# Pick'n'Play

Pick'n'Play is a .NET 10 ASP.NET Core Minimal API app with a static HTML/CSS/JS frontend and SQLite persistence.

## Quick Start

1. Restore and build:
   `dotnet build GameList.sln`
2. Run tests:
   `dotnet test GameList.Tests/GameList.Tests.csproj`
3. Run locally:
   `dotnet run --project GameList.csproj`
4. Open:
   `http://localhost:5000` (or the URL shown by `dotnet run`)

## Frontend Tooling

- Install tooling: `npm install`
- Lint JS: `npm run lint`
- Check formatting: `npm run format:check`
- Apply formatting: `npm run format`

## Core Behavior

- Authentication: username/password with HttpOnly `player` cookie.
- Admin authorization: authenticated account with `IsAdmin=true`.
- Gameplay phases: `Suggest`, `Vote`, `Results`.
- Backward movement: admins can move backward; players can move `Vote -> Suggest` only when granted a one-time back pass.
- Storage: SQLite database under `App_Data/gamelist.db`.
- Sensitive admin actions (`reset`, `factory-reset`, player deletion) require admin password confirmation.

## Module Ownership

- `Program.cs`: startup wiring, middleware order, route registration.
- `Endpoints/`: HTTP endpoint transport + request orchestration.
- `Infrastructure/`: filters, middleware, identity helpers.
- `Data/`: EF Core `DbContext` and migrations.
- `Domain/`: entities and enums.
- `Contracts/`: request/response DTOs.
- `wwwroot/`: static frontend assets.
- `GameList.Tests/`: integration and helper tests.
- `scripts/`: deployment scripts.

## Operations

- API surface and endpoint contract: `API.md`
- Product/feature expectations: `SPEC.md`
- IIS deployment notes: `IIS.md`
- Test strategy details: `TESTS.md`

## CI

GitHub Actions workflow: `.github/workflows/ci.yml`

- Restores dependencies
- Runs frontend lint and format checks
- Builds with warnings treated as errors
- Runs `GameList.Tests`