1. Font consistency: add Noto Sans as fallback for both display and body
fonts so Greek characters render in the same visual weight as Latin
2. Category panel gradients: reduce top opacity 0.85 → 0.65 (20% less)
3. Mobile full-width: remove max-w cap on mobile; sm:max-w-[960px] on
desktop (2× wider than before); shadow only on sm+ breakpoint
4. Smaller Add button (h-9→h-8, text-13→12) and price (22px→18px)
5. More spacing between description and footer hairline (pt-3 mt-3)
6. Square hero image in product detail sheet (aspect-square instead of h-44)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Rebuild the public-facing digital menu from the design handoff bundle.
Matches high-fidelity spec: Bricolage Grotesque + Hanken Grotesk fonts,
cream/green/gold palette, per-category tinted panels, product cards with
gradient art, tag icon badges, bottom-sheet product detail, search overlay,
cart → checkout bottom-sheet flow posting to real API, floating cart button
with bump animation, and restyled order-confirm page.
- New: src/components/primitives.jsx (DishArt, Badge, DietChip, TagIcons,
Price, DiscountFlag, Stepper, price helpers)
- Rewrite: MenuPage.jsx — all screens in one component tree, API-driven,
lang toggle (EN/GR) persisted to localStorage, scroll-spy category bar
- Rewrite: OrderConfirm.jsx — design-system styling, brand colors
- Update: App.jsx — remove /order route (cart flow is now a bottom sheet)
- Update: tailwind.config.js — font families, brand tokens, animations
- Update: index.html — Google Fonts for Bricolage Grotesque + Hanken Grotesk
- Delete: CartPage, ProductModal, ProductCard, CategoryNav, CartButton
Cart checkout POSTs to real submitOrder API and redirects to /confirm/:ref
for live order status polling. Restaurant info falls back to hardcoded
placeholder until backend includes it in the fetchMenu response (see
REWORK_REVISIT.md).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The sysadmin panel URL uses site.site_id (UUID string) not site.id (int PK).
All manager account endpoints were querying/expecting the integer PK — none matched.
- GET /by-site/{site_id}: param type str, filter by Site.site_id
- POST /register: site_ids type list[str], query Site.site_id.in_()
- DELETE /site-access: site_id type str, query Site.site_id
- schemas/manager.py: ManagerRegisterRequest.site_ids list[int] → list[str]
- SiteDetailPage.jsx: remove Number() casts on siteId in add/remove calls
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds a "Site data: X min ago" line derived from snapshot.snapshot_taken_at
so managers can see how fresh the stats snapshot is.
All other Part 5 items (menu-app api.js, OrderConfirm polling, manager-app
api.js, IncomingOrdersPage 15s poll + OrderCard actions) were already fully
implemented in the existing scaffolding.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Install qrcode.react in sysadmin_panel
- Add QR Codes section above Remote Managers with two codes side by side:
Menu QR (https://yourdomain.com/menu/{site_id}) and
Order QR (https://yourdomain.com/menu/{site_id}/order)
- Each card shows the URL as copyable text and a Download PNG button
- Uses site.site_id as the slug (no slug field exists on the Site model)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Backend (manager_auth.py):
- register: upsert instead of 409 — if email exists, just add site access
- GET /api/manager/by-site/{site_id}: list managers linked to a site (admin auth)
- DELETE /api/manager/site-access: remove a manager's access to a site (admin auth)
Sysadmin API client:
- getManagersBySite, addManagerToSite, removeManagerSiteAccess
SiteDetailPage.jsx:
- Remote Managers section: lists all linked managers with email, name, active badge
- Add Manager modal: email + full name + password form (password ignored if account exists)
- Remove access button with optimistic removal from list
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
connect_frontend/Dockerfile
Multi-stage build: node:20-alpine builds both menu-app and
manager-app in parallel stages, then nginx:alpine serves both
dist folders under /menu and /manage respectively.
VITE_CLOUD_URL passed as build arg so the API URL is baked
in at build time (standard Vite pattern).
connect_frontend/nginx-connect.conf
Single nginx server block:
/menu/ → /usr/share/nginx/html/menu (SPA fallback)
/manage/ → /usr/share/nginx/html/manage (SPA fallback)
/health → 200 ok
nginx-connect.conf
Kept at cloud-service root for reference / standalone use.
docker-compose.yml
connect_frontend service added:
- build context: ./connect_frontend
- VITE_CLOUD_URL passed from root .env
- port 3100:80
- depends_on cloud_backend
Individual Dockerfiles also added to menu-app/ and manager-app/
for standalone builds if needed.
To deploy:
docker compose build connect_frontend
docker compose up -d connect_frontend
Public menu: http://<host>:3100/menu/<site_slug>
Manager app: http://<host>:3100/manage/
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
SQLAlchemy couldn't resolve the string 'Site' in ManagerAccount's
relationship() at query time because Site wasn't guaranteed to be
imported first. Adding the explicit import ensures the mapper is
configured correctly regardless of import order.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Same fix as manager_auth — OAuth2PasswordBearer was showing an OAuth2
form in Swagger instead of a plain Bearer token input, causing
'Not authenticated' when testing via the docs.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
OAuth2PasswordBearer caused Swagger UI to show a username/password/
client_id form instead of a simple token input, making the docs
unusable for testing. HTTPBearer shows a plain 'Bearer token' field,
consistent with how the local_backend handles auth.
No runtime behaviour change — token extraction is identical.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The default sqlite:////app/data/cloud.db path only works inside Docker.
On Windows, Controlled Folder Access blocks writes to arbitrary paths.
Now mirrors the same pattern as local_backend/config.py:
- Windows: %LOCALAPPDATA%/xenia_cloud/cloud.db (always writable)
- Linux/Docker: next to main.py (overridden by DATABASE_URL in .env)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Two Vite + React 18 + Tailwind apps under connect_frontend/.
Both use React Router v6, Axios, react-hot-toast, and Lucide icons.
Neither uses localStorage — tokens live in sessionStorage (manager-app)
or component state (menu-app cart).
── menu-app (public menu + ordering) ──────────────────────────────
Routing (basename /menu):
/:siteSlug → MenuPage
/:siteSlug/order → CartPage
/:siteSlug/confirm/:ref → OrderConfirm
Pages:
MenuPage — fetches menu snapshot, category nav tabs, product
cards; floating CartButton; opens ProductModal
ProductModal — quantity picker, quick-option toggles, price/discount
display, "Add to order" with line total
CartPage — order type selector (dine_in/delivery), customer
details form, cart summary, submits to cloud API
OrderConfirm — polls GET /api/orders/status/:ref every 10s;
renders status icon + label; stops polling on
terminal states (delivered/rejected)
Components:
CategoryNav — horizontal scrollable pill tabs
ProductCard — image, name, description, price with discount badge;
greyed + "Out of stock" badge when unavailable
CartButton — fixed bottom bar with item count + total
── manager-app (remote dashboard) ─────────────────────────────────
Routing (basename /manage):
/login → LoginPage
/ → SiteSelectorPage (auto-navigates if one site)
/:siteId → DashboardPage
/:siteId/orders → IncomingOrdersPage
/:siteId/orders/history → OrderHistoryPage
/:siteId/orders/:id → OrderDetailPage
RequireAuth wrapper redirects to /login if no sessionStorage token
Pages:
LoginPage — email/password → POST /api/manager/login;
stores JWT in sessionStorage
SiteSelectorPage — lists accessible venues; auto-selects if one
DashboardPage — polls snapshot + pending orders every 15s;
2×2 stat grid + pending order list
IncomingOrdersPage — polls pending orders every 15s; order cards
OrderDetailPage — full order detail; Accept/Reject with optional
rejection reason; lifecycle progression buttons
(Preparing → Ready → Delivered etc.)
OrderHistoryPage — all orders with status filter tabs
Components:
RequireAuth — route guard using sessionStorage token
StatCard — labelled metric tile
StatusBadge — colour-coded status pill
OrderCard — summary card linking to OrderDetailPage
(no OrderCard uses useParams to get siteId for nav — wired correctly)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Local backend needs the cloud DB integer PK to call Connect API
endpoints (menu sync, order pending poll). Heartbeat is the only
authenticated channel available at startup, so we piggyback the id
there rather than adding a new endpoint.
Changes:
- schemas/site.py: site_numeric_id: int | None added to HeartbeatResponse
- routers/heartbeat.py: site_numeric_id=site.id included in response
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds four new routers, three schema files, and one new model.
All new endpoints use new URL prefixes — no existing routes touched.
routers/menu.py
GET /api/menu/{site_slug} — public menu snapshot (no auth)
POST /api/menu/sync — upsert snapshot (site API key)
routers/orders.py
POST /api/orders/{site_slug} — customer places order (public)
GET /api/orders/status/{public_ref} — customer tracks order (public)
GET /api/orders/pending/{site_id} — local backend polls (site key)
POST /api/orders/{id}/synced — mark synced (site key)
PATCH /api/orders/{id}/status — update status with transition
validation (site key)
routers/manager_auth.py
POST /api/manager/register — create manager account (admin JWT)
POST /api/manager/login — returns manager JWT
POST /api/manager/refresh — refreshes manager JWT
Shared _get_current_manager dependency used by remote_dashboard
routers/remote_dashboard.py
GET /api/remote/sites — manager JWT
GET /api/remote/sites/{id}/snapshot — manager JWT
GET /api/remote/sites/{id}/orders — manager JWT
GET /api/remote/sites/{id}/orders/pending — manager JWT
PATCH /api/remote/sites/{id}/orders/{oid}/status — manager JWT
POST /api/remote/snapshot — site API key
(stats push)
models/stats_snapshot.py (NEW)
stats_snapshots table — one row per site, holds serialized
operational stats; created by create_all on startup
config.py / .env.example
MANAGER_JWT_SECRET and MANAGER_JWT_EXPIRE_HOURS (default 72h)
added as separate settings from the admin SECRET_KEY
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds three new tables created automatically by create_all on next
startup, plus an additive migration for an existing table:
models/menu_snapshot.py (NEW)
- menu_snapshots: one row per site, holds the full serialized
category+product JSON; upserted on each sync from local_backend
models/online_order.py (NEW)
- online_orders: full order lifecycle from customer submission
through delivery; tracks sync state so local_backend can poll
for unprocessed orders (synced_to_local=0)
models/manager_account.py (NEW)
- manager_accounts + manager_site_access (M2M join table): remote
manager login accounts with per-site access control
models/site.py (MODIFIED)
- order_counter column added; incremented atomically when each
online order is created to generate "ORD-XXXX" public_ref values
main.py (MODIFIED)
- imports all three new models so create_all registers their tables
- _run_migrations() added (same pattern as local_backend) for the
additive order_counter column on the existing sites table
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Site model: add waiter_domain and last_seen_local_ip columns
- HeartbeatRequest: accept optional local_ip field from local backend
- HeartbeatResponse: return waiter_domain to local backend
- heartbeat router: persist local_ip on each check-in
- SiteDetailPage: show Public IP / Local IP separately, add Waiter Domain
card with inline edit modal
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>