# Financial

PHP based personal finance service for accounts, transactions, categories, installments, loans, recurring transactions, and merchant classification rules.

## Main Features

- Server-rendered authenticated screens for personal finance data.
- Account, transaction, installment, loan, recurring transaction, and merchant rule management.
- CSRF protected form POST workflows.
- Category suggestion API based on merchant rules and confidence.

## Main APIs

- `public/api/category_suggest.php`
- Standard authenticated form POST save flows.

## Structure

- `app/config/database.php`: DB config bridge.
- `app/lib/auth.php`: authentication, remember token, CSRF, and no-store headers.
- `app/lib/*_service.php`: domain services.
- `public/*.php`: screens and form handlers.

## Secrets

DB credentials are loaded from `/home/seo/secret/financial.php`. Do not commit that file.

## Security

- Uses login sessions and remember tokens.
- POST forms validate CSRF tokens.
- Personal financial responses should remain private and no-store.