Documentation

Navigation

Getting Started

Welcome to Devy. Follow these steps to set up your instance:

  1. Upload the project files to your hosting provider
  2. Create a MySQL/MariaDB database
  3. Navigate to /install.php in your browser
  4. Follow the 5-step installer wizard
  5. Set up a cron job: * * * * * php /path/to/cron.php
  6. Log in as the platform admin
Requirements: PHP 8.0+, MySQL 5.7+ / MariaDB 10.3+, mod_rewrite enabled, extensions: mysqli, openssl, mbstring, json, curl.

Authentication

The platform supports multiple authentication methods:

  • Email + Password — Standard login with bcrypt hashing (cost 12)
  • Two-Factor (TOTP) — Time-based one-time passwords via authenticator apps
  • Recovery Codes — 8 one-time recovery codes generated with 2FA setup
  • Invite Links — Token-based invitation with automatic email verification
Session Security

Sessions are hardened with httponly, samesite=Lax, and automatic regeneration. IP and user agent are tracked per session.

API Overview

All API endpoints return JSON and require authentication via session cookie or API token.

GET /api/v1/people?page=1&per_page=25
POST /api/v1/people
PUT /api/v1/people/{id}
DELETE /api/v1/people/{id}

All POST/PUT/DELETE requests require a CSRF token in the X-CSRF-Token header.

Webhooks

The platform processes Stripe webhooks at /api/stripe/webhook. Configure your Stripe webhook endpoint to point here. Supported events:

  • checkout.session.completed
  • customer.subscription.updated
  • customer.subscription.deleted
  • invoice.paid
  • invoice.payment_failed
  • account.updated (Connect)

Multi-Tenancy

The platform uses single-database multi-tenancy with a tenant_id column on all tenant-scoped tables. The tenant_scope() helper automatically adds the WHERE clause.

// Always use tenant_scope() for queries
$people = $s->query("SELECT * FROM people WHERE " . tenant_scope());

Custom Fields

Custom fields can be added to any entity (people, tenants, etc.) via the admin panel. Supported types: text, number, date, select, checkbox, url, email, textarea.

Email Templates

Templates are stored in the database and editable via the Platform Admin panel. Use {{variable}} syntax for placeholders:

Hello {{first_name}},
Welcome to {{app_name}}!
Verify: {{verify_link}}

Deployment

Designed for shared hosting environments. No Docker, Composer, or CLI required.

  1. Upload via FTP/SFTP
  2. Point your domain to the project root
  3. Ensure .htaccess / mod_rewrite is enabled
  4. Run the installer at /install.php
  5. Set up the cron job for background tasks
  6. Configure Stripe keys in Platform Settings