.md => backend/TEST_FILES_INDEX.md (100%)
 rename TEST_SUMMARY.md => backend/TEST_SUMMARY.md (100%)
 create mode 100644 backend/TODO.md
 rename UNIT_TESTS_README.md => backend/UNIT_TESTS_README.md (100%)
 rename {docs => backend/docs}/QUICK_START.md (100%)
 rename {docs => backend/docs}/USER_MANAGEMENT.md (100%)
 rename {docs => backend/docs}/mvp/2026-02-15-fleischerei-erp-feature-definition.docx (100%)
 rename {docs => backend/docs}/mvp/2026-02-15-fleischerei-erp-feature-definition.md (100%)
 rename {docs => backend/docs}/mvp/2026-02-16-abhangigkeitsanalyse-fleischerei-erp.md (100%)
 rename {docs => backend/docs}/mvp/ddd/00-overview.md (100%)
 rename {docs => backend/docs}/mvp/ddd/01-domain-classification.md (100%)
 rename {docs => backend/docs}/mvp/ddd/02-bounded-contexts.md (100%)
 rename {docs => backend/docs}/mvp/ddd/03-ubiquitous-language.md (100%)
 rename {docs => backend/docs}/mvp/ddd/04-production-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/04-produktions-kontext.md (100%)
 rename {docs => backend/docs}/mvp/ddd/05-qualitaets-kontext.md (100%)
 rename {docs => backend/docs}/mvp/ddd/05-quality-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/06-labeling-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/07-bestandsfuehrungs-kontext.md (100%)
 rename {docs => backend/docs}/mvp/ddd/07-inventory-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/08-procurement-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/09-filiales-bc.md (100%)
 rename {docs => backend/docs}/mvp/ddd/10-supporting-bcs.md (100%)
 rename {docs => backend/docs}/mvp/ddd/README.md (100%)
 create mode 100644 backend/docs/tickets/001-code-review-usermanagement.md
 rename pom.xml => backend/pom.xml (100%)
 rename {src => backend/src}/main/java/de/effigenix/EffigenixApplication.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/AssignRole.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/AuditEvent.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/AuditLogger.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/ChangePassword.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/CreateUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/GetUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/ListUsers.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/LockUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/PasswordHasher.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/RemoveRole.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/SessionManager.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/UnlockUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/UpdateUser.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/command/AssignRoleCommand.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/command/AuthenticateCommand.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/command/ChangePasswordCommand.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/command/CreateUserCommand.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/command/UpdateUserCommand.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/dto/RoleDTO.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/dto/SessionToken.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/application/usermanagement/dto/UserDTO.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/filiales/FilialesAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/inventory/InventoryAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/labeling/LabelingAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/procurement/ProcurementAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/production/ProductionAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/quality/QualityAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/sales/SalesAction.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/PasswordHash.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/Permission.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/RepositoryError.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/Role.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/RoleId.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/RoleName.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/RoleRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/User.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/UserError.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/UserId.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/UserRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/domain/usermanagement/UserStatus.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/audit/AuditLogEntity.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/audit/AuditLogJpaRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/BCryptPasswordHasher.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/JwtAuthenticationDetails.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/JwtAuthenticationFilter.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/JwtTokenProvider.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/SecurityConfig.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/security/SpringSecurityAuthorizationAdapter.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/RoleEntity.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/UserEntity.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapper.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapper.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaRoleRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaUserRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/RoleJpaRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/UserJpaRepository.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/README.md (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/controller/RoleController.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/AssignRoleRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ChangePasswordRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/CreateUserRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ErrorResponse.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginResponse.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/RefreshTokenRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/dto/UpdateUserRequest.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/infrastructure/web/config/OpenApiConfig.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/common/ApplicationError.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/common/Result.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/security/Action.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/security/ActorId.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/security/AuthorizationPort.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/security/BranchId.java (100%)
 rename {src => backend/src}/main/java/de/effigenix/shared/security/ResourceId.java (100%)
 rename {src => backend/src}/main/resources/application.yml (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/001-create-user-management-schema.xml (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/002-seed-roles-and-permissions.sql (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/002-seed-roles-and-permissions.xml (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/003-create-audit-logs-table.xml (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/004-seed-admin-user.sql (100%)
 rename {src => backend/src}/main/resources/db/changelog/changes/004-seed-admin-user.xml (100%)
 rename {src => backend/src}/main/resources/db/changelog/db.changelog-master.xml (100%)
 rename {src => backend/src}/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/application/usermanagement/CreateUserTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/domain/usermanagement/PasswordHashTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/domain/usermanagement/RoleIdTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/domain/usermanagement/RoleTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/domain/usermanagement/UserIdTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/domain/usermanagement/UserTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/security/BCryptPasswordHasherTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapperTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapperTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/usermanagement/web/AuthControllerIntegrationTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/usermanagement/web/SecurityIntegrationTest.java (100%)
 rename {src => backend/src}/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java (100%)
 rename {src => backend/src}/test/resources/application-test.yml (100%)

diff --git a/.gitignore b/.gitignore
index 712a580..4de19cd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -50,3 +50,16 @@ coverage/
 .mvn/
 mvnw
 mvnw.cmd
+
+# Node.js / Frontend
+frontend/node_modules/
+frontend/dist/
+frontend/build/
+frontend/.pnpm-store/
+frontend/**/.turbo/
+frontend/**/.next/
+*.tsbuildinfo
+.pnpm-debug.log
+
+# Git worktrees
+.worktrees/
diff --git a/README.md b/README.md
index 3cb4519..a047228 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,20 @@
 
 ERP-System für Fleischereien mit HACCP-Compliance, GoBD-konform, Mehrfilialen-Support.
 
+## Repository Structure
+
+```
+effigenix/
+├── backend/          # Java Spring Boot Backend
+│   ├── src/          # Java source code (DDD + Clean Architecture)
+│   ├── docs/         # Backend documentation
+│   └── pom.xml       # Maven configuration
+│
+└── frontend/         # TypeScript Frontend (TUI & WebUI)
+    ├── apps/         # Applications (CLI TUI, WebUI)
+    └── packages/     # Shared packages (api-client, types, validation)
+```
+
 ## Architektur
 
 **Domain-Driven Design + Clean Architecture + Java 21 + Spring Boot**
@@ -58,14 +72,15 @@ ERP-System für Fleischereien mit HACCP-Compliance, GoBD-konform, Mehrfilialen-S
 
 ## Getting Started
 
-### Prerequisites
+### Backend (Java Spring Boot)
 
+**Prerequisites:**
 - Java 21+
 - Maven 3.9+
 - PostgreSQL 15+
 - Docker (optional, für PostgreSQL)
 
-### Database Setup
+**Database Setup:**
 
 ```bash
 # PostgreSQL mit Docker
@@ -77,9 +92,11 @@ docker run --name effigenix-postgres \
   -d postgres:15
 ```
 
-### Build & Run
+**Build & Run:**
 
 ```bash
+cd backend
+
 # Build
 mvn clean install
 
@@ -90,16 +107,41 @@ mvn spring-boot:run
 mvn spring-boot:run -Dspring-boot.run.profiles=dev
 ```
 
-### API Documentation
+**API Documentation:**
 
 Nach dem Start verfügbar unter:
 - Swagger UI: http://localhost:8080/swagger-ui.html
 - OpenAPI Spec: http://localhost:8080/api-docs
 
+### Frontend (TypeScript TUI)
+
+**Prerequisites:**
+- Node.js 20+
+- pnpm 9+
+
+**Setup & Run:**
+
+```bash
+cd frontend
+
+# Install dependencies
+pnpm install
+
+# Run TUI in dev mode
+pnpm run dev
+
+# Build for production
+pnpm run build
+```
+
+Detailed frontend documentation: [frontend/README.md](frontend/README.md)
+
 ## Project Structure
 
+**Backend (Java):**
+
 ```
-src/main/java/com/effigenix/
+backend/src/main/java/de/effigenix/
 ├── domain/              # Domain Layer (keine Framework-Dependencies!)
 │   └── usermanagement/
 │       ├── User.java
@@ -120,8 +162,27 @@ src/main/java/com/effigenix/
     ├── security/        # AuthorizationPort, Action
     └── common/          # Result, ApplicationError
 
-src/main/resources/
-└── db/migration/        # Flyway Migrations
+backend/src/main/resources/
+└── db/migration/        # Liquibase Migrations
+```
+
+**Frontend (TypeScript):**
+
+```
+frontend/
+├── apps/
+│   └── cli/             # Terminal UI (Ink)
+│       ├── src/
+│       │   ├── components/  # UI components
+│       │   ├── hooks/       # React hooks
+│       │   └── state/       # State management
+│       └── package.json
+│
+└── packages/            # Shared packages (reusable for WebUI)
+    ├── api-client/      # HTTP client für Backend API
+    ├── types/           # TypeScript types (generated from OpenAPI)
+    ├── validation/      # Zod schemas
+    └── config/          # Shared configuration
 ```
 
 ## User Management (Generic Subdomain)
@@ -166,7 +227,11 @@ public class CreateRecipe {
 
 ## Testing
 
+**Backend:**
+
 ```bash
+cd backend
+
 # Unit Tests
 mvn test
 
@@ -177,6 +242,21 @@ mvn verify
 mvn clean verify jacoco:report
 ```
 
+**Frontend:**
+
+```bash
+cd frontend
+
+# Unit Tests
+pnpm test
+
+# Test Coverage
+pnpm run test:coverage
+
+# Type Check
+pnpm run typecheck
+```
+
 ## License
 
 Proprietary - Effigenix GmbH
diff --git a/TODO.md b/TODO.md
index a470aa4..0f54c0d 100644
--- a/TODO.md
+++ b/TODO.md
@@ -7,7 +7,7 @@
   3. ✅ Inventory BC implementieren (Basis: 8.1-8.3)
   4. ✅ Document Archive BC (Basis: 12.1-12.2) - parallel zu Inventory
 
-- [ ] Liquibase statt Flyway
-- [ ] Package Struktur gemäß DDD-model skill, ddd-implementer fragen wegen refactor?
+- [x] Liquibase statt Flyway
+- [x] Package Struktur gemäß DDD-model skill, ddd-implementer fragen wegen refactor?
 - [ ] ActionToPermissionMapper, warum unterschiedliches Vorgehen if/else vs. switch/case
 - [ ] Nix Shell für manuelles Testing mit Postgres sowie für Migrationstests
diff --git a/backend/.factorypath b/backend/.factorypath
new file mode 100644
index 0000000..3152206
--- /dev/null
+++ b/backend/.factorypath
@@ -0,0 +1,92 @@
+<factorypath>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-web/3.2.2/spring-boot-starter-web-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter/3.2.2/spring-boot-starter-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot/3.2.2/spring-boot-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-autoconfigure/3.2.2/spring-boot-autoconfigure-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-logging/3.2.2/spring-boot-starter-logging-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/ch/qos/logback/logback-classic/1.4.14/logback-classic-1.4.14.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/ch/qos/logback/logback-core/1.4.14/logback-core-1.4.14.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/logging/log4j/log4j-to-slf4j/2.21.1/log4j-to-slf4j-2.21.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/logging/log4j/log4j-api/2.21.1/log4j-api-2.21.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/slf4j/jul-to-slf4j/2.0.11/jul-to-slf4j-2.0.11.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/annotation/jakarta.annotation-api/2.1.1/jakarta.annotation-api-2.1.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-json/3.2.2/spring-boot-starter-json-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/datatype/jackson-datatype-jdk8/2.15.3/jackson-datatype-jdk8-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.15.3/jackson-datatype-jsr310-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/module/jackson-module-parameter-names/2.15.3/jackson-module-parameter-names-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-tomcat/3.2.2/spring-boot-starter-tomcat-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/tomcat/embed/tomcat-embed-core/10.1.18/tomcat-embed-core-10.1.18.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/tomcat/embed/tomcat-embed-websocket/10.1.18/tomcat-embed-websocket-10.1.18.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-web/6.1.3/spring-web-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-beans/6.1.3/spring-beans-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/micrometer/micrometer-observation/1.12.2/micrometer-observation-1.12.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/micrometer/micrometer-commons/1.12.2/micrometer-commons-1.12.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-webmvc/6.1.3/spring-webmvc-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-context/6.1.3/spring-context-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-expression/6.1.3/spring-expression-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-data-jpa/3.2.2/spring-boot-starter-data-jpa-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-aop/3.2.2/spring-boot-starter-aop-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/aspectj/aspectjweaver/1.9.21/aspectjweaver-1.9.21.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-jdbc/3.2.2/spring-boot-starter-jdbc-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/zaxxer/HikariCP/5.0.1/HikariCP-5.0.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-jdbc/6.1.3/spring-jdbc-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/hibernate/orm/hibernate-core/6.4.1.Final/hibernate-core-6.4.1.Final.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/persistence/jakarta.persistence-api/3.1.0/jakarta.persistence-api-3.1.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/transaction/jakarta.transaction-api/2.0.1/jakarta.transaction-api-2.0.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/jboss/logging/jboss-logging/3.5.3.Final/jboss-logging-3.5.3.Final.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/hibernate/common/hibernate-commons-annotations/6.0.6.Final/hibernate-commons-annotations-6.0.6.Final.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/smallrye/jandex/3.1.2/jandex-3.1.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/classmate/1.6.0/classmate-1.6.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/net/bytebuddy/byte-buddy/1.14.11/byte-buddy-1.14.11.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/glassfish/jaxb/jaxb-runtime/4.0.4/jaxb-runtime-4.0.4.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/glassfish/jaxb/jaxb-core/4.0.4/jaxb-core-4.0.4.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/eclipse/angus/angus-activation/2.0.1/angus-activation-2.0.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/glassfish/jaxb/txw2/4.0.4/txw2-4.0.4.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/sun/istack/istack-commons-runtime/4.1.2/istack-commons-runtime-4.1.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/inject/jakarta.inject-api/2.0.1/jakarta.inject-api-2.0.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/antlr/antlr4-runtime/4.13.0/antlr4-runtime-4.13.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/data/spring-data-jpa/3.2.2/spring-data-jpa-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/data/spring-data-commons/3.2.2/spring-data-commons-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-orm/6.1.3/spring-orm-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-tx/6.1.3/spring-tx-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/slf4j/slf4j-api/2.0.11/slf4j-api-2.0.11.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-aspects/6.1.3/spring-aspects-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-validation/3.2.2/spring-boot-starter-validation-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/tomcat/embed/tomcat-embed-el/10.1.18/tomcat-embed-el-10.1.18.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/hibernate/validator/hibernate-validator/8.0.1.Final/hibernate-validator-8.0.1.Final.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/validation/jakarta.validation-api/3.0.2/jakarta.validation-api-3.0.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-security/3.2.2/spring-boot-starter-security-3.2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-aop/6.1.3/spring-aop-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/security/spring-security-config/6.2.1/spring-security-config-6.2.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/security/spring-security-web/6.2.1/spring-security-web-6.2.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/jsonwebtoken/jjwt-api/0.12.5/jjwt-api-0.12.5.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/jsonwebtoken/jjwt-impl/0.12.5/jjwt-impl-0.12.5.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/jsonwebtoken/jjwt-jackson/0.12.5/jjwt-jackson-0.12.5.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/core/jackson-databind/2.15.3/jackson-databind-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/core/jackson-annotations/2.15.3/jackson-annotations-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/core/jackson-core/2.15.3/jackson-core-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/postgresql/postgresql/42.6.0/postgresql-42.6.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/checkerframework/checker-qual/3.31.0/checker-qual-3.31.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/liquibase/liquibase-core/4.24.0/liquibase-core-4.24.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/opencsv/opencsv/5.8/opencsv-5.8.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/commons/commons-lang3/3.13.0/commons-lang3-3.13.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/commons/commons-text/1.10.0/commons-text-1.10.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/commons/commons-collections4/4.4/commons-collections4-4.4.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/yaml/snakeyaml/2.2/snakeyaml-2.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/javax/xml/bind/jaxb-api/2.3.1/jaxb-api-2.3.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springdoc/springdoc-openapi-starter-webmvc-ui/2.3.0/springdoc-openapi-starter-webmvc-ui-2.3.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springdoc/springdoc-openapi-starter-webmvc-api/2.3.0/springdoc-openapi-starter-webmvc-api-2.3.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springdoc/springdoc-openapi-starter-common/2.3.0/springdoc-openapi-starter-common-2.3.0.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/swagger/core/v3/swagger-core-jakarta/2.2.19/swagger-core-jakarta-2.2.19.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/swagger/core/v3/swagger-annotations-jakarta/2.2.19/swagger-annotations-jakarta-2.2.19.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/swagger/core/v3/swagger-models-jakarta/2.2.19/swagger-models-jakarta-2.2.19.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/com/fasterxml/jackson/dataformat/jackson-dataformat-yaml/2.15.3/jackson-dataformat-yaml-2.15.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/webjars/swagger-ui/5.10.3/swagger-ui-5.10.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/projectlombok/lombok/1.18.30/lombok-1.18.30.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/xml/bind/jakarta.xml.bind-api/4.0.1/jakarta.xml.bind-api-4.0.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/jakarta/activation/jakarta.activation-api/2.1.2/jakarta.activation-api-2.1.2.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-core/6.1.3/spring-core-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/spring-jcl/6.1.3/spring-jcl-6.1.3.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/security/spring-security-core/6.2.1/spring-security-core-6.2.1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/security/spring-security-crypto/6.2.1/spring-security-crypto-6.2.1.jar" enabled="true" runInBatchMode="false"/>
+</factorypath>
diff --git a/backend/CLAUDE.md b/backend/CLAUDE.md
new file mode 100644
index 0000000..db9477b
--- /dev/null
+++ b/backend/CLAUDE.md
@@ -0,0 +1,47 @@
+# Effigenix ERP – Agent Guide
+
+## Stack
+Java 21, Spring Boot 3.2, PostgreSQL, Liquibase, JWT (JJWT), Maven
+
+## Architektur
+DDD + Clean Architecture. Einweg-Abhängigkeit: `domain → application → infrastructure`.
+
+```
+de.effigenix.
+├── domain.{bc}/          # Reine Geschäftslogik, KEINE Framework-Deps
+├── application.{bc}/     # Use Cases, Commands, DTOs
+├── infrastructure.{bc}/  # JPA, REST, Security, Audit
+└── shared/               # Shared Kernel (Result<E,T>, AuthorizationPort, Action)
+```
+
+Bounded Contexts: `usermanagement` (implementiert), `production`, `quality`, `inventory`, `procurement`, `sales`, `labeling`, `filiales` (Platzhalter).
+
+## Namenskonventionen
+| Artefakt | Muster | Beispiel |
+|---|---|---|
+| Use Case | `{Verb}{Noun}` | `CreateUser`, `AuthenticateUser` |
+| Command | `{Verb}{Noun}Command` | `CreateUserCommand` |
+| Domain Entity | `{Noun}` | `User`, `Role` |
+| Value Object | `{Noun}` | `UserId`, `PasswordHash`, `RoleName` |
+| Domain Error | `{Noun}Error` (sealed interface) | `UserError.UsernameAlreadyExists` |
+| JPA Entity | `{Noun}Entity` | `UserEntity` |
+| Mapper | `{Noun}Mapper` | `UserMapper` (Domain↔JPA) |
+| Repository (Domain) | `{Noun}Repository` | `UserRepository` (Interface) |
+| Repository (Impl) | `Jpa{Noun}Repository` | `JpaUserRepository` |
+| Controller | `{Noun}Controller` | `UserController` |
+| Web DTO | `{Verb}{Noun}Request` | `CreateUserRequest` |
+| Action Enum | `{Noun}Action implements Action` | `ProductionAction` |
+
+## Error Handling
+Funktional via `Result<E, T>` (`shared.common.Result`). Domain-Fehler sind sealed interfaces mit Records. Keine Exceptions im Domain/Application Layer.
+
+## Commits
+Conventional Commits. Kein `Co-Authored-By` Header – niemals.
+
+## DDD Skill
+Für neue Bounded Contexts: `/ddd-implement` Skill verwenden. Dokumentation unter `.claude/skills/ddd-implement/SKILL.md`.
+
+## Doku
+- `docs/QUICK_START.md` – Lokale Entwicklung, Docker, Seed-Daten
+- `docs/USER_MANAGEMENT.md` – Referenz-BC mit AuthorizationPort, JWT, Audit
+- `TODO.md` – Offene Aufgaben und Waves
diff --git a/INTEGRATION_TESTS_SUMMARY.md b/backend/INTEGRATION_TESTS_SUMMARY.md
similarity index 100%
rename from INTEGRATION_TESTS_SUMMARY.md
rename to backend/INTEGRATION_TESTS_SUMMARY.md
diff --git a/backend/README.md b/backend/README.md
new file mode 100644
index 0000000..3cb4519
--- /dev/null
+++ b/backend/README.md
@@ -0,0 +1,188 @@
+# Effigenix Fleischerei ERP
+
+ERP-System für Fleischereien mit HACCP-Compliance, GoBD-konform, Mehrfilialen-Support.
+
+## Architektur
+
+**Domain-Driven Design + Clean Architecture + Java 21 + Spring Boot**
+
+```
+┌─────────────────────────────────────────────────────┐
+│  Presentation (REST Controllers)                     │
+└─────────────────────────────────────────────────────┘
+                         ↓
+┌─────────────────────────────────────────────────────┐
+│  Application Layer (Use Cases)                       │
+│  - Transaction Script for Generic Subdomains        │
+│  - Rich Domain Model for Core Domains               │
+└─────────────────────────────────────────────────────┘
+                         ↓
+┌─────────────────────────────────────────────────────┐
+│  Domain Layer (DDD Tactical Patterns)                │
+│  - Aggregates, Entities, Value Objects              │
+│  - Domain Events, Repositories                      │
+└─────────────────────────────────────────────────────┘
+                         ↓
+┌─────────────────────────────────────────────────────┐
+│  Infrastructure Layer                                │
+│  - Spring, JPA, PostgreSQL, JWT, REST               │
+└─────────────────────────────────────────────────────┘
+```
+
+## Bounded Contexts (11)
+
+### Core Domains (7)
+- **Production Management** - Rezeptverwaltung, Chargenproduktion
+- **Quality Management** - HACCP-Compliance, Temperaturüberwachung
+- **Inventory Management** - Bestandsführung, Lagerverwaltung
+- **Procurement** - Einkauf, Wareneingang, Lieferanten
+- **Sales** - Auftragserfassung, Rechnungsstellung, Kunden
+
+### Supporting Domains (3)
+- **Labeling** - Etikettendruck mit HACCP-Daten
+- **Filiales** - Mehrfilialen-Verwaltung
+
+### Generic Subdomains (3)
+- **User Management** - Authentifizierung, Autorisierung, Rollen
+- **Reporting** - Standard-Reports
+- **Notifications** - E-Mail/SMS-Benachrichtigungen
+
+## Tech Stack
+
+- **Java 21** (Records, Sealed Interfaces, Pattern Matching)
+- **Spring Boot 3.2** (Spring Security 6, Spring Data JPA 3)
+- **PostgreSQL 15+** (Produktiv-DB)
+- **JWT** (Stateless Authentication)
+- **Flyway** (Schema Migrations)
+- **Maven** (Build Tool)
+
+## Getting Started
+
+### Prerequisites
+
+- Java 21+
+- Maven 3.9+
+- PostgreSQL 15+
+- Docker (optional, für PostgreSQL)
+
+### Database Setup
+
+```bash
+# PostgreSQL mit Docker
+docker run --name effigenix-postgres \
+  -e POSTGRES_DB=effigenix \
+  -e POSTGRES_USER=effigenix \
+  -e POSTGRES_PASSWORD=effigenix \
+  -p 5432:5432 \
+  -d postgres:15
+```
+
+### Build & Run
+
+```bash
+# Build
+mvn clean install
+
+# Run
+mvn spring-boot:run
+
+# Run with specific profile
+mvn spring-boot:run -Dspring-boot.run.profiles=dev
+```
+
+### API Documentation
+
+Nach dem Start verfügbar unter:
+- Swagger UI: http://localhost:8080/swagger-ui.html
+- OpenAPI Spec: http://localhost:8080/api-docs
+
+## Project Structure
+
+```
+src/main/java/com/effigenix/
+├── domain/              # Domain Layer (keine Framework-Dependencies!)
+│   └── usermanagement/
+│       ├── User.java
+│       ├── Role.java
+│       ├── UserId.java
+│       └── UserRepository.java
+├── application/         # Application Layer (Use Cases)
+│   └── usermanagement/
+│       ├── CreateUser.java
+│       ├── AuthenticateUser.java
+│       └── dto/
+├── infrastructure/      # Infrastructure Layer
+│   ├── persistence/
+│   ├── security/
+│   ├── web/
+│   └── audit/
+└── shared/              # Shared Kernel
+    ├── security/        # AuthorizationPort, Action
+    └── common/          # Result, ApplicationError
+
+src/main/resources/
+└── db/migration/        # Flyway Migrations
+```
+
+## User Management (Generic Subdomain)
+
+### Vordefinierte Rollen
+
+| Rolle | Permissions | Zielgruppe |
+|-------|-------------|------------|
+| **ADMIN** | Alle | Systemadministrator |
+| **PRODUCTION_MANAGER** | RECIPE_*, BATCH_*, PRODUCTION_ORDER_* | Leiter Produktion |
+| **PRODUCTION_WORKER** | RECIPE_READ, BATCH_* | Produktionsmitarbeiter |
+| **QUALITY_MANAGER** | HACCP_*, TEMPERATURE_LOG_* | Qualitätsbeauftragter |
+| **QUALITY_INSPECTOR** | TEMPERATURE_LOG_*, GOODS_INSPECTION_* | QM-Mitarbeiter |
+| **PROCUREMENT_MANAGER** | PURCHASE_ORDER_*, SUPPLIER_* | Einkaufsleiter |
+| **WAREHOUSE_WORKER** | STOCK_*, INVENTORY_COUNT_* | Lagermitarbeiter |
+| **SALES_MANAGER** | ORDER_*, INVOICE_*, CUSTOMER_* | Verkaufsleiter |
+| **SALES_STAFF** | ORDER_READ/WRITE, CUSTOMER_READ | Verkaufsmitarbeiter |
+
+### AuthorizationPort (für andere BCs)
+
+```java
+// Typsichere, fachliche Authorization - kein direkter Zugriff auf User/Roles!
+public interface AuthorizationPort {
+    boolean can(Action action);
+    void assertCan(Action action);
+    boolean can(Action action, ResourceId resource);
+    void assertCan(Action action, ResourceId resource);
+    ActorId currentActor();
+    Optional<BranchId> currentBranch();
+}
+
+// Beispiel: Production BC
+public class CreateRecipe {
+    private final AuthorizationPort authPort;
+
+    public Result<ApplicationError, RecipeDTO> execute(CreateRecipeCommand cmd) {
+        authPort.assertCan(ProductionAction.RECIPE_WRITE);
+        // Business logic...
+    }
+}
+```
+
+## Testing
+
+```bash
+# Unit Tests
+mvn test
+
+# Integration Tests
+mvn verify
+
+# Test Coverage
+mvn clean verify jacoco:report
+```
+
+## License
+
+Proprietary - Effigenix GmbH
+
+## Contact
+
+- Project Lead: sebi@effigenix.com
+- Architecture: DDD + Clean Architecture
+- Documentation: /docs/mvp/
diff --git a/TESTING_GUIDE.md b/backend/TESTING_GUIDE.md
similarity index 100%
rename from TESTING_GUIDE.md
rename to backend/TESTING_GUIDE.md
diff --git a/TEST_FILES_INDEX.md b/backend/TEST_FILES_INDEX.md
similarity index 100%
rename from TEST_FILES_INDEX.md
rename to backend/TEST_FILES_INDEX.md
diff --git a/TEST_SUMMARY.md b/backend/TEST_SUMMARY.md
similarity index 100%
rename from TEST_SUMMARY.md
rename to backend/TEST_SUMMARY.md
diff --git a/backend/TODO.md b/backend/TODO.md
new file mode 100644
index 0000000..0f54c0d
--- /dev/null
+++ b/backend/TODO.md
@@ -0,0 +1,13 @@
+
+  Welle 1 (sofort starten):
+1. ✅ User Management BC implementieren
+2. ✅ Master Data BC implementieren (Artikel, Lieferanten, Kunden)
+
+  Welle 2 (parallel):
+  3. ✅ Inventory BC implementieren (Basis: 8.1-8.3)
+  4. ✅ Document Archive BC (Basis: 12.1-12.2) - parallel zu Inventory
+
+- [x] Liquibase statt Flyway
+- [x] Package Struktur gemäß DDD-model skill, ddd-implementer fragen wegen refactor?
+- [ ] ActionToPermissionMapper, warum unterschiedliches Vorgehen if/else vs. switch/case
+- [ ] Nix Shell für manuelles Testing mit Postgres sowie für Migrationstests
diff --git a/UNIT_TESTS_README.md b/backend/UNIT_TESTS_README.md
similarity index 100%
rename from UNIT_TESTS_README.md
rename to backend/UNIT_TESTS_README.md
diff --git a/docs/QUICK_START.md b/backend/docs/QUICK_START.md
similarity index 100%
rename from docs/QUICK_START.md
rename to backend/docs/QUICK_START.md
diff --git a/docs/USER_MANAGEMENT.md b/backend/docs/USER_MANAGEMENT.md
similarity index 100%
rename from docs/USER_MANAGEMENT.md
rename to backend/docs/USER_MANAGEMENT.md
diff --git a/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.docx b/backend/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.docx
similarity index 100%
rename from docs/mvp/2026-02-15-fleischerei-erp-feature-definition.docx
rename to backend/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.docx
diff --git a/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.md b/backend/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.md
similarity index 100%
rename from docs/mvp/2026-02-15-fleischerei-erp-feature-definition.md
rename to backend/docs/mvp/2026-02-15-fleischerei-erp-feature-definition.md
diff --git a/docs/mvp/2026-02-16-abhangigkeitsanalyse-fleischerei-erp.md b/backend/docs/mvp/2026-02-16-abhangigkeitsanalyse-fleischerei-erp.md
similarity index 100%
rename from docs/mvp/2026-02-16-abhangigkeitsanalyse-fleischerei-erp.md
rename to backend/docs/mvp/2026-02-16-abhangigkeitsanalyse-fleischerei-erp.md
diff --git a/docs/mvp/ddd/00-overview.md b/backend/docs/mvp/ddd/00-overview.md
similarity index 100%
rename from docs/mvp/ddd/00-overview.md
rename to backend/docs/mvp/ddd/00-overview.md
diff --git a/docs/mvp/ddd/01-domain-classification.md b/backend/docs/mvp/ddd/01-domain-classification.md
similarity index 100%
rename from docs/mvp/ddd/01-domain-classification.md
rename to backend/docs/mvp/ddd/01-domain-classification.md
diff --git a/docs/mvp/ddd/02-bounded-contexts.md b/backend/docs/mvp/ddd/02-bounded-contexts.md
similarity index 100%
rename from docs/mvp/ddd/02-bounded-contexts.md
rename to backend/docs/mvp/ddd/02-bounded-contexts.md
diff --git a/docs/mvp/ddd/03-ubiquitous-language.md b/backend/docs/mvp/ddd/03-ubiquitous-language.md
similarity index 100%
rename from docs/mvp/ddd/03-ubiquitous-language.md
rename to backend/docs/mvp/ddd/03-ubiquitous-language.md
diff --git a/docs/mvp/ddd/04-production-bc.md b/backend/docs/mvp/ddd/04-production-bc.md
similarity index 100%
rename from docs/mvp/ddd/04-production-bc.md
rename to backend/docs/mvp/ddd/04-production-bc.md
diff --git a/docs/mvp/ddd/04-produktions-kontext.md b/backend/docs/mvp/ddd/04-produktions-kontext.md
similarity index 100%
rename from docs/mvp/ddd/04-produktions-kontext.md
rename to backend/docs/mvp/ddd/04-produktions-kontext.md
diff --git a/docs/mvp/ddd/05-qualitaets-kontext.md b/backend/docs/mvp/ddd/05-qualitaets-kontext.md
similarity index 100%
rename from docs/mvp/ddd/05-qualitaets-kontext.md
rename to backend/docs/mvp/ddd/05-qualitaets-kontext.md
diff --git a/docs/mvp/ddd/05-quality-bc.md b/backend/docs/mvp/ddd/05-quality-bc.md
similarity index 100%
rename from docs/mvp/ddd/05-quality-bc.md
rename to backend/docs/mvp/ddd/05-quality-bc.md
diff --git a/docs/mvp/ddd/06-labeling-bc.md b/backend/docs/mvp/ddd/06-labeling-bc.md
similarity index 100%
rename from docs/mvp/ddd/06-labeling-bc.md
rename to backend/docs/mvp/ddd/06-labeling-bc.md
diff --git a/docs/mvp/ddd/07-bestandsfuehrungs-kontext.md b/backend/docs/mvp/ddd/07-bestandsfuehrungs-kontext.md
similarity index 100%
rename from docs/mvp/ddd/07-bestandsfuehrungs-kontext.md
rename to backend/docs/mvp/ddd/07-bestandsfuehrungs-kontext.md
diff --git a/docs/mvp/ddd/07-inventory-bc.md b/backend/docs/mvp/ddd/07-inventory-bc.md
similarity index 100%
rename from docs/mvp/ddd/07-inventory-bc.md
rename to backend/docs/mvp/ddd/07-inventory-bc.md
diff --git a/docs/mvp/ddd/08-procurement-bc.md b/backend/docs/mvp/ddd/08-procurement-bc.md
similarity index 100%
rename from docs/mvp/ddd/08-procurement-bc.md
rename to backend/docs/mvp/ddd/08-procurement-bc.md
diff --git a/docs/mvp/ddd/09-filiales-bc.md b/backend/docs/mvp/ddd/09-filiales-bc.md
similarity index 100%
rename from docs/mvp/ddd/09-filiales-bc.md
rename to backend/docs/mvp/ddd/09-filiales-bc.md
diff --git a/docs/mvp/ddd/10-supporting-bcs.md b/backend/docs/mvp/ddd/10-supporting-bcs.md
similarity index 100%
rename from docs/mvp/ddd/10-supporting-bcs.md
rename to backend/docs/mvp/ddd/10-supporting-bcs.md
diff --git a/docs/mvp/ddd/README.md b/backend/docs/mvp/ddd/README.md
similarity index 100%
rename from docs/mvp/ddd/README.md
rename to backend/docs/mvp/ddd/README.md
diff --git a/backend/docs/tickets/001-code-review-usermanagement.md b/backend/docs/tickets/001-code-review-usermanagement.md
new file mode 100644
index 0000000..7e6edae
--- /dev/null
+++ b/backend/docs/tickets/001-code-review-usermanagement.md
@@ -0,0 +1,292 @@
+# Ticket 001 – Code Review: User Management Bounded Context
+
+**Datum:** 2026-02-17
+**Commit:** `ec9114a` – feat: add Spring Boot ERP application with user management domain
+**Status:** Offen
+
+---
+
+## Kritisch
+
+### K1 – Aggregates sind nicht immutable
+
+**Betroffene Dateien:**
+- `domain/usermanagement/User.java` (Zeilen 22–29)
+- `domain/usermanagement/Role.java` (Zeilen 18–21)
+
+**Problem:**
+Felder in `User` und `Role` sind nicht `final`. Business-Methoden wie `lock()`, `unlock()`, `updateEmail()`, `changePassword()` mutieren den internen State direkt statt neue Instanzen oder `Result` zurückzugeben. Die interne `roles`-Collection in `User` (Zeile 25) ist mutable und wird per `assignRole()`/`removeRole()` in-place modifiziert.
+
+**Lösung:**
+- Alle Felder `final` machen
+- Business-Methoden geben `Result<UserError, User>` zurück (Copy-on-Write)
+- Interne Collections nur über defensive Kopien exponieren
+
+---
+
+### K2 – Fehlende Command-Validierung im Application Layer
+
+**Betroffene Dateien:**
+- `application/usermanagement/command/CreateUserCommand.java`
+- `application/usermanagement/command/UpdateUserCommand.java`
+- `application/usermanagement/command/AuthenticateCommand.java`
+- `application/usermanagement/command/ChangePasswordCommand.java`
+- `application/usermanagement/command/AssignRoleCommand.java`
+
+**Problem:**
+Alle Commands sind reine Records ohne jegliche Validierung. Wird der Application Layer außerhalb des HTTP-Kontexts aufgerufen (z.B. Scheduled Jobs, Message Queues), gibt es keine Input-Checks. Die Validierung liegt ausschließlich in den Web-DTOs (`@Valid`-Annotationen).
+
+**Lösung:**
+- Self-validating Commands mit Factory-Methoden, die `Result` zurückgeben
+- Oder Validierung als ersten Schritt im Use Case
+
+---
+
+### K3 – Authorization fehlt im Application Layer
+
+**Betroffene Dateien:**
+- `application/usermanagement/CreateUser.java`
+- `application/usermanagement/LockUser.java`
+- `application/usermanagement/AssignRole.java`
+- (alle Use Cases betroffen)
+
+**Problem:**
+`AuthorizationPort` wird im Application Layer nicht verwendet. Autorisierung liegt ausschließlich auf `@PreAuthorize` im Controller. Bei Non-HTTP-Aufrufen wird die Authorization komplett umgangen.
+
+**Lösung:**
+- `AuthorizationPort.can(actorId, action)` als ersten Check in jedem Use Case aufrufen
+- Bei fehlender Berechtigung `Result.failure(UserError.Unauthorized(...))` zurückgeben
+
+---
+
+### K4 – Token-Blacklist Memory Leak
+
+**Betroffene Datei:**
+- `infrastructure/security/JwtSessionManager.java` (Zeilen 35–36, 164–168)
+
+**Problem:**
+Die Token-Blacklist nutzt `ConcurrentHashMap.newKeySet()` ohne TTL oder Cleanup. Bei laufendem Server wächst die Blacklist unbegrenzt. Nach Server-Restart ist die Blacklist leer – ausgeloggte Tokens werden wieder gültig. Funktioniert nicht in Cluster-Deployments.
+
+**Lösung:**
+- Redis-basierte Blacklist mit TTL = Token-Expiration
+- Oder In-Memory mit Scheduled Cleanup abgelaufener Tokens
+
+---
+
+### K5 – Audit-Bug in ChangePassword
+
+**Betroffene Datei:**
+- `application/usermanagement/ChangePassword.java` (Zeile 52)
+
+**Problem:**
+Im Fehlerfall wird `AuditEvent.PASSWORD_CHANGED` geloggt statt `PASSWORD_CHANGE_FAILED`. Falsche Audit-Events verfälschen das Security-Monitoring.
+
+**Lösung:**
+- Korrektes Event `PASSWORD_CHANGE_FAILED` im Fehlerfall loggen
+- Audit-Events auf Success/Failure-Pfade prüfen
+
+---
+
+## Mittel
+
+### M1 – Fehlende Status-Transitionen-Validierung
+
+**Betroffene Datei:**
+- `domain/usermanagement/User.java` (Zeilen 118–132)
+
+**Problem:**
+`lock()`, `unlock()`, `deactivate()`, `activate()` validieren den aktuellen Status nicht. Invalide Übergänge sind möglich (z.B. einen inaktiven User sperren). Keine Idempotenz-Checks.
+
+**Lösung:**
+- State-Machine oder explizite Guards für erlaubte Übergänge
+- `Result<UserError, User>` als Rückgabetyp
+
+---
+
+### M2 – Inkonsistente Result-Nutzung in Domain-Methoden
+
+**Betroffene Datei:**
+- `domain/usermanagement/User.java` (Zeilen 106–159)
+
+**Problem:**
+Manche Business-Methoden geben `Result` zurück (`assignRole()`, `changePassword()`), andere `void` (`removeRole()`, `lock()`, `unlock()`, `updateBranch()`, `updateLastLogin()`). Inkonsistentes API-Design.
+
+**Lösung:**
+- Alle Business-Methoden einheitlich auf `Result<UserError, User>` umstellen (siehe K1)
+
+---
+
+### M3 – RemoveRole bricht Command-Pattern
+
+**Betroffene Datei:**
+- `application/usermanagement/RemoveRole.java` (Zeile 44)
+
+**Problem:**
+Einziger Use Case, der Raw-Parameter statt eines Command-Objekts akzeptiert:
+```java
+public Result<UserError, UserDTO> execute(String userId, RoleName roleName, ActorId performedBy)
+```
+Alle anderen Use Cases nutzen Command-Records.
+
+**Lösung:**
+- `RemoveRoleCommand` Record erstellen und in `execute()` verwenden
+
+---
+
+### M4 – Refresh Token nicht implementiert
+
+**Betroffene Datei:**
+- `infrastructure/security/JwtSessionManager.java` (Zeilen 141–144)
+
+**Problem:**
+`refreshSession()` wirft `UnsupportedOperationException`. User-Status (gesperrt/gelöscht) wird beim Token-Refresh nicht geprüft.
+
+**Lösung:**
+- Implementierung: User laden, Status verifizieren, neues Token-Paar ausstellen
+- Altes Refresh-Token auf Blacklist setzen
+
+---
+
+### M5 – Kein Rate Limiting auf Login-Endpoint
+
+**Betroffene Datei:**
+- `infrastructure/usermanagement/web/controller/AuthController.java` (Zeile 90)
+
+**Problem:**
+`/api/auth/login` hat keinen Brute-Force-Schutz. Angreifer können Credentials unbegrenzt durchprobieren.
+
+**Lösung:**
+- Rate Limiting per IP/Username (z.B. Bucket4j, Spring Cloud Gateway)
+- Account-Lockout nach N fehlgeschlagenen Versuchen
+- Exponentielles Backoff
+
+---
+
+### M6 – CORS deaktiviert statt konfiguriert
+
+**Betroffene Datei:**
+- `infrastructure/security/SecurityConfig.java` (Zeile 69)
+
+**Problem:**
+CORS ist komplett deaktiviert (`AbstractHttpConfigurer::disable`). TODO-Kommentar im Code, aber keine Konfiguration. Browser-basierte Clients können keine Cross-Origin-Requests senden.
+
+**Lösung:**
+- CORS mit expliziten Allowed Origins, Methods und Headers konfigurieren
+- Environment-abhängig (Dev: localhost, Prod: spezifische Domain)
+
+---
+
+### M7 – Error Response Information Disclosure
+
+**Betroffene Datei:**
+- `infrastructure/security/SecurityConfig.java` (Zeilen 100–113)
+
+**Problem:**
+Custom Exception Handler gibt `authException.getMessage()` direkt im JSON-Response zurück. Kann interne Implementierungsdetails exponieren.
+
+**Lösung:**
+- Generische Fehlermeldungen für Authentication/Authorization Failures
+- Details nur ins Server-Log schreiben
+
+---
+
+## Niedrig
+
+### N1 – Swagger UI öffentlich zugänglich
+
+**Betroffene Datei:**
+- `infrastructure/security/SecurityConfig.java` (Zeile 83)
+- `application.yml` (Zeile 56)
+
+**Problem:**
+Swagger UI ist standardmäßig ohne Authentifizierung erreichbar. Exponiert alle API-Endpoints mit Parametern.
+
+**Lösung:**
+- In Production deaktivieren oder hinter Authentication legen
+- Spring-Profile nutzen: `springdoc.swagger-ui.enabled=${SWAGGER_ENABLED:false}`
+
+---
+
+### N2 – Default-Admin Credentials in Seed-Daten
+
+**Betroffene Datei:**
+- `db/changelog/changes/004-seed-admin-user.sql` (Zeilen 2–3, 26)
+
+**Problem:**
+Admin-Credentials `admin/admin123` stehen als Kommentar in der SQL-Datei und als Table-Comment in der Datenbank. Bei versehentlicher DB-Exposure sind Credentials sofort sichtbar.
+
+**Lösung:**
+- Seed-Daten nur in Dev-Profil ausführen
+- Table-Comment mit Credentials entfernen
+- Production: Admin über Environment-Variablen oder Init-Script bootstrappen
+
+---
+
+### N3 – CreateUser erlaubt User ohne Rollen
+
+**Betroffene Datei:**
+- `application/usermanagement/CreateUser.java` (Zeile 76)
+
+**Problem:**
+Wenn `cmd.roleNames()` leer ist, wird ein User ohne Rollen erstellt. Kein Check, ob mindestens eine Rolle zugewiesen wird.
+
+**Lösung:**
+- Validierung in Command oder Use Case: mindestens eine Rolle erforderlich
+
+---
+
+### N4 – Falscher Error-Typ in Role.addPermission()
+
+**Betroffene Datei:**
+- `domain/usermanagement/Role.java` (Zeile 70)
+
+**Problem:**
+Bei `null`-Permission wird `UserError.NullRole()` verwendet – semantisch falsch.
+
+**Lösung:**
+- Eigenen Error-Typ verwenden oder `IllegalArgumentException` (da interner Programmierfehler)
+
+---
+
+### N5 – Fehlende Uniqueness-Validierung im Domain Layer
+
+**Betroffene Datei:**
+- `domain/usermanagement/User.java` (Zeilen 64–69)
+
+**Problem:**
+Username- und Email-Uniqueness wird nur im Application Layer geprüft (Repository-Abfrage). Der Domain Layer dokumentiert diese Invariante nicht explizit.
+
+**Lösung:**
+- Domain Service für Uniqueness-Checks oder explizite Dokumentation als Application-Layer-Invariante
+
+---
+
+### N6 – Repetitiver Switch-Pattern in Use Cases
+
+**Betroffene Dateien:**
+- Alle Use Cases im Application Layer
+
+**Problem:**
+Das Pattern `switch (repository.method()) { case Failure f -> ...; case Success s -> ...; }` wiederholt sich ~30+ Mal. Hoher Boilerplate-Anteil.
+
+**Lösung:**
+- `Result.flatMap()` und `Result.mapError()` konsequent nutzen
+- Helper-Methode für Repository-Error → UserError Mapping
+
+---
+
+## Checkliste Production-Readiness
+
+- [ ] K1: Aggregates immutable machen
+- [ ] K2: Command-Validierung im Application Layer
+- [ ] K3: AuthorizationPort in Use Cases integrieren
+- [ ] K4: Token-Blacklist mit TTL/Redis ersetzen
+- [ ] K5: Audit-Bug in ChangePassword fixen
+- [ ] M4: Refresh Token implementieren
+- [ ] M5: Rate Limiting einrichten
+- [ ] M6: CORS konfigurieren
+- [ ] N1: Swagger in Production absichern
+- [ ] N2: Seed-Daten Production-safe machen
+- [ ] JWT_SECRET, DB_PASSWORD als Environment-Variablen setzen
+- [ ] HTTPS/TLS konfigurieren
+- [ ] Log-Aggregation und Security-Monitoring aufsetzen
diff --git a/pom.xml b/backend/pom.xml
similarity index 100%
rename from pom.xml
rename to backend/pom.xml
diff --git a/src/main/java/de/effigenix/EffigenixApplication.java b/backend/src/main/java/de/effigenix/EffigenixApplication.java
similarity index 100%
rename from src/main/java/de/effigenix/EffigenixApplication.java
rename to backend/src/main/java/de/effigenix/EffigenixApplication.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/AssignRole.java b/backend/src/main/java/de/effigenix/application/usermanagement/AssignRole.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/AssignRole.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/AssignRole.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/AuditEvent.java b/backend/src/main/java/de/effigenix/application/usermanagement/AuditEvent.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/AuditEvent.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/AuditEvent.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/AuditLogger.java b/backend/src/main/java/de/effigenix/application/usermanagement/AuditLogger.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/AuditLogger.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/AuditLogger.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/AuthenticateUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/ChangePassword.java b/backend/src/main/java/de/effigenix/application/usermanagement/ChangePassword.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/ChangePassword.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/ChangePassword.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/CreateUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/CreateUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/CreateUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/CreateUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/GetUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/GetUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/GetUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/GetUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/ListUsers.java b/backend/src/main/java/de/effigenix/application/usermanagement/ListUsers.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/ListUsers.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/ListUsers.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/LockUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/LockUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/LockUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/LockUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/PasswordHasher.java b/backend/src/main/java/de/effigenix/application/usermanagement/PasswordHasher.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/PasswordHasher.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/PasswordHasher.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java b/backend/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/SessionManager.java b/backend/src/main/java/de/effigenix/application/usermanagement/SessionManager.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/SessionManager.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/SessionManager.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/UnlockUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/UnlockUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/UnlockUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/UnlockUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/UpdateUser.java b/backend/src/main/java/de/effigenix/application/usermanagement/UpdateUser.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/UpdateUser.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/UpdateUser.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/command/AssignRoleCommand.java b/backend/src/main/java/de/effigenix/application/usermanagement/command/AssignRoleCommand.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/command/AssignRoleCommand.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/command/AssignRoleCommand.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/command/AuthenticateCommand.java b/backend/src/main/java/de/effigenix/application/usermanagement/command/AuthenticateCommand.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/command/AuthenticateCommand.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/command/AuthenticateCommand.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/command/ChangePasswordCommand.java b/backend/src/main/java/de/effigenix/application/usermanagement/command/ChangePasswordCommand.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/command/ChangePasswordCommand.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/command/ChangePasswordCommand.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/command/CreateUserCommand.java b/backend/src/main/java/de/effigenix/application/usermanagement/command/CreateUserCommand.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/command/CreateUserCommand.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/command/CreateUserCommand.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/command/UpdateUserCommand.java b/backend/src/main/java/de/effigenix/application/usermanagement/command/UpdateUserCommand.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/command/UpdateUserCommand.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/command/UpdateUserCommand.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/dto/RoleDTO.java b/backend/src/main/java/de/effigenix/application/usermanagement/dto/RoleDTO.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/dto/RoleDTO.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/dto/RoleDTO.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/dto/SessionToken.java b/backend/src/main/java/de/effigenix/application/usermanagement/dto/SessionToken.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/dto/SessionToken.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/dto/SessionToken.java
diff --git a/src/main/java/de/effigenix/application/usermanagement/dto/UserDTO.java b/backend/src/main/java/de/effigenix/application/usermanagement/dto/UserDTO.java
similarity index 100%
rename from src/main/java/de/effigenix/application/usermanagement/dto/UserDTO.java
rename to backend/src/main/java/de/effigenix/application/usermanagement/dto/UserDTO.java
diff --git a/src/main/java/de/effigenix/domain/filiales/FilialesAction.java b/backend/src/main/java/de/effigenix/domain/filiales/FilialesAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/filiales/FilialesAction.java
rename to backend/src/main/java/de/effigenix/domain/filiales/FilialesAction.java
diff --git a/src/main/java/de/effigenix/domain/inventory/InventoryAction.java b/backend/src/main/java/de/effigenix/domain/inventory/InventoryAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/inventory/InventoryAction.java
rename to backend/src/main/java/de/effigenix/domain/inventory/InventoryAction.java
diff --git a/src/main/java/de/effigenix/domain/labeling/LabelingAction.java b/backend/src/main/java/de/effigenix/domain/labeling/LabelingAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/labeling/LabelingAction.java
rename to backend/src/main/java/de/effigenix/domain/labeling/LabelingAction.java
diff --git a/src/main/java/de/effigenix/domain/procurement/ProcurementAction.java b/backend/src/main/java/de/effigenix/domain/procurement/ProcurementAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/procurement/ProcurementAction.java
rename to backend/src/main/java/de/effigenix/domain/procurement/ProcurementAction.java
diff --git a/src/main/java/de/effigenix/domain/production/ProductionAction.java b/backend/src/main/java/de/effigenix/domain/production/ProductionAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/production/ProductionAction.java
rename to backend/src/main/java/de/effigenix/domain/production/ProductionAction.java
diff --git a/src/main/java/de/effigenix/domain/quality/QualityAction.java b/backend/src/main/java/de/effigenix/domain/quality/QualityAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/quality/QualityAction.java
rename to backend/src/main/java/de/effigenix/domain/quality/QualityAction.java
diff --git a/src/main/java/de/effigenix/domain/sales/SalesAction.java b/backend/src/main/java/de/effigenix/domain/sales/SalesAction.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/sales/SalesAction.java
rename to backend/src/main/java/de/effigenix/domain/sales/SalesAction.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/PasswordHash.java b/backend/src/main/java/de/effigenix/domain/usermanagement/PasswordHash.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/PasswordHash.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/PasswordHash.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/Permission.java b/backend/src/main/java/de/effigenix/domain/usermanagement/Permission.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/Permission.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/Permission.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/RepositoryError.java b/backend/src/main/java/de/effigenix/domain/usermanagement/RepositoryError.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/RepositoryError.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/RepositoryError.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/Role.java b/backend/src/main/java/de/effigenix/domain/usermanagement/Role.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/Role.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/Role.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/RoleId.java b/backend/src/main/java/de/effigenix/domain/usermanagement/RoleId.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/RoleId.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/RoleId.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/RoleName.java b/backend/src/main/java/de/effigenix/domain/usermanagement/RoleName.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/RoleName.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/RoleName.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/RoleRepository.java b/backend/src/main/java/de/effigenix/domain/usermanagement/RoleRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/RoleRepository.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/RoleRepository.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/User.java b/backend/src/main/java/de/effigenix/domain/usermanagement/User.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/User.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/User.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/UserError.java b/backend/src/main/java/de/effigenix/domain/usermanagement/UserError.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/UserError.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/UserError.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/UserId.java b/backend/src/main/java/de/effigenix/domain/usermanagement/UserId.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/UserId.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/UserId.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/UserRepository.java b/backend/src/main/java/de/effigenix/domain/usermanagement/UserRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/UserRepository.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/UserRepository.java
diff --git a/src/main/java/de/effigenix/domain/usermanagement/UserStatus.java b/backend/src/main/java/de/effigenix/domain/usermanagement/UserStatus.java
similarity index 100%
rename from src/main/java/de/effigenix/domain/usermanagement/UserStatus.java
rename to backend/src/main/java/de/effigenix/domain/usermanagement/UserStatus.java
diff --git a/src/main/java/de/effigenix/infrastructure/audit/AuditLogEntity.java b/backend/src/main/java/de/effigenix/infrastructure/audit/AuditLogEntity.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/audit/AuditLogEntity.java
rename to backend/src/main/java/de/effigenix/infrastructure/audit/AuditLogEntity.java
diff --git a/src/main/java/de/effigenix/infrastructure/audit/AuditLogJpaRepository.java b/backend/src/main/java/de/effigenix/infrastructure/audit/AuditLogJpaRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/audit/AuditLogJpaRepository.java
rename to backend/src/main/java/de/effigenix/infrastructure/audit/AuditLogJpaRepository.java
diff --git a/src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java b/backend/src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java
rename to backend/src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java
diff --git a/src/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java b/backend/src/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java
rename to backend/src/main/java/de/effigenix/infrastructure/config/UseCaseConfiguration.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java b/backend/src/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/ActionToPermissionMapper.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/BCryptPasswordHasher.java b/backend/src/main/java/de/effigenix/infrastructure/security/BCryptPasswordHasher.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/BCryptPasswordHasher.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/BCryptPasswordHasher.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationDetails.java b/backend/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationDetails.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationDetails.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationDetails.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationFilter.java b/backend/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationFilter.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationFilter.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/JwtAuthenticationFilter.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java b/backend/src/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/JwtSessionManager.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/JwtTokenProvider.java b/backend/src/main/java/de/effigenix/infrastructure/security/JwtTokenProvider.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/JwtTokenProvider.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/JwtTokenProvider.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/SecurityConfig.java b/backend/src/main/java/de/effigenix/infrastructure/security/SecurityConfig.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/SecurityConfig.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/SecurityConfig.java
diff --git a/src/main/java/de/effigenix/infrastructure/security/SpringSecurityAuthorizationAdapter.java b/backend/src/main/java/de/effigenix/infrastructure/security/SpringSecurityAuthorizationAdapter.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/security/SpringSecurityAuthorizationAdapter.java
rename to backend/src/main/java/de/effigenix/infrastructure/security/SpringSecurityAuthorizationAdapter.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/RoleEntity.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/RoleEntity.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/RoleEntity.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/RoleEntity.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/UserEntity.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/UserEntity.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/UserEntity.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/entity/UserEntity.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapper.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapper.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapper.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapper.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapper.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapper.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapper.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapper.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaRoleRepository.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaRoleRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaRoleRepository.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaRoleRepository.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaUserRepository.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaUserRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaUserRepository.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/JpaUserRepository.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/RoleJpaRepository.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/RoleJpaRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/RoleJpaRepository.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/RoleJpaRepository.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/UserJpaRepository.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/UserJpaRepository.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/UserJpaRepository.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/persistence/repository/UserJpaRepository.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/README.md b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/README.md
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/README.md
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/README.md
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/AuthController.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/RoleController.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/RoleController.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/RoleController.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/RoleController.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/controller/UserController.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/AssignRoleRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/AssignRoleRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/AssignRoleRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/AssignRoleRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ChangePasswordRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ChangePasswordRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ChangePasswordRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ChangePasswordRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/CreateUserRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/CreateUserRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/CreateUserRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/CreateUserRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ErrorResponse.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ErrorResponse.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ErrorResponse.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/ErrorResponse.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginResponse.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginResponse.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginResponse.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/LoginResponse.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/RefreshTokenRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/RefreshTokenRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/RefreshTokenRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/RefreshTokenRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/UpdateUserRequest.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/UpdateUserRequest.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/UpdateUserRequest.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/dto/UpdateUserRequest.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/GlobalExceptionHandler.java
diff --git a/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java b/backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java
rename to backend/src/main/java/de/effigenix/infrastructure/usermanagement/web/exception/UserErrorHttpStatusMapper.java
diff --git a/src/main/java/de/effigenix/infrastructure/web/config/OpenApiConfig.java b/backend/src/main/java/de/effigenix/infrastructure/web/config/OpenApiConfig.java
similarity index 100%
rename from src/main/java/de/effigenix/infrastructure/web/config/OpenApiConfig.java
rename to backend/src/main/java/de/effigenix/infrastructure/web/config/OpenApiConfig.java
diff --git a/src/main/java/de/effigenix/shared/common/ApplicationError.java b/backend/src/main/java/de/effigenix/shared/common/ApplicationError.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/common/ApplicationError.java
rename to backend/src/main/java/de/effigenix/shared/common/ApplicationError.java
diff --git a/src/main/java/de/effigenix/shared/common/Result.java b/backend/src/main/java/de/effigenix/shared/common/Result.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/common/Result.java
rename to backend/src/main/java/de/effigenix/shared/common/Result.java
diff --git a/src/main/java/de/effigenix/shared/security/Action.java b/backend/src/main/java/de/effigenix/shared/security/Action.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/security/Action.java
rename to backend/src/main/java/de/effigenix/shared/security/Action.java
diff --git a/src/main/java/de/effigenix/shared/security/ActorId.java b/backend/src/main/java/de/effigenix/shared/security/ActorId.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/security/ActorId.java
rename to backend/src/main/java/de/effigenix/shared/security/ActorId.java
diff --git a/src/main/java/de/effigenix/shared/security/AuthorizationPort.java b/backend/src/main/java/de/effigenix/shared/security/AuthorizationPort.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/security/AuthorizationPort.java
rename to backend/src/main/java/de/effigenix/shared/security/AuthorizationPort.java
diff --git a/src/main/java/de/effigenix/shared/security/BranchId.java b/backend/src/main/java/de/effigenix/shared/security/BranchId.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/security/BranchId.java
rename to backend/src/main/java/de/effigenix/shared/security/BranchId.java
diff --git a/src/main/java/de/effigenix/shared/security/ResourceId.java b/backend/src/main/java/de/effigenix/shared/security/ResourceId.java
similarity index 100%
rename from src/main/java/de/effigenix/shared/security/ResourceId.java
rename to backend/src/main/java/de/effigenix/shared/security/ResourceId.java
diff --git a/src/main/resources/application.yml b/backend/src/main/resources/application.yml
similarity index 100%
rename from src/main/resources/application.yml
rename to backend/src/main/resources/application.yml
diff --git a/src/main/resources/db/changelog/changes/001-create-user-management-schema.xml b/backend/src/main/resources/db/changelog/changes/001-create-user-management-schema.xml
similarity index 100%
rename from src/main/resources/db/changelog/changes/001-create-user-management-schema.xml
rename to backend/src/main/resources/db/changelog/changes/001-create-user-management-schema.xml
diff --git a/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.sql b/backend/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.sql
similarity index 100%
rename from src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.sql
rename to backend/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.sql
diff --git a/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.xml b/backend/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.xml
similarity index 100%
rename from src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.xml
rename to backend/src/main/resources/db/changelog/changes/002-seed-roles-and-permissions.xml
diff --git a/src/main/resources/db/changelog/changes/003-create-audit-logs-table.xml b/backend/src/main/resources/db/changelog/changes/003-create-audit-logs-table.xml
similarity index 100%
rename from src/main/resources/db/changelog/changes/003-create-audit-logs-table.xml
rename to backend/src/main/resources/db/changelog/changes/003-create-audit-logs-table.xml
diff --git a/src/main/resources/db/changelog/changes/004-seed-admin-user.sql b/backend/src/main/resources/db/changelog/changes/004-seed-admin-user.sql
similarity index 100%
rename from src/main/resources/db/changelog/changes/004-seed-admin-user.sql
rename to backend/src/main/resources/db/changelog/changes/004-seed-admin-user.sql
diff --git a/src/main/resources/db/changelog/changes/004-seed-admin-user.xml b/backend/src/main/resources/db/changelog/changes/004-seed-admin-user.xml
similarity index 100%
rename from src/main/resources/db/changelog/changes/004-seed-admin-user.xml
rename to backend/src/main/resources/db/changelog/changes/004-seed-admin-user.xml
diff --git a/src/main/resources/db/changelog/db.changelog-master.xml b/backend/src/main/resources/db/changelog/db.changelog-master.xml
similarity index 100%
rename from src/main/resources/db/changelog/db.changelog-master.xml
rename to backend/src/main/resources/db/changelog/db.changelog-master.xml
diff --git a/src/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java b/backend/src/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java
similarity index 100%
rename from src/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java
rename to backend/src/test/java/de/effigenix/application/usermanagement/AuthenticateUserTest.java
diff --git a/src/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java b/backend/src/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java
similarity index 100%
rename from src/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java
rename to backend/src/test/java/de/effigenix/application/usermanagement/ChangePasswordTest.java
diff --git a/src/test/java/de/effigenix/application/usermanagement/CreateUserTest.java b/backend/src/test/java/de/effigenix/application/usermanagement/CreateUserTest.java
similarity index 100%
rename from src/test/java/de/effigenix/application/usermanagement/CreateUserTest.java
rename to backend/src/test/java/de/effigenix/application/usermanagement/CreateUserTest.java
diff --git a/src/test/java/de/effigenix/domain/usermanagement/PasswordHashTest.java b/backend/src/test/java/de/effigenix/domain/usermanagement/PasswordHashTest.java
similarity index 100%
rename from src/test/java/de/effigenix/domain/usermanagement/PasswordHashTest.java
rename to backend/src/test/java/de/effigenix/domain/usermanagement/PasswordHashTest.java
diff --git a/src/test/java/de/effigenix/domain/usermanagement/RoleIdTest.java b/backend/src/test/java/de/effigenix/domain/usermanagement/RoleIdTest.java
similarity index 100%
rename from src/test/java/de/effigenix/domain/usermanagement/RoleIdTest.java
rename to backend/src/test/java/de/effigenix/domain/usermanagement/RoleIdTest.java
diff --git a/src/test/java/de/effigenix/domain/usermanagement/RoleTest.java b/backend/src/test/java/de/effigenix/domain/usermanagement/RoleTest.java
similarity index 100%
rename from src/test/java/de/effigenix/domain/usermanagement/RoleTest.java
rename to backend/src/test/java/de/effigenix/domain/usermanagement/RoleTest.java
diff --git a/src/test/java/de/effigenix/domain/usermanagement/UserIdTest.java b/backend/src/test/java/de/effigenix/domain/usermanagement/UserIdTest.java
similarity index 100%
rename from src/test/java/de/effigenix/domain/usermanagement/UserIdTest.java
rename to backend/src/test/java/de/effigenix/domain/usermanagement/UserIdTest.java
diff --git a/src/test/java/de/effigenix/domain/usermanagement/UserTest.java b/backend/src/test/java/de/effigenix/domain/usermanagement/UserTest.java
similarity index 100%
rename from src/test/java/de/effigenix/domain/usermanagement/UserTest.java
rename to backend/src/test/java/de/effigenix/domain/usermanagement/UserTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/security/BCryptPasswordHasherTest.java b/backend/src/test/java/de/effigenix/infrastructure/security/BCryptPasswordHasherTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/security/BCryptPasswordHasherTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/security/BCryptPasswordHasherTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapperTest.java b/backend/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapperTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapperTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/RoleMapperTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapperTest.java b/backend/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapperTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapperTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/usermanagement/persistence/mapper/UserMapperTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/usermanagement/web/AuthControllerIntegrationTest.java b/backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/AuthControllerIntegrationTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/usermanagement/web/AuthControllerIntegrationTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/AuthControllerIntegrationTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/usermanagement/web/SecurityIntegrationTest.java b/backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/SecurityIntegrationTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/usermanagement/web/SecurityIntegrationTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/SecurityIntegrationTest.java
diff --git a/src/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java b/backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java
similarity index 100%
rename from src/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java
rename to backend/src/test/java/de/effigenix/infrastructure/usermanagement/web/UserControllerIntegrationTest.java
diff --git a/src/test/resources/application-test.yml b/backend/src/test/resources/application-test.yml
similarity index 100%
rename from src/test/resources/application-test.yml
rename to backend/src/test/resources/application-test.yml