# CLAUDE.md This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. ## Project Overview NetEvent is a Flask-based networking event platform with MySQL backend. It supports organizers, attendees, and staff with features including event management, QR-based check-in, breakout sessions, connection requests, appointments, and multi-language support. ## Running the Application ```bash python app.py ``` The server runs on the port configured in the memory system (auto-restarts on same port after edits). ## Database Setup ```bash python init_db.py ``` - Creates `netevent` database and `netevent_app` user - Creates all tables including breakout_sessions, staff, languages, attendee_types - Seeds languages table with 7 EU languages - Uses ALTER statements to add columns to existing tables (safe to re-run) ## Key Architecture Patterns ### Database Connections - `get_db_connection()` at line 557 - creates connections using `Config.DB_APP_USER` credentials - All database queries use parameterized queries to prevent SQL injection ### Authentication - `login_required` decorator (line 648) - protects routes requiring login - Session stores `user_id` and `user_type` ('organizer', 'attendee', or 'staff') - `get_current_user()` returns (user_id, user_type) from session - Passwords hashed with bcrypt via `hash_password()` / `verify_password()` ### Internationalization - Flask-Babel with 7 locales: en, nl, de, fr, es, it, pl - Locale detection order: URL `?lang=` param → session → cookie → user preference → default - Translation function `_()` aliased as `t()` for use in templates - In templates: `{{ 'key'|t }}` for translations ### User Types - **Organizer**: Creates events, manages attendees, prints badges, scans QR codes - **Attendee**: Registers for events, manages profile, connects with others, books appointments - **Staff**: Assigned to events via invite codes, can scan attendee QR codes for check-in ### Key Templates - `templates/base.html` - base template with navigation and translation support - `templates/attendee/profile.html` - profile with photo crop/zoom (client-side) - `templates/organizer/badges.html` - printable badge layout (PDF-ready via reportlab) - `templates/organizer/scan.html` - QR scanner for check-in (camera-based) ### QR Code System - Attendees have unique `attendee_code` (10 chars) stored in `attendees` table - QR codes encode the attendee code for scanning - Organizer/staff scan to check in attendees via `/organizer/event//scan` ### Email - Uses Brevo SMTP (smtp-relay.brevo.com) configured in config.py - Used for password reset tokens and event communications ### Password Reset Flow 1. User submits email to `/forgot-password` 2. Backend creates `reset_token` and `reset_token_expiry` on organizer record 3. Email sent with link to `/reset-password/` 4. Token validated at `reset-password` route, password updated ## Security Notes - Passwords hashed with bcrypt (never stored in plaintext) - Session-based auth with SECRET_KEY in config.py - reCAPTCHA validation available for forms (configured via env vars) - Rate limiting on login attempts (in-memory `failed_login_attempts` dict) - File uploads restricted to images (png, jpg, jpeg, gif) with 16MB limit