A full-stack fintech wallet application built with Django, HTMX, Celery, Redis, and PostgreSQL-oriented settings. The project is designed around strict portal separation, secure wallet operations, fraud review workflows, async PDF statements, and staff analytics.
Digital Wallet Dashboard is a multi-portal financial operations project with:
- a client portal for wallet usage
- a staff portal for fraud review and operational oversight
- a custom email-based authentication system
- atomic wallet services to protect balances and transaction consistency
- async statement generation for downloadable PDF reports
- analytics dashboards for internal operational visibility
The application itself is complete enough for local use and verification. Deployment is intentionally not completed at this stage to save time and cost.
- Email-based registration and login
- Wallet dashboard with live balance and recent transactions
- Secure deposit, withdrawal, and transfer flows
- Infinite-scroll transaction history
- Profile page and account security page
- Password reset flow
- Password change flow with Django validation
- PDF statement request and download flow
- Staff-only operations dashboard
- Review queue for flagged transactions
- Approve or reject suspicious transfers
- Automatic reversal on rejected flagged transfers
- Wallet freeze and unfreeze actions
- Analytics dashboard with Chart.js visualizations
- Dual-portal separation between client and staff access
- Custom
CustomUsermodel withSTAFFandCLIENTuser types StaffOnlyMixinandClientOnlyMixinaccess control- Atomic balance updates using service-layer logic
- Fraud detection for large or high-frequency transfers
- Session-aware security page showing current session metadata
- Password validation using Django auth validators
- Custom 403 handling with role-aware redirects
| App | Purpose |
|---|---|
accounts |
Authentication, custom user model, profiles, password reset, security/profile pages |
wallet |
Wallet model, transactions, dashboard, deposits, withdrawals, transfers, statements |
operations |
Staff dashboard, fraud review, wallet freeze/unfreeze |
analytics |
Staff analytics dashboards and Chart.js data endpoints |
core |
Settings, root URLs, environment configuration, Celery bootstrap |
| Layer | Technology |
|---|---|
| Backend | Python 3.12, Django 5.2 |
| Database | SQLite for local development, PostgreSQL-ready configuration for production |
| Frontend | Django Templates, HTMX, custom modular CSS, Vanilla JavaScript |
| Auth | Custom email-based CustomUser |
| Async | Celery, Redis |
| Reporting | ReportLab PDF generation |
| Analytics | Chart.js |
| Testing | Pytest, pytest-django, pytest-cov |
| Code Quality | pre-commit, black, flake8, isort |
| Area | Path |
|---|---|
| Role-aware home redirect | / |
| Django admin | /admin/ |
| Accounts | /accounts/ |
| Client wallet portal | /dashboard/ |
| Staff portal | /staff/ |
| Analytics | /analytics/ |
/accounts/login//accounts/register//accounts/profile//accounts/security//dashboard//dashboard/deposit//dashboard/withdraw//dashboard/transfer//dashboard/transactions//dashboard/statement/request//staff/dashboard//analytics/dashboard/
- Python
3.12 - Redis
- virtual environment support
source .env_digital_wallet/bin/activate
./scripts/setup.shpython -m venv .env_digital_wallet
source .env_digital_wallet/bin/activate
pip install -r requirements.txt
pip install -r requirements-dev.txt
cp .env.example .env
pre-commit install
python manage.py migrate --settings=core.settings.dev
python manage.py createsuperuser --settings=core.settings.dev
python manage.py runserver 8500 --settings=core.settings.devThe project reads configuration from .env. Start by copying:
cp .env.example .envMain variables:
SECRET_KEYDEBUGALLOWED_HOSTSDATABASE_URLCELERY_BROKER_URLCELERY_RESULT_BACKEND- optional email settings for password reset workflows
By default:
- local development uses
SQLite - Celery expects Redis at
redis://localhost:6379/0 - email uses Django console backend in
core.settings.dev
source .env_digital_wallet/bin/activate
python manage.py runserver 8500 --settings=core.settings.devOpen:
http://127.0.0.1:8500/
redis-serverRequired for async statement generation:
source .env_digital_wallet/bin/activate
celery -A core worker -l infoIf Redis/Celery are not running, the main application still works, but async PDF statement generation will not complete.
- Create or activate
.env_digital_wallet - Update
.env - Run migrations
- Create a superuser
- Start Django on port
8500 - Start Redis and Celery if you want statement generation
- Run tests before committing
pytestpytest accounts/tests/ -v
pytest wallet/tests/ -v
pytest operations/tests/ -v
pytest analytics/tests/ -v
pytest core/tests/ -vpytest --covpython manage.py check --settings=core.settings.devpre-commit run --all-files
black .
flake8
isort .DigitalWallet/
├── accounts/ # Authentication, user model, profiles, security views
├── analytics/ # Staff analytics dashboard and chart endpoints
├── core/ # Settings, root URLs, Celery app bootstrap
├── operations/ # Staff dashboard and fraud review tools
├── scripts/ # Setup, git workflow, manual helper scripts
├── static/ # CSS, JS, frontend assets
├── templates/ # Base templates, snippets, account/wallet/staff pages
├── wallet/ # Wallet models, services, views, PDF tasks
├── .env.example # Example environment configuration
├── manage.py
├── requirements.txt
└── requirements-dev.txt
- deposits, withdrawals, and transfers are handled through service-layer functions
- transfers isolate funds during fraud review to prevent double-spending problems
- rejected flagged transfers automatically reverse funds back to the sender
The fraud engine currently flags suspicious transfers based on rules such as:
- transfer amounts above the configured high-risk threshold
- unusually high transaction frequency
Flagged transfers are routed to the staff dashboard for manual review.
- statements are generated asynchronously
- progress is exposed through task status polling
- completed statements can be downloaded after ownership verification
- superusers are directed to Django admin
- staff users are directed to the staff dashboard
- client users are directed to the wallet dashboard
- unauthorized cross-portal access returns a custom 403 experience
This project uses helper scripts for phase-oriented workflow:
scripts/git-phase-commit.shscripts/git-phase-merge.sh
Role-based commit identities supported by the commit script:
dev→ Qwen-Coderconsult→ Gemini-CLIreview→ OpenAI-Codexmgr→ Ahmad
Example:
./scripts/git-phase-commit.sh 8 "Title" "Description" reviewThis repository documents a multi-agent workflow in Constitution_Digital_Wallet.md.
Primary roles:
- Ahmad: manager and final approver
- Qwen: implementation-focused developer AI
- Gem: consultant AI for architecture and planning
- Cod: reviewer AI for regression detection, verification, and support fixes
All AI-generated work is still expected to follow the same branch, testing, and approval rules as any other contribution.
- application architecture
- authentication and portal separation
- wallet engine and transaction workflows
- HTMX dashboard behavior
- fraud review tooling
- analytics
- async PDF statement generation
- local development workflow
- automated tests and quality tooling
- production deployment
- paid hosting rollout
- final infrastructure spend
This repository can still serve as a strong local demonstration, portfolio project, and reference implementation for secure Django wallet workflows.
If you want to present the project locally, the fastest path is:
- Run migrations and create a superuser
- Start Django on port
8500 - Start Redis and Celery
- Create a client account
- Demonstrate deposit, withdrawal, transfer, and transaction history
- Trigger a flagged transfer
- Review it from the staff dashboard
- Open analytics
- Request and download a PDF statement
- Constitution_Digital_Wallet.md
- .env.example
- scripts/setup.sh
- scripts/git-phase-commit.sh
- scripts/git-phase-merge.sh
This repository is licensed under the terms of the included LICENSE.