HSHaloShop README
ImplementationOwnerPOS

Public Project README

This page is the public functional README for HaloShop. It describes architecture, page map, data flow, API contracts, UI system, and implementation direction for the new stack.

Last updated: 2026-05-21

1. Product Scope

HaloShop is a multi-tenant restaurant operations platform. One owner account can manage multiple shops. Each operational module is isolated by active shop context.

2. Stack and Deployment

  • Frontend: Next.js (App Router)
  • Backend: Go HTTP API
  • Database: PostgreSQL
  • Public URL: https://resto-manager.halomoan.id
  • Frontend port: 10001, API port: 10002
  • Nginx reverse proxy + HTTPS certificate

3. UI and Design System

  • Owner area uses Soft UI / Neumorphism with premium rounded cards and soft shadows.
  • POS area uses mobile-first tablet interaction with large touch targets.
  • Landing page uses modern marketing layout with stronger hierarchy and quick entry points.
  • Role-based style guide is enforced in implementation docs and route groups.

4. Public Page Map

Owner / General

  • /
  • /owner
  • /owner/register
  • /owner/login
  • /owner/shops/new
  • /owner/staff
  • /implementation-phase
  • /readme

POS

  • /pos

5. Authentication Flow (Current and Target)

  • Current code path is prepared for Google-only owner authentication.
  • Frontend login/register pages render Google Sign-In button component.
  • Backend verifies Google ID token and issues platform JWT.
  • Password register/login endpoints are intentionally disabled.
  • Required env: GOOGLE_CLIENT_ID and NEXT_PUBLIC_GOOGLE_CLIENT_ID.

6. Owner Flow

  • Owner authenticates with Google and gets JWT stored in browser localStorage.
  • Owner creates one or more shops.
  • Owner manages staff per selected shop (create, list, edit, deactivate).
  • API enforces owner-to-shop ownership checks for every staff operation.

7. POS Flow (Current)

  • POS page demonstrates tablet-first order-taking UI pattern.
  • Menu grid allows quick item taps.
  • Cart updates quantity and running total.
  • Payment panel and table selection are integrated in one fast layout.

8. API Endpoints

  • GET /health
  • GET /api/v1
  • POST /api/v1/auth/google
  • POST /api/v1/auth/register-owner (disabled: returns gone)
  • POST /api/v1/auth/login (disabled: returns gone)
  • GET /api/v1/shops
  • POST /api/v1/shops
  • GET /api/v1/staff?shop_id=:id
  • POST /api/v1/staff
  • PATCH /api/v1/staff
  • DELETE /api/v1/staff?id=:staffId&shop_id=:shopId

9. Data Model Overview

  • owners: owner account identity and auth subject
  • shops: shops linked to owners (tenant root)
  • shop_users: staff members per shop
  • schema_migrations: applied migration tracking

10. Tenant Isolation Rules

  • All operational records must be tied to a specific shop.
  • Owner can only access shops they own.
  • Staff endpoints validate owner-shop relation before mutate/read.
  • This model is baseline for attendance, leave, inventory, and menu modules.

11. What Is Already Implemented

  • Owner + shop core lifecycle
  • Staff lifecycle (create/list/update/deactivate)
  • Role-split UI (Owner Soft UI + POS Tablet UI)
  • Public implementation tracker page
  • Landing redesign
  • Production deployment automation and HTTPS routing

12. Next Implementation Steps

  • Finalize Google-only auth go-live with server env configuration
  • Attendance module end-to-end
  • Leave request and approval module
  • Material/inventory and purchase workflows
  • Menu and recipe management
  • Dashboard analytics and paginated tables