Spaces:

jackmichael
/

interacmanagernew

Running

App Files Files Community

interacmanagernew / ICC_Technical_Flow.md

MichaelEdou

Initial commit — ICC Interac Manager full-stack app

149698e 3 months ago

preview code

raw

history blame contribute delete

49.1 kB

ICC Interac Manager — Complete Technical Flow

Every technology, every AI model, every data transformation — fully detailed
Last updated: February 2026

1. System Architecture — Full Technology Map

┌─────────────────────────────────────────────────────────────────────────┐
│                         USER'S BROWSER                                   │
│                                                                         │
│  ┌────────────────────────────────────────────────────────────────────┐ │
│  │  VITE 6 + REACT 19 SPA                                            │ │
│  │  TypeScript 5 · Tailwind CSS 4 · shadcn/ui                        │ │
│  │                                                                    │ │
│  │  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌────────┐ │ │
│  │  │ Login    │ │Dashboard │ │ Scan     │ │ Settings │ │Reports │ │ │
│  │  │ Page     │ │ Page     │ │ Page     │ │ Page     │ │ Page   │ │ │
│  │  └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ └───┬────┘ │ │
│  │       │             │            │             │            │      │ │
│  │  ┌────┴─────────────┴────────────┴─────────────┴────────────┴────┐│ │
│  │  │  State Management Layer                                        ││ │
│  │  │  Zustand (global) · TanStack Query v5 (server/cache)          ││ │
│  │  │  React Hook Form + Zod (forms) · Socket.io-client (realtime)  ││ │
│  │  └───────────────────────────┬────────────────────────────────────┘│ │
│  └──────────────────────────────┼─────────────────────────────────────┘ │
│                                 │ HTTP + WebSocket                       │
│              ┌──────────────────┼──────────────────┐                    │
│              │  Vite Dev Proxy (port 5173)          │                    │
│              │  /api/* → localhost:3001             │                    │
│              │  /ws    → ws://localhost:3001        │                    │
│              └──────────────────┼──────────────────┘                    │
└─────────────────────────────────┼───────────────────────────────────────┘
                                  │
                                  ▼
┌─────────────────────────────────────────────────────────────────────────┐
│                      EXPRESS.JS 5 BACKEND (port 3001)                    │
│                      Node.js 20 LTS · TypeScript 5                       │
│                                                                         │
│  ┌──────────────────────────────────────────────────────────────────┐   │
│  │  MIDDLEWARE LAYER                                                 │   │
│  │  JWT Auth · CORS · express-rate-limit · Helmet CSP · Pino logger │   │
│  └──────────────────────────────────────────────────────────────────┘   │
│                                                                         │
│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐    │
│  │ Auth     │ │ Scan     │ │ Txns     │ │ Receipts │ │ Settings │    │
│  │ Routes   │ │ Routes   │ │ Routes   │ │ Routes   │ │ Routes   │    │
│  └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘    │
│       │             │            │             │            │           │
│  ┌────┴─────────────┴────────────┴─────────────┴────────────┴────┐     │
│  │  SERVICE LAYER                                                 │     │
│  │                                                                │     │
│  │  ┌─────────────┐  ┌──────────────┐  ┌───────────────────────┐│     │
│  │  │ Gmail       │  │ Scan Engine  │  │ AI Provider Pool      ││     │
│  │  │ Service     │  │ (pipeline)   │  │ (auto-switcher)       ││     │
│  │  │             │  │              │  │                       ││     │
│  │  │ googleapis  │  │ Fetch→Parse  │  │ Groq ←→ Mistral      ││     │
│  │  │ OR imapflow │  │ →Route→Save  │  │ (9 free model slots)  ││     │
│  │  └─────────────┘  └──────────────┘  └───────────────────────┘│     │
│  │                                                                │     │
│  │  ┌─────────────┐  ┌──────────────┐  ┌───────────────────────┐│     │
│  │  │ Routing     │  │ PDF Service  │  │ Export Service        ││     │
│  │  │ Service     │  │ PDFKit /     │  │ SheetJS (xlsx)        ││     │
│  │  │ branch map  │  │ react-pdf    │  │ CSV (built-in)        ││     │
│  │  └─────────────┘  └──────────────┘  └───────────────────────┘│     │
│  └────────────────────────────────────────────────────────────────┘     │
│                                                                         │
│  ┌──────────────────────────────────────────────────────────────────┐   │
│  │  DATA LAYER                                                       │   │
│  │  Drizzle ORM · PostgreSQL 16 · Redis + BullMQ (job queue)        │   │
│  └──────────────────────────────────────────────────────────────────┘   │
│                                                                         │
│  ┌──────────────────────────────────────────────────────────────────┐   │
│  │  WEBSOCKET LAYER (Socket.io)                                      │   │
│  │  scan:progress · scan:completed · transaction:new · ai:switcher   │   │
│  └──────────────────────────────────────────────────────────────────┘   │
└─────────────────────────────────────────────────────────────────────────┘
         │                    │                     │
         ▼                    ▼                     ▼
┌──────────────┐    ┌──────────────┐      ┌──────────────────────┐
│ PostgreSQL 16│    │    Redis 7   │      │  External AI APIs    │
│              │    │              │      │                      │
│ users        │    │ BullMQ jobs  │      │ api.groq.com         │
│ transactions │    │ scan queue   │      │ api.mistral.ai       │
│ branch_config│    │ rate limiter │      │ (free tier, $0)      │
│ scan_logs    │    │              │      │                      │
│ ai_settings  │    │              │      │ [Optional paid:]     │
│ ai_switcher  │    │              │      │ api.anthropic.com    │
│ _logs        │    │              │      │ api.openai.com       │
└──────────────┘    └──────────────┘      └──────────────────────┘

2. Complete Scan Pipeline — Step by Step

This is the exact sequence of events when a user clicks "Scanner maintenant".

Phase 0: User Initiates Scan

USER ACTION                         TECHNOLOGY INVOLVED
─────────────────────────────────── ──────────────────────────────────
1. User clicks "Scanner aujourd'hui"  React onClick handler
2. Frontend sends POST /api/scan/start  Axios / fetch (TanStack Query mutation)
   Body: { preset: "today" }
3. Backend receives request              Express.js route handler
4. JWT middleware validates token         jsonwebtoken (JWT verify)
5. Creates BullMQ job in Redis           BullMQ + Redis
6. Returns { jobId: "scan_abc123" }      Express response
7. Frontend opens WebSocket              Socket.io-client
   Listens for scan:progress events

Phase 1: Email Discovery (Gmail API)

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
1.1     Resolve date range:              resolveScanDates()    <1ms
        "today" → midnight→now           (shared util)

1.2     Build Gmail search query:        buildGmailQuery()     <1ms
        "from:notify@payments.           (server util)
        interac.ca after:2026/2/22
        before:2026/2/24"

1.3     Call Gmail API: list messages    googleapis npm        200ms
        GET gmail/v1/users/me/messages   (google-auth-library
        ?q={query}&maxResults=500         + googleapis)

        OAuth token from DB:             Drizzle ORM → PG
        users.access_token (AES-256      crypto.decipher
        encrypted) → decrypt

        If token expired:                google-auth-library
        auto-refresh with                OAuth2Client
        users.refresh_token              .refreshAccessToken()

1.4     Receive message ID list:         Gmail API response    —
        ["msg_001", "msg_002", ...]
        (just IDs, not full emails)

1.5     Deduplication check:             Drizzle ORM → PG      50ms
        SELECT email_id FROM             SQL query
        transactions WHERE               (parameterized,
        email_id IN (...)                indexed)

1.6     Filter: skip existing IDs        JavaScript Set         <1ms
        Result: newIds[] (emails
        to process)

1.7     WebSocket emit:                  Socket.io              <1ms
        scan:started {
          jobId, totalEmails,
          newEmails, skipped,
          dateRange
        }

PHASE 1 TOTAL:  ~300ms for discovery

Phase 2: Parallel Fetch (Gmail API — 10 concurrent)

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
2.1     Create concurrency limiter:      p-limit npm           <1ms
        gmailLimit = pLimit(10)          (10 concurrent)

2.2     For each newId, launch           Promise + p-limit     —
        concurrent fetch:

        ┌──── gmailLimit(async () => {
        │
        │  2.3  GET gmail/v1/users/me/   googleapis            100ms
        │       messages/{id}             (full MIME format)    each
        │       ?format=full
        │
        │  2.4  Extract email body:       Custom MIME parser    <1ms
        │       - Find text/html part     (base64 decode)
        │       - Base64 decode
        │       - Strip HTML tags
        │       - Extract plain text
        │
        │  2.5  Extract email metadata:   MIME header parse     <1ms
        │       - Date header
        │       - From header
        │       - Subject header
        │
        └──── return { emailId, body, metadata } })

        With 10 concurrent: 50 emails fetched in ~500ms
                            200 emails in ~2 seconds
                            1000 emails in ~10 seconds

PHASE 2 TOTAL:  ~100ms per email, 10 concurrent = ~10ms effective per email

Phase 3: AI Parsing (Auto-Switcher — up to 15 concurrent on Groq)

This is where the AI models do the work. Every email body goes through the AIProviderPool.

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
3.1     AIProviderPool receives          aiProviderPool.ts     <1ms
        email body text

3.2     Select best available slot:      getNextAvailableSlot  <1ms
        Check priority order:            ()
        1. groq:gpt-oss-20b
        2. groq:llama4-scout
        3. groq:llama31-8b
        ...
        7. mistral:small-3.2
        ...

3.3     Enforce rate delay:              enforceRateDelay()    0-2000ms
        Groq: 60s/30RPM = 2s delay      (per slot)
        Mistral: 60s/2RPM = 30s delay

3.4     Build AI request:                                      <1ms
        ┌────────────────────────────────────────────────┐
        │ {                                               │
        │   model: "openai/gpt-oss-20b",                 │
        │   messages: [                                   │
        │     { role: "system",                           │
        │       content: EXTRACTION_SYSTEM_PROMPT },      │
        │     { role: "user",                             │
        │       content: "Extract transaction             │
        │        details:\n\n{EMAIL_BODY}" }              │
        │   ],                                            │
        │   temperature: 0.0,                             │
        │   max_tokens: 500,                              │
        │   response_format: { type: "json_object" }      │
        │ }                                               │
        └────────────────────────────────────────────────┘

3.5     Send to AI provider:             fetch() or openai     150-800ms
                                         npm package

        ┌─── IF GROQ: ───────────────────────────────────┐
        │ POST https://api.groq.com/openai/v1/            │
        │      chat/completions                            │
        │ Headers:                                         │
        │   Authorization: Bearer gsk_xxxxx                │
        │   Content-Type: application/json                 │
        │                                                  │
        │ Speed: 500-1000 tokens/sec                       │
        │ Typical response: 150-300ms                      │
        └──────────────────────────────────────────────────┘

        ┌─── IF MISTRAL: ────────────────────────────────┐
        │ POST https://api.mistral.ai/v1/                 │
        │      chat/completions                            │
        │ Headers:                                         │
        │   Authorization: Bearer xxxxx                    │
        │   Content-Type: application/json                 │
        │                                                  │
        │ Speed: 100-300 tokens/sec                        │
        │ Typical response: 300-800ms                      │
        └──────────────────────────────────────────────────┘

3.6     IF 429 RATE LIMIT:              Auto-switcher         <1ms
        - Mark current slot as           logic in pool
          rate_limited
        - Set cooldownUntil from
          retry-after header
        - WebSocket emit ai:switcher
        - Jump to next priority slot
        - RETRY from step 3.2

3.7     Receive AI response:             JSON.parse()          <1ms
        {
          "sender": "Jean Tremblay",
          "amount": 150.00,
          "currency": "CAD",
          "reference": "CA1b2c3d4e5f",
          "message": "Dîme mars 2025",
          "recipient_email": "montreal.finances@iccameriques.org",
          "date": "2026-02-23T14:30:00Z",
          "status": "deposited"
        }

3.8     Validate with Zod schema:        zod npm               <1ms
        InteracTransactionSchema
        .parse(parsed)

        If validation fails:
        - Log warning
        - Retry with different model
        - Or mark as needs_review

PHASE 3 TOTAL:  ~200-800ms per email depending on provider
                With Groq 15 concurrent: ~15ms effective per email

Phase 4: Branch Routing (No AI — Pure Logic)

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
4.1     Look up recipient_email in       BRANCH_MAPPING        <1ms
        branch mapping:                  (shared constant)

        "montreal.finances               JavaScript object
        @iccameriques.org"               lookup, O(1)
        → "ICC Montréal"

4.2     If no match found:               Fallback logic        <1ms
        → "Non classifié"

4.3     Attach branch to transaction:    Object assign         <1ms
        transaction.branch =
        "ICC Montréal"

PHASE 4 TOTAL:  <1ms (no network, no AI, pure in-memory lookup)

Phase 5: Database Save (Batch INSERT)

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
5.1     Buffer parsed transaction        Array.push            <1ms
        into saveBuffer[]

5.2     When buffer reaches 25:          Drizzle ORM           5-15ms
        Batch INSERT INTO                → PostgreSQL
        transactions (                   (parameterized)
          email_id, user_id, date,
          sender, amount, currency,
          reference, message,
          recipient_email, branch,
          status, raw_email,
          parsed_at, reviewed
        ) VALUES (...), (...), ...

        ★ Single INSERT for 25 rows
        is 10-20x faster than 25
        individual INSERTs

5.3     WebSocket emit per row:          Socket.io             <1ms
        transaction:new {                (per transaction)
          transaction: {...}
        }

        Dashboard receives and
        auto-adds to TanStack Table

5.4     Update scan_logs:                Drizzle ORM → PG      2ms
        UPDATE scan_logs SET
        emails_parsed = emails_parsed + 25
        WHERE id = {scanLogId}

PHASE 5 TOTAL:  ~15ms per batch of 25 transactions

Phase 6: Completion

STEP    ACTION                          TECHNOLOGY            TIME
─────── ─────────────────────────────── ───────────────────── ──────
6.1     Flush remaining buffer           Drizzle → PG          5ms
        (< 25 transactions)

6.2     Write final scan log:            Drizzle → PG          2ms
        UPDATE scan_logs SET
        finished_at = NOW(),
        emails_found = {n},
        emails_parsed = {n},
        errors = {n}

6.3     Write switcher logs:             Drizzle → PG          2ms
        INSERT INTO ai_switcher_logs
        (batch of all switch events)

6.4     WebSocket emit:                  Socket.io             <1ms
        scan:completed {
          jobId,
          summary: { found, parsed,
            skipped, errors },
          dateRange,
          duration: "45s"
        }

6.5     Frontend shows toast:            Sonner (toast lib)    —
        "47 nouveaux virements
        importés en 45 secondes"

6.6     Dashboard auto-refreshes         TanStack Query        —
        transaction list                 invalidateQueries()
        (already live via WebSocket,     (backup full refresh)
        but also invalidates cache)

3. AI Model Connection Map

Exactly which AI model does what, and where in the code it connects.

┌──────────────────────────────────────────────────────────────────────────┐
│                                                                          │
│  WHAT AI DOES IN THIS PROJECT:                                           │
│                                                                          │
│  AI has ONE job: Parse raw Interac email text → structured JSON          │
│                                                                          │
│  AI does NOT do:                                                         │
│  ✗ Branch routing (pure lookup table, no AI)                            │
│  ✗ PDF generation (PDFKit / @react-pdf/renderer, no AI)                 │
│  ✗ Export CSV/Excel (SheetJS, no AI)                                    │
│  ✗ Dashboard charts (Recharts, no AI)                                   │
│  ✗ Authentication (Google OAuth, no AI)                                 │
│  ✗ Email fetching (Gmail API / IMAP, no AI)                             │
│  ✗ Database queries (Drizzle ORM / SQL, no AI)                          │
│  ✗ Real-time updates (WebSocket, no AI)                                 │
│                                                                          │
└──────────────────────────────────────────────────────────────────────────┘

Where Each Model Connects

┌─────────────────────────────────────────────────────────────────────────┐
│  FILE: packages/server/src/services/aiProviderPool.ts                    │
│  CLASS: AIProviderPool                                                   │
│  METHOD: parse(emailBody: string) → InteracTransaction                   │
│                                                                         │
│  This is the ONLY place AI is called in the entire application.          │
│  Everything below is managed by the auto-switcher inside this method.    │
│                                                                         │
│  SLOT 1 ─── groq:gpt-oss-20b ──────────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    openai/gpt-oss-20b                                        │
│  │  API:      POST https://api.groq.com/openai/v1/chat/completions      │
│  │  SDK:      openai npm (baseURL override)                             │
│  │  File:     packages/server/src/providers/groq.ts                     │
│  │  Auth:     GROQ_API_KEY env var (free, no credit card)               │
│  │  Speed:    1,000 tokens/sec · response in ~150ms                     │
│  │  Free:     30 RPM · 7,000 req/day · 500K tokens/day                 │
│  │  Input:    ~800 tokens (system prompt + email body)                   │
│  │  Output:   ~200 tokens (JSON transaction object)                      │
│  │  Quality:  ★★★★☆ (good at structured extraction)                    │
│  │  French:   ★★★★☆                                                    │
│  │                                                                      │
│  SLOT 2 ─── groq:llama4-scout ─────────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    meta-llama/llama-4-scout-17b-16e-instruct                 │
│  │  API:      POST https://api.groq.com/openai/v1/chat/completions      │
│  │  SDK:      openai npm (same Groq adapter)                            │
│  │  Speed:    594 tokens/sec                                            │
│  │  Free:     30 RPM · 1,000 req/day · 500K tokens/day                 │
│  │  Quality:  ★★★★☆                                                    │
│  │  French:   ★★★½☆                                                    │
│  │                                                                      │
│  SLOT 3 ─── groq:llama31-8b ──────────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    llama-3.1-8b-instant                                      │
│  │  API:      POST https://api.groq.com/openai/v1/chat/completions      │
│  │  Speed:    840 tokens/sec · response in ~100ms                       │
│  │  Free:     30 RPM · 14,400 req/day · 500K tokens/day                │
│  │  Quality:  ★★★☆☆ (simpler extraction, may miss edge cases)          │
│  │  French:   ★★★☆☆                                                    │
│  │                                                                      │
│  SLOT 4 ─── groq:qwen3-32b ───────────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    qwen/qwen3-32b                                            │
│  │  Speed:    662 tokens/sec                                            │
│  │  Free:     30 RPM · 1,000 req/day · 500K tokens/day                 │
│  │  Quality:  ★★★★☆                                                    │
│  │  French:   ★★★★☆ (strong multilingual)                              │
│  │                                                                      │
│  SLOT 5 ─── groq:llama4-maverick ──────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    meta-llama/llama-4-maverick-17b-128e-instruct             │
│  │  Speed:    562 tokens/sec                                            │
│  │  Free:     30 RPM · 1,000 req/day · 500K tokens/day                 │
│  │  Quality:  ★★★★☆                                                    │
│  │  French:   ★★★★☆                                                    │
│  │                                                                      │
│  SLOT 6 ─── groq:gpt-oss-120b ────────────────────────────────────────│
│  │  Provider: Groq                                                      │
│  │  Model:    openai/gpt-oss-120b                                       │
│  │  Speed:    500 tokens/sec                                            │
│  │  Free:     30 RPM · 1,000 req/day · 100K tokens/day                 │
│  │  Quality:  ★★★★★ (best reasoning on Groq)                           │
│  │  French:   ★★★★☆                                                    │
│  │                                                                      │
│  ────── PROVIDER BOUNDARY: Groq → Mistral ──────────────────────────── │
│                                                                         │
│  SLOT 7 ─── mistral:small-3.2 ────────────────────────────────────────│
│  │  Provider: Mistral AI                                                │
│  │  Model:    mistral-small-3.2-24b-instruct                            │
│  │  API:      POST https://api.mistral.ai/v1/chat/completions           │
│  │  SDK:      fetch() (OpenAI-compatible)                               │
│  │  File:     packages/server/src/providers/mistral.ts                  │
│  │  Auth:     MISTRAL_API_KEY env var (free, no credit card)            │
│  │  Speed:    ~200 tokens/sec · response in ~400ms                      │
│  │  Free:     2 RPM · ~2,880 req/day · 1B tokens/month                 │
│  │  Quality:  ★★★★☆ (excellent structured extraction)                  │
│  │  French:   ★★★★★ (built by French company, native French)           │
│  │                                                                      │
│  SLOT 8 ─── mistral:medium-3.1 ───────────────────────────────────────│
│  │  Provider: Mistral AI                                                │
│  │  Model:    mistral-medium-3.1                                        │
│  │  Speed:    ~150 tokens/sec                                           │
│  │  Free:     2 RPM · ~2,880 req/day · 1B tokens/month                 │
│  │  Quality:  ★★★★★ (highest accuracy)                                 │
│  │  French:   ★★★★★                                                    │
│  │                                                                      │
│  SLOT 9 ─── mistral:ministral-8b ─────────────────────────────────────│
│  │  Provider: Mistral AI                                                │
│  │  Model:    ministral-8b-2512                                         │
│  │  Speed:    ~300 tokens/sec                                           │
│  │  Free:     2 RPM · ~2,880 req/day · 1B tokens/month                 │
│  │  Quality:  ★★★☆☆                                                    │
│  │  French:   ★★★★☆                                                    │
│  │                                                                      │
└─────────────────────────────────────────────────────────────────────────┘

4. Technology → Purpose Map (Every Library)

Frontend (packages/web)

Technology	Version	What It Does in This Project	Touches AI?
Vite	6	Dev server, HMR, production bundler	No
React	19	Component rendering, UI framework	No
TypeScript	5	Type safety across all code	No
Tailwind CSS	4	Utility-first styling for all components	No
shadcn/ui	latest	Pre-built components: Button, Dialog, DatePicker, Table, Toggle, Toast	No
React Router	v7	Page routing: /login, /dashboard, /scan, /settings, /reports	No
Zustand	latest	Global state: auth user, scan status, provider pool status	No
TanStack Query	v5	Server state: transactions list, scan history, settings (auto-cache, refetch)	No
TanStack Table	v8	Dashboard transaction table: sort, filter, paginate, select, expand	No
React Hook Form	latest	Settings forms: AI config, branch config, scan date range	No
Zod	latest	Frontend validation: date ranges, settings input	No
Socket.io-client	latest	Real-time: scan:progress, transaction:new, ai:switcher events	No
Recharts	latest	Reports page: bar charts, line charts, pie charts	No
@react-pdf/renderer	latest	Client-side PDF receipt generation (single transaction)	No
SheetJS	latest	Client-side Excel/CSV export	No
date-fns	latest	Date formatting with fr-CA locale	No
Lucide React	latest	Icons throughout the UI	No
Sonner	latest	Toast notifications ("47 virements importés")	No
react-i18next	latest	French UI translations	No
p-limit	latest	Used in scan progress UI for throttled updates	No

Backend (packages/server)

Technology	Version	What It Does in This Project	Touches AI?
Express.js	5	HTTP API server, route handling	No
TypeScript	5	Type safety across all server code	No
googleapis	latest	Gmail API: fetch message IDs, fetch full MIME emails	No
google-auth-library	latest	OAuth 2.0: token exchange, refresh, consent URL	No
imapflow	latest	IMAP fallback: connect to Gmail via IMAP if API unavailable	No
openai (npm)	latest	Groq adapter: same SDK, different baseURL → api.groq.com	YES
fetch (built-in)	—	Mistral adapter: direct HTTP to api.mistral.ai	YES
@anthropic-ai/sdk	latest	Claude adapter (optional paid): api.anthropic.com	YES
Drizzle ORM	latest	Database queries: all CRUD, batch inserts, migrations	No
PostgreSQL driver (pg)	latest	Database connection pooling	No
Redis (ioredis)	latest	BullMQ backend, rate limit counters, session cache	No
BullMQ	latest	Background job queue: scan jobs run async, not blocking API	No
Socket.io	latest	WebSocket server: push scan progress + provider switches to UI	No
jsonwebtoken	latest	JWT: issue access tokens (15 min) + refresh tokens (7 day)	No
PDFKit	latest	Server-side batch PDF receipt generation	No
Pino	latest	Structured JSON logging	No
Helmet	latest	Security headers (CSP, HSTS, etc.)	No
cors	latest	CORS policy: restrict to known frontend origins	No
express-rate-limit	latest	API rate limiting (prevent abuse of scan endpoints)	No
p-limit	latest	Concurrency control: 10 Gmail fetches, 15 Groq parses	No
Zod	latest	Server-side validation: AI output JSON, API request bodies	No
crypto (built-in)	—	AES-256 encryption: OAuth tokens at rest in PostgreSQL	No

Shared (packages/shared)

Technology	What It Does
TypeScript types	InteracTransaction, ScanDateRange, ProviderSlot, SwitcherEvent
BRANCH_MAPPING	48 email→branch lookup pairs (no AI needed)
resolveScanDates()	Preset→date range helper
Zod schemas	InteracTransactionSchema for validating AI output

5. AI Data Flow — Input → Output

What Goes INTO the AI

╔══════════════════════════════════════════════════════════════════════╗
║  SYSTEM PROMPT (~350 tokens, same for every email, cached)          ║
║                                                                     ║
║  "You are a financial data extraction assistant. Given the raw      ║
║  text/HTML of an Interac e-Transfer notification email from         ║
║  notify@payments.interac.ca, extract the following fields into      ║
║  a JSON object:                                                     ║
║                                                                     ║
║  - sender: The name of the person who sent the money                ║
║  - amount: The dollar amount (numeric, no $ sign)                   ║
║  - currency: Always "CAD"                                           ║
║  - reference: The Interac reference number                          ║
║  - message: The personal message/memo (null if none)                ║
║  - recipient_email: The email the transfer was sent TO              ║
║  - date: The date/time in ISO 8601 format                           ║
║  - status: One of deposited, pending, expired, cancelled            ║
║                                                                     ║
║  Return ONLY valid JSON, no markdown, no explanation."              ║
╠══════════════════════════════════════════════════════════════════════╣
║  USER MESSAGE (~450 tokens, unique per email)                        ║
║                                                                     ║
║  "Extract transaction details:                                      ║
║                                                                     ║
║  INTERAC e-Transfer                                                 ║
║  Bonjour, vous avez reçu un virement Interac de Jean Tremblay.     ║
║  Montant : 150,00 $ (CAD)                                          ║
║  Numéro de référence: CA1b2c3d4e5f                                  ║
║  Message de l'expéditeur : Dîme mars 2025                           ║
║  Ce virement a été automatiquement déposé dans le compte de:        ║
║  montreal.finances@iccameriques.org                                 ║
║  Date: 23 février 2026 14:30                                        ║
║  ..."                                                               ║
╚══════════════════════════════════════════════════════════════════════╝

Total input: ~800 tokens

What Comes OUT of the AI

╔══════════════════════════════════════════════════════════════════════╗
║  AI RESPONSE (~200 tokens)                                           ║
║                                                                     ║
║  {                                                                  ║
║    "sender": "Jean Tremblay",                                       ║
║    "amount": 150.00,                                                ║
║    "currency": "CAD",                                               ║
║    "reference": "CA1b2c3d4e5f",                                     ║
║    "message": "Dîme mars 2025",                                     ║
║    "recipient_email": "montreal.finances@iccameriques.org",         ║
║    "date": "2026-02-23T14:30:00Z",                                  ║
║    "status": "deposited"                                            ║
║  }                                                                  ║
╚══════════════════════════════════════════════════════════════════════╝

Total output: ~200 tokens
Total per email: ~1,000 tokens

What Happens AFTER AI (No AI Involved)

AI Output (JSON)
      │
      ▼
Zod Validation ──── FAIL? → log warning, retry with next model, or flag as needs_review
      │
      ✅ PASS
      │
      ▼
Branch Routing ──── BRANCH_MAPPING["montreal.finances@iccameriques.org"] → "ICC Montréal"
      │               (pure JavaScript lookup, no AI)
      │
      ▼
PostgreSQL INSERT ── Drizzle ORM → INSERT INTO transactions (...)
      │
      ▼
WebSocket Push ──── Socket.io → transaction:new { ... }
      │
      ▼
React Dashboard ─── TanStack Table auto-adds row to table
      │
      ▼
User Sees New Row ── "Jean Tremblay | 150,00 $ | ICC Montréal | Déposé"

6. Speed Optimization — Why It's Fast

Old Architecture (Sequential)

Email 1: [Fetch 100ms] → [AI Parse 300ms] → [Save 5ms] = 405ms
Email 2:                                                    [Fetch] → [Parse] → [Save]
Email 3:                                                                            [Fetch] → ...
Total for 50 emails: 50 × 405ms = 20,250ms = ~20 seconds

New Architecture (Parallel Pipeline)

Time →   0ms    100ms    200ms    300ms    400ms    500ms
         ┌──────┬──────┬──────┬──────┬──────┬──────┐
Fetch:   │E1-E10│E11-20│E21-30│E31-40│E41-50│      │  (10 concurrent)
Parse:   │      │P1-P15│P16-30│P31-45│P46-50│      │  (15 concurrent)
Save:    │      │      │S1-S25│      │S26-50│      │  (batch 25)
         └──────┴──────┴──────┴──────┴──────┴──────┘

Total for 50 emails: ~500ms for fetches + ~700ms for parses = ~1.2 seconds
                     (stages overlap, so total < sum)

Concurrency Budget Per Free Tier

                           GROQ                    MISTRAL
RPM (requests/minute):     30                      2
Safe concurrency:          15 concurrent calls     1 sequential call
Time per AI call:          ~150ms (Groq is fast)   ~400ms
Emails parsed per minute:  ~30 (RPM-limited)       ~2 (RPM-limited)
Emails parsed per hour:    ~1,800                  ~120

WITH AUTO-SWITCHER (all 6 Groq + 3 Mistral):
Effective RPM:             30 + 30 + 30 + 30 + 30 + 30 + 2 + 2 + 2 = 186 RPM*
                           (*until individual daily limits hit)

First hour throughput:     ~180 emails/min = ~10,800 emails/hour

Speed Benchmarks (Revised with Pipeline)

Scan Type	Emails	Time (Pipeline + Auto-Switcher)
Today	50	~12 seconds
7 Days	200	~35 seconds
Custom (1 month)	1,000	~3 minutes
Custom (6 months)	5,000	~15 minutes
Custom (1 year)	10,000	~30 minutes

7. Non-AI Technology Flows

PDF Receipt Generation (No AI)

User clicks "Générer reçu" on a transaction row
      │
      ▼
CLIENT-SIDE (single receipt):
  @react-pdf/renderer builds PDF in browser
  Template: ICC logo + transaction details + branch info + date
  Downloads immediately as "recu_CA1b2c3d4e5f.pdf"

SERVER-SIDE (batch receipts):
  POST /api/receipts/batch { transactionIds: [...] }
      │
      ▼
  PDFKit generates PDF per transaction
  Merges into single ZIP file
  Returns ZIP for download

CSV/Excel Export (No AI)

User clicks "Exporter" → selects CSV or Excel
      │
      ▼
CLIENT-SIDE:
  SheetJS (xlsx npm) builds file from TanStack Table data
  Columns: Date | Expéditeur | Montant | Référence | Succursale | Statut
  fr-CA formatting: "1 500,00 $" not "$1,500.00"
  Downloads immediately

Reports & Charts (No AI)

User navigates to /reports
      │
      ▼
  GET /api/transactions/stats?from=2026-01-01&to=2026-02-23
      │
      ▼
  PostgreSQL aggregation queries:
    - SUM(amount) GROUP BY month → bar chart (Recharts)
    - COUNT(*) GROUP BY status → pie chart (Recharts)
    - COUNT(*) GROUP BY branch → top branches table
    - SUM(amount) over time → trend line chart (Recharts)
      │
      ▼
  React renders charts with Recharts
  No AI involved — pure SQL aggregation + charting library

Real-Time Dashboard Updates (No AI)

Server saves new transaction to PostgreSQL
      │
      ▼
  Socket.io server emits:
    transaction:new { transaction: {...} }
      │
      ▼
  Socket.io client receives event
      │
      ▼
  Zustand store updates transaction list
      │
      ▼
  TanStack Table re-renders with new row
  (animated row insertion at top of table)
      │
      ▼
  SummaryBar recalculates totals
  (no page refresh, no API call needed)

8. Security Flow (No AI)

1. User clicks "Se connecter avec Google"
2. Frontend redirects to Google OAuth consent URL
   (scopes: gmail.readonly, userinfo.email, userinfo.profile)
3. User approves → Google redirects to /api/auth/google/callback?code=xxx
4. Backend exchanges auth code for access_token + refresh_token
   (google-auth-library)
5. Backend encrypts tokens with AES-256 (crypto module)
6. Backend stores encrypted tokens in PostgreSQL (users table)
7. Backend issues JWT: { userId, email, role, exp: 15min }
   (jsonwebtoken)
8. Frontend stores JWT in httpOnly secure cookie
9. Every API request includes JWT in Authorization header
10. Backend middleware verifies JWT on every request
    (jsonwebtoken.verify)
11. If JWT expired → frontend calls POST /api/auth/refresh
    with refresh token → new JWT issued

This document is a companion to the ICC Interac Manager Build Prompt and the FREE AI Models Guide. Together, the three documents provide everything needed to build the complete system.