.planning/ROADMAP.md

# Roadmap: Teressa Copeland Homes

## Overview

A dual-product build: a public real estate marketing site for a solo Utah agent and a private document-signing portal that replaces per-month third-party tools with a fully branded, custom implementation. The build proceeds in dependency order — foundation first, then independent public site, then the agent portal in three layers (shell, PDF ingest, PDF fill), then the signing ceremony as a complete vertical slice, then the final visibility and download layer. Every phase delivers a coherent, verifiable capability. The legally critical components (audit trail, one-time tokens, tamper-evident hash) are woven into Phase 6 from the start — they cannot be retrofitted.

## Phases

**Phase Numbering:**
- Integer phases (1, 2, 3): Planned milestone work
- Decimal phases (2.1, 2.2): Urgent insertions (marked with INSERTED)

Decimal phases appear between their surrounding integers in numeric order.

- [ ] **Phase 1: Foundation** - Next.js project, database schema, Vercel Blob storage, and three-layer agent authentication
- [ ] **Phase 2: Marketing Site** - Public-facing hero, bio, contact form, testimonials, and listings placeholder
- [ ] **Phase 3: Agent Portal Shell** - Client management (create/view/profile) and dashboard skeleton with document status
- [ ] **Phase 4: PDF Ingest** - Agent PDF upload, Vercel Blob storage pipeline, browser rendering, and document record creation
- [ ] **Phase 5: PDF Fill and Field Mapping** - Drag-and-drop signature field placement, coordinate conversion, and agent text fill
- [ ] **Phase 6: Signing Flow** - Complete end-to-end signing ceremony with legal compliance: email delivery, signing page, canvas capture, audit trail
- [ ] **Phase 7: Audit Trail and Download** - Secure signed PDF download, document status tracking, and client-facing confirmation screen

## Phase Details

### Phase 1: Foundation
**Goal**: Agent can log in, reach the portal, and the infrastructure that every subsequent phase depends on is in place
**Depends on**: Nothing (first phase)
**Requirements**: AUTH-01, AUTH-02, AUTH-03, AUTH-04
**Success Criteria** (what must be TRUE):
  1. Agent can log in with email and password and reach a portal page (blank dashboard is acceptable)
  2. Agent session persists after browser refresh and tab close — agent does not have to log in again
  3. Visiting any `/agent/*` route while unauthenticated redirects to the login page (not a 404 or blank screen)
  4. Agent can log out from the portal and is returned to the login page
  5. Database schema is deployed to Neon, Vercel Blob bucket is created, and the project is deployed to Vercel with environment variables wired
**Plans**: 3 plans

Plans:
- [ ] 01-01-PLAN.md — Next.js scaffold, Drizzle schema, Auth.js v5 config, route-protection middleware, seed script
- [ ] 01-02-PLAN.md — Branded login page, agent portal layout, dashboard stub, logout mechanism
- [ ] 01-03-PLAN.md — Git push, Vercel deployment, production auth flow verification (checkpoint)

### Phase 2: Marketing Site
**Goal**: Visitors can find Teressa online, see her brand, view the listings placeholder, and submit a contact inquiry
**Depends on**: Phase 1
**Requirements**: MKTG-01, MKTG-02, MKTG-03, MKTG-04
**Success Criteria** (what must be TRUE):
  1. Visitor sees Teressa's professional photo and warm introductory bio in the hero section at teressacopelandhomes.com
  2. Visitor sees a testimonials section with client reviews on the homepage
  3. Visitor sees a "listings coming soon" placeholder section (full WFRMLS listings deferred to v2)
  4. Visitor can submit a contact form with name, email, phone, and message — and the submission is received
**Plans**: TBD

Plans: none yet

### Phase 3: Agent Portal Shell
**Goal**: Agent can manage clients and see all documents with their current status at a glance
**Depends on**: Phase 1
**Requirements**: CLIENT-01, CLIENT-02, CLIENT-03, DASH-01, DASH-02
**Success Criteria** (what must be TRUE):
  1. Agent can create a client record with name and email address
  2. Agent can view a list of all clients
  3. Agent can view a client's profile page and see the documents associated with that client
  4. Agent can see all documents in the dashboard with their current status (Draft / Sent / Viewed / Signed) and which client each was sent to and when
**Plans**: TBD

Plans: none yet

### Phase 4: PDF Ingest
**Goal**: Agent can upload a PDF form, see it rendered in the browser, and it is stored safely in Vercel Blob
**Depends on**: Phase 3
**Requirements**: DOC-01, DOC-02, DOC-03
**Success Criteria** (what must be TRUE):
  1. Agent can upload a PDF form (manual upload — no utahrealestate.com scraping) and the document appears in the portal
  2. Agent can view the uploaded PDF rendered in the browser on the document detail page
  3. The forms library reflects updated forms on at least a monthly basis (automated sync or manual re-upload path defined and working)
  4. Uploaded PDFs are stored in Vercel Blob (not local filesystem) and survive server restarts
**Plans**: TBD

Plans: none yet

### Phase 5: PDF Fill and Field Mapping
**Goal**: Agent can place signature fields on any page of a PDF and fill in client/property text fields before sending
**Depends on**: Phase 4
**Requirements**: DOC-04, DOC-05, DOC-06
**Success Criteria** (what must be TRUE):
  1. Agent can drag and drop signature fields onto any page of a PDF document and the fields appear at the correct position on the page
  2. Signature field coordinates are stored in PDF user space (bottom-left origin) — verified by a unit test against an actual Utah real estate form
  3. Agent can fill in text fields (property address, client names, dates, prices) on the document before sending
  4. Agent can assign the prepared document to a specific client and initiate a signing request
**Plans**: TBD

Plans: none yet

### Phase 6: Signing Flow
**Goal**: Client receives an email link, opens the prepared PDF in any browser, draws a signature, and the signed document is stored with a complete, legally defensible audit trail
**Depends on**: Phase 5
**Requirements**: SIGN-01, SIGN-02, SIGN-03, SIGN-04, SIGN-05, SIGN-06, LEGAL-01, LEGAL-02, LEGAL-04
**Success Criteria** (what must be TRUE):
  1. Client receives an email with a unique signing link and can open it in any browser (mobile or desktop) without creating an account
  2. The signing link expires after 72 hours and can only be used once — a used or expired link shows "already signed" (never the canvas)
  3. Client sees the prepared PDF with signature fields highlighted and can draw a freehand signature on a canvas on mobile and desktop (touch-action:none tested on iOS Safari and Android Chrome)
  4. Client can save a default signature and apply it to a signature field without redrawing
  5. Client sees a confirmation screen after successfully signing
  6. The system logs all 6 audit trail events server-side (document prepared, email sent, link opened with IP/UA, document viewed, signature submitted, final PDF hash computed) — all timestamps are server-side
  7. A SHA-256 hash of the final signed PDF is computed and stored immediately after signature embedding
  8. DNS (SPF/DKIM/DMARC) is configured for teressacopelandhomes.com before any signing link is sent to a real client
**Plans**: TBD

Plans: none yet

### Phase 7: Audit Trail and Download
**Goal**: Agent can download any signed PDF securely, and signed documents are never accessible via guessable public URLs
**Depends on**: Phase 6
**Requirements**: SIGN-07, LEGAL-03
**Success Criteria** (what must be TRUE):
  1. Agent can download the signed PDF from the dashboard via an authenticated presigned URL (5-minute TTL)
  2. Signed PDFs are stored in private Vercel Blob storage — a direct or guessable URL returns an access error, not the file
  3. Document status in the dashboard updates correctly to "Signed" after a signing ceremony completes
**Plans**: TBD

Plans: none yet

## Progress

**Execution Order:**
Phases execute in numeric order: 1 → 2 → 3 → 4 → 5 → 6 → 7

| Phase | Plans Complete | Status | Completed |
|-------|----------------|--------|-----------|
| 1. Foundation | 1/3 | In Progress|  |
| 2. Marketing Site | 0/? | Not started | - |
| 3. Agent Portal Shell | 0/? | Not started | - |
| 4. PDF Ingest | 0/? | Not started | - |
| 5. PDF Fill and Field Mapping | 0/? | Not started | - |
| 6. Signing Flow | 0/? | Not started | - |
| 7. Audit Trail and Download | 0/? | Not started | - |
docs: create roadmap (7 phases) 2026-03-19 12:25:02 -06:00			`# Roadmap: Teressa Copeland Homes`

			`## Overview`

			A dual-product build: a public real estate marketing site for a solo Utah agent and a private document-signing portal that replaces per-month third-party tools with a fully branded, custom implementation. The build proceeds in dependency order — foundation first, then independent public site, then the agent portal in three layers (shell, PDF ingest, PDF fill), then the signing ceremony as a complete vertical slice, then the final visibility and download layer. Every phase delivers a coherent, verifiable capability. The legally critical components (audit trail, one-time tokens, tamper-evident hash) are woven into Phase 6 from the start — they cannot be retrofitted.

			`## Phases`

			`Phase Numbering:`
			`- Integer phases (1, 2, 3): Planned milestone work`
			`- Decimal phases (2.1, 2.2): Urgent insertions (marked with INSERTED)`

			`Decimal phases appear between their surrounding integers in numeric order.`

			`- [ ] Phase 1: Foundation - Next.js project, database schema, Vercel Blob storage, and three-layer agent authentication`
			`- [ ] Phase 2: Marketing Site - Public-facing hero, bio, contact form, testimonials, and listings placeholder`
			`- [ ] Phase 3: Agent Portal Shell - Client management (create/view/profile) and dashboard skeleton with document status`
			`- [ ] Phase 4: PDF Ingest - Agent PDF upload, Vercel Blob storage pipeline, browser rendering, and document record creation`
			`- [ ] Phase 5: PDF Fill and Field Mapping - Drag-and-drop signature field placement, coordinate conversion, and agent text fill`
			`- [ ] Phase 6: Signing Flow - Complete end-to-end signing ceremony with legal compliance: email delivery, signing page, canvas capture, audit trail`
			`- [ ] Phase 7: Audit Trail and Download - Secure signed PDF download, document status tracking, and client-facing confirmation screen`

			`## Phase Details`

			`### Phase 1: Foundation`
			`Goal: Agent can log in, reach the portal, and the infrastructure that every subsequent phase depends on is in place`
			`Depends on: Nothing (first phase)`
			`Requirements: AUTH-01, AUTH-02, AUTH-03, AUTH-04`
			`Success Criteria (what must be TRUE):`
			`1. Agent can log in with email and password and reach a portal page (blank dashboard is acceptable)`
			`2. Agent session persists after browser refresh and tab close — agent does not have to log in again`
			3. Visiting any `/agent/*` route while unauthenticated redirects to the login page (not a 404 or blank screen)
			`4. Agent can log out from the portal and is returned to the login page`
			`5. Database schema is deployed to Neon, Vercel Blob bucket is created, and the project is deployed to Vercel with environment variables wired`
docs(01-foundation): create phase 1 plan 2026-03-19 13:24:04 -06:00			`Plans: 3 plans`
docs: create roadmap (7 phases) 2026-03-19 12:25:02 -06:00
docs(01-foundation): create phase 1 plan 2026-03-19 13:24:04 -06:00			`Plans:`
			`- [ ] 01-01-PLAN.md — Next.js scaffold, Drizzle schema, Auth.js v5 config, route-protection middleware, seed script`
			`- [ ] 01-02-PLAN.md — Branded login page, agent portal layout, dashboard stub, logout mechanism`
			`- [ ] 01-03-PLAN.md — Git push, Vercel deployment, production auth flow verification (checkpoint)`
docs: create roadmap (7 phases) 2026-03-19 12:25:02 -06:00
			`### Phase 2: Marketing Site`
			`Goal: Visitors can find Teressa online, see her brand, view the listings placeholder, and submit a contact inquiry`
			`Depends on: Phase 1`
			`Requirements: MKTG-01, MKTG-02, MKTG-03, MKTG-04`
			`Success Criteria (what must be TRUE):`
			`1. Visitor sees Teressa's professional photo and warm introductory bio in the hero section at teressacopelandhomes.com`
			`2. Visitor sees a testimonials section with client reviews on the homepage`
			`3. Visitor sees a "listings coming soon" placeholder section (full WFRMLS listings deferred to v2)`
			`4. Visitor can submit a contact form with name, email, phone, and message — and the submission is received`
			`Plans: TBD`

			`Plans: none yet`

			`### Phase 3: Agent Portal Shell`
			`Goal: Agent can manage clients and see all documents with their current status at a glance`
			`Depends on: Phase 1`
			`Requirements: CLIENT-01, CLIENT-02, CLIENT-03, DASH-01, DASH-02`
			`Success Criteria (what must be TRUE):`
			`1. Agent can create a client record with name and email address`
			`2. Agent can view a list of all clients`
			`3. Agent can view a client's profile page and see the documents associated with that client`
			`4. Agent can see all documents in the dashboard with their current status (Draft / Sent / Viewed / Signed) and which client each was sent to and when`
			`Plans: TBD`

			`Plans: none yet`

			`### Phase 4: PDF Ingest`
			`Goal: Agent can upload a PDF form, see it rendered in the browser, and it is stored safely in Vercel Blob`
			`Depends on: Phase 3`
			`Requirements: DOC-01, DOC-02, DOC-03`
			`Success Criteria (what must be TRUE):`
			`1. Agent can upload a PDF form (manual upload — no utahrealestate.com scraping) and the document appears in the portal`
			`2. Agent can view the uploaded PDF rendered in the browser on the document detail page`
			`3. The forms library reflects updated forms on at least a monthly basis (automated sync or manual re-upload path defined and working)`
			`4. Uploaded PDFs are stored in Vercel Blob (not local filesystem) and survive server restarts`
			`Plans: TBD`

			`Plans: none yet`

			`### Phase 5: PDF Fill and Field Mapping`
			`Goal: Agent can place signature fields on any page of a PDF and fill in client/property text fields before sending`
			`Depends on: Phase 4`
			`Requirements: DOC-04, DOC-05, DOC-06`
			`Success Criteria (what must be TRUE):`
			`1. Agent can drag and drop signature fields onto any page of a PDF document and the fields appear at the correct position on the page`
			`2. Signature field coordinates are stored in PDF user space (bottom-left origin) — verified by a unit test against an actual Utah real estate form`
			`3. Agent can fill in text fields (property address, client names, dates, prices) on the document before sending`
			`4. Agent can assign the prepared document to a specific client and initiate a signing request`
			`Plans: TBD`

			`Plans: none yet`

			`### Phase 6: Signing Flow`
			`Goal: Client receives an email link, opens the prepared PDF in any browser, draws a signature, and the signed document is stored with a complete, legally defensible audit trail`
			`Depends on: Phase 5`
			`Requirements: SIGN-01, SIGN-02, SIGN-03, SIGN-04, SIGN-05, SIGN-06, LEGAL-01, LEGAL-02, LEGAL-04`
			`Success Criteria (what must be TRUE):`
			`1. Client receives an email with a unique signing link and can open it in any browser (mobile or desktop) without creating an account`
			`2. The signing link expires after 72 hours and can only be used once — a used or expired link shows "already signed" (never the canvas)`
			`3. Client sees the prepared PDF with signature fields highlighted and can draw a freehand signature on a canvas on mobile and desktop (touch-action:none tested on iOS Safari and Android Chrome)`
			`4. Client can save a default signature and apply it to a signature field without redrawing`
			`5. Client sees a confirmation screen after successfully signing`
			`6. The system logs all 6 audit trail events server-side (document prepared, email sent, link opened with IP/UA, document viewed, signature submitted, final PDF hash computed) — all timestamps are server-side`
			`7. A SHA-256 hash of the final signed PDF is computed and stored immediately after signature embedding`
			`8. DNS (SPF/DKIM/DMARC) is configured for teressacopelandhomes.com before any signing link is sent to a real client`
			`Plans: TBD`

			`Plans: none yet`

			`### Phase 7: Audit Trail and Download`
			`Goal: Agent can download any signed PDF securely, and signed documents are never accessible via guessable public URLs`
			`Depends on: Phase 6`
			`Requirements: SIGN-07, LEGAL-03`
			`Success Criteria (what must be TRUE):`
			`1. Agent can download the signed PDF from the dashboard via an authenticated presigned URL (5-minute TTL)`
			`2. Signed PDFs are stored in private Vercel Blob storage — a direct or guessable URL returns an access error, not the file`
			`3. Document status in the dashboard updates correctly to "Signed" after a signing ceremony completes`
			`Plans: TBD`

			`Plans: none yet`

			`## Progress`

			`Execution Order:`
			`Phases execute in numeric order: 1 → 2 → 3 → 4 → 5 → 6 → 7`

			`\| Phase \| Plans Complete \| Status \| Completed \|`
			`\|-------\|----------------\|--------\|-----------\|`
docs(01-01): complete foundation scaffold plan 2026-03-19 13:36:14 -06:00			`\| 1. Foundation \| 1/3 \| In Progress\| \|`
docs: create roadmap (7 phases) 2026-03-19 12:25:02 -06:00			`\| 2. Marketing Site \| 0/? \| Not started \| - \|`
			`\| 3. Agent Portal Shell \| 0/? \| Not started \| - \|`
			`\| 4. PDF Ingest \| 0/? \| Not started \| - \|`
			`\| 5. PDF Fill and Field Mapping \| 0/? \| Not started \| - \|`
			`\| 6. Signing Flow \| 0/? \| Not started \| - \|`
			`\| 7. Audit Trail and Download \| 0/? \| Not started \| - \|`