Add Oudelaa dashboard API integration

oudelaa_dashboard/README.md

@@ -0,0 +1,89 @@
+# Oudelaa SuperAdmin Dashboard
+
+Next.js dashboard for SuperAdmin operations only.
+
+## Run
+
+```bash
+npm install
+npm run dev
+```
+
+## Environment
+
+Set the backend base URL in `.env.local`:
+
+```env
+NEXT_PUBLIC_API_BASE_URL=http://127.0.0.1:4001/api/v1
+API_BASE_URL=http://127.0.0.1:4001/api/v1
+```
+
+For LAN/mobile testing, use the machine IP instead of `127.0.0.1`, for example:
+
+```env
+NEXT_PUBLIC_API_BASE_URL=http://192.168.1.12:4001/api/v1
+API_BASE_URL=http://192.168.1.12:4001/api/v1
+```
+
+The dashboard uses the internal proxy route at `app/api/proxy/[...path]/route.ts`, so the browser never calls the Nest API directly.
+
+## Authentication Contract
+
+- Login: `POST /auth/superadmin/login`
+- Refresh: `POST /auth/superadmin/refresh`
+- Logout: `POST /auth/superadmin/logout`
+- Sessions: `GET /auth/superadmin/sessions`
+- Revoke session: `POST /auth/superadmin/sessions/:sessionId/revoke`
+
+This dashboard must not depend on user-token routes unless the backend exposes a dedicated `admin` or `superadmin` variant for the same data.
+
+## Implemented Pages
+
+- `/dashboard`: executive overview
+- `/users`: SuperAdmin user management with search, pagination, and profile overview
+- `/analytics`: platform metrics snapshot
+- `/content`: post and comment moderation
+- `/marketplace`: listing and repair-shop moderation
+- `/notifications`: platform notifications center
+- `/messages`: interaction follow-up view
+- `/security`: session management and audit log
+- `/settings`: live operational settings, connection info, and session controls
+- `/orders`: marketplace operations queue
+
+## Key Frontend Contracts
+
+- Users:
+  - `GET /users/admin`
+  - `GET /users/admin/admins`
+  - `GET /users/admin/discover`
+  - `GET /users/admin/:id/profile-overview`
+- Content moderation:
+  - `GET /posts/admin/moderation`
+  - `DELETE /posts/admin/:postId`
+  - `GET /comments/admin`
+  - `DELETE /comments/admin/:commentId`
+- Marketplace moderation:
+  - `GET /marketplace/superadmin/listings`
+  - `PATCH /marketplace/superadmin/listings/:id/status`
+  - `DELETE /marketplace/superadmin/listings/:id`
+  - `GET /marketplace/superadmin/repair-shops`
+  - `PATCH /marketplace/superadmin/repair-shops/:id/status`
+  - `DELETE /marketplace/superadmin/repair-shops/:id`
+- Platform monitoring:
+  - `GET /notifications/superadmin`
+  - `GET /audit/superadmin/logs`
+  - `GET /superadmin/overview`
+  - `GET /superadmin/charts`
+  - `GET /superadmin/recent-activity`
+  - `GET /superadmin/reports`
+  - `GET /superadmin/settings`
+  - `PATCH /superadmin/settings`
+  - `PATCH /superadmin/posts/:id/status`
+  - `PATCH /superadmin/comments/:id/status`
+  - `PATCH /superadmin/users/:id/status`
+
+## Notes
+
+- The dashboard stores SuperAdmin session tokens in secure `httpOnly` cookies through the internal proxy route.
+- `AuthGuard` attempts refresh when the access token is expired.
+- Marketplace and content pages assume the backend pagination contract returns a `pagination` object.