[CLAUDE] Phase1: foundation - BE Clean Arch + Identity + JWT + 2 FE React + login E2E

Backend (.NET 10):
- Domain: BaseEntity/AuditableEntity, ContractType/Phase/ApprovalDecision enums, User/Role (Identity<Guid>), AppRoles (12 const)
- Application: IApplicationDbContext/ICurrentUser/IDateTime/IJwtTokenService, custom exceptions, ValidationBehavior (MediatR pipeline), Auth CQRS (Login/Refresh/Me), DependencyInjection
- Infrastructure: ApplicationDbContext (IdentityDbContext), AuditingInterceptor (auto audit + soft delete), DbInitializer (seed 12 role + admin), DesignTimeDbContextFactory, JwtTokenService, DateTimeService, DI
- Api: CurrentUserService, GlobalExceptionMiddleware (ProblemDetails), AuthController, Program.cs rewrite (Serilog + JWT + CORS + Swagger), appsettings + launchSettings (port 5443)
- Migration Init applied to SolutionErp_Dev LocalDB

Frontend (React 19 + Vite 8 + Tailwind 4):
- fe-admin (:8082 blue) + fe-user (:8080 emerald) - shared structure, khac menu + brand color
- Tailwind 4 via @tailwindcss/vite plugin, theme brand colors
- AuthContext (localStorage token), ProtectedRoute, Layout (sidebar + header)
- UI kit: Button/Input/Label (CVA + Tailwind)
- LoginPage voi toast error, DashboardPage/InboxPage placeholder
- Axios interceptor: auto Bearer + 401 redirect
- TanStack Query client, React Router 7, Sonner toast

Package downgrades (do .NET 10 / TS 6 compat):
- MediatR 14 -> 12.4.1 (v14 breaking changes)
- Swashbuckle 10 -> 6.9.0 (v10 khong tuong thich OpenApi 2)
- Removed Microsoft.AspNetCore.OpenApi (conflict voi Swashbuckle)

E2E verified: POST /api/auth/login qua Vite proxy ca 2 FE -> JWT + user info

Credentials seed: admin@solutionerp.local / Admin@123456

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/Backend/SolutionErp.Domain/Common/AuditableEntity.cs

@@ -0,0 +1,8 @@
+namespace SolutionErp.Domain.Common;
+
+public abstract class AuditableEntity : BaseEntity
+{
+    public bool IsDeleted { get; set; }
+    public DateTime? DeletedAt { get; set; }
+    public Guid? DeletedBy { get; set; }
+}

src/Backend/SolutionErp.Domain/Common/BaseEntity.cs

@@ -0,0 +1,10 @@
+namespace SolutionErp.Domain.Common;
+
+public abstract class BaseEntity
+{
+    public Guid Id { get; set; } = Guid.NewGuid();
+    public DateTime CreatedAt { get; set; }
+    public DateTime? UpdatedAt { get; set; }
+    public Guid? CreatedBy { get; set; }
+    public Guid? UpdatedBy { get; set; }
+}

src/Backend/SolutionErp.Domain/Contracts/ApprovalDecision.cs

@@ -0,0 +1,9 @@
+namespace SolutionErp.Domain.Contracts;
+
+public enum ApprovalDecision
+{
+    Pending = 0,
+    Approve = 1,
+    Reject = 2,
+    AutoApprove = 3,
+}

src/Backend/SolutionErp.Domain/Contracts/ContractPhase.cs

@@ -0,0 +1,16 @@
+namespace SolutionErp.Domain.Contracts;
+
+// 9 phase state machine — xem docs/workflow-contract.md
+public enum ContractPhase
+{
+    DangChon = 1,
+    DangSoanThao = 2,
+    DangGopY = 3,
+    DangDamPhan = 4,
+    DangInKy = 5,
+    DangKiemTraCCM = 6,
+    DangTrinhKy = 7,
+    DangDongDau = 8,
+    DaPhatHanh = 9,
+    TuChoi = 99,
+}

src/Backend/SolutionErp.Domain/Contracts/ContractType.cs

@@ -0,0 +1,12 @@
+namespace SolutionErp.Domain.Contracts;
+
+public enum ContractType
+{
+    HopDongThauPhu = 1,
+    HopDongGiaoKhoan = 2,
+    HopDongNhaCungCap = 3,
+    HopDongDichVu = 4,
+    HopDongMuaBan = 5,
+    HopDongNguyenTacNCC = 6,
+    HopDongNguyenTacDichVu = 7,
+}

src/Backend/SolutionErp.Domain/Identity/AppRoles.cs

@@ -0,0 +1,23 @@
+namespace SolutionErp.Domain.Identity;
+
+public static class AppRoles
+{
+    public const string Admin = "Admin";
+    public const string Drafter = "Drafter";
+    public const string DeptManager = "DeptManager";
+    public const string ProjectManager = "ProjectManager";
+    public const string Procurement = "Procurement";
+    public const string CostControl = "CostControl";
+    public const string Finance = "Finance";
+    public const string Accounting = "Accounting";
+    public const string Equipment = "Equipment";
+    public const string Director = "Director";
+    public const string AuthorizedSigner = "AuthorizedSigner";
+    public const string HrAdmin = "HrAdmin";
+
+    public static readonly string[] All = [
+        Admin, Drafter, DeptManager, ProjectManager,
+        Procurement, CostControl, Finance, Accounting, Equipment,
+        Director, AuthorizedSigner, HrAdmin,
+    ];
+}

src/Backend/SolutionErp.Domain/Identity/Role.cs

@@ -0,0 +1,9 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace SolutionErp.Domain.Identity;
+
+public class Role : IdentityRole<Guid>
+{
+    public string? Description { get; set; }
+    public DateTime CreatedAt { get; set; }
+}

src/Backend/SolutionErp.Domain/Identity/User.cs

@@ -0,0 +1,13 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace SolutionErp.Domain.Identity;
+
+public class User : IdentityUser<Guid>
+{
+    public string FullName { get; set; } = string.Empty;
+    public string? RefreshToken { get; set; }
+    public DateTime? RefreshTokenExpiresAt { get; set; }
+    public bool IsActive { get; set; } = true;
+    public DateTime CreatedAt { get; set; }
+    public DateTime? UpdatedAt { get; set; }
+}

src/Backend/SolutionErp.Domain/SolutionErp.Domain.csproj

@@ -6,4 +6,8 @@
     <Nullable>enable</Nullable>
   </PropertyGroup>
 
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.Identity.Stores" Version="10.0.6" />
+  </ItemGroup>
+
 </Project>