Skip to content

lahirusanjika/POS-System

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
leche-lush-pos
leche-lush-pos
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

🍰 Leche Lush POS System

A complete, professional Point of Sale system built specifically for Leche Lush dessert cafe.

🚀 Features

Cashier (POS Screen)

  • Browse products by category
  • Add items with custom toppings/add-ons
  • Adjust quantities in cart
  • Cash & card payment with change calculator
  • Pre-order support with pickup date
  • Add order notes
  • Print receipts

Admin Panel

  • Dashboard — Real-time sales stats, revenue charts, top products & toppings
  • Products — Add, edit, delete, toggle availability
  • Toppings — Manage add-ons and prices
  • Orders — View all orders with full details, cancel orders
  • Staff — Manage cashier and admin accounts
  • Categories — Add, edit, delete product categories

🛠 Tech Stack

Layer Technology
Frontend React.js 18
Backend Node.js + Express
Database MySQL 8
Auth JWT (12h expiry)
Charts Recharts
Styling Custom CSS

🔒 Security

  • JWT-based authentication with 12-hour token expiry
  • Bcrypt password hashing (10 rounds)
  • Role-based access control — admin and cashier roles
  • Admin-only routes protected server-side via middleware
  • Rate limiting on the login endpoint (10 requests / 15 min per IP)
  • Server prices validated on every order (client prices are ignored)
  • helmet security headers enabled
  • CORS restricted to configured frontend origin
  • Server refuses to start if JWT_SECRET is missing

⚙️ Setup Instructions

1. Requirements

  • Node.js 18+
  • MySQL 8+

2. Database Setup

mysql -u root -p < backend/database.sql

3. Backend .env

Create backend/.env based on backend/.env.example:

DB_HOST=localhost
DB_USER=root
DB_PASSWORD=yourpassword
DB_NAME=leche_lush_pos
JWT_SECRET=your_strong_random_secret
FRONTEND_URL=http://localhost:3000
PORT=5000

⚠️ JWT_SECRET is required — the server will refuse to start without it.

4. Install & Run

# From leche-lush-pos/
npm run install:all

# Seed default users, products & toppings:
cd backend && node seed.js

# Start backend (dev):
npm run dev:backend

# Start frontend (dev):
npm run dev:frontend

🔐 Default Login Credentials

Role Username Password
Admin admin admin123
Cashier cashier admin123

⚠️ Change passwords immediately after first login via the Admin panel or the change-password endpoint.

📁 Project Structure

leche-lush-pos/
├── package.json
├── backend/
│   ├── src/
│   │   ├── controllers/
│   │   │   ├── authController.js
│   │   │   ├── categoryController.js
│   │   │   ├── orderController.js
│   │   │   ├── productController.js
│   │   │   ├── reportController.js
│   │   │   ├── toppingController.js
│   │   │   └── userController.js
│   │   ├── middleware/
│   │   │   └── auth.js
│   │   ├── routes/
│   │   │   └── index.js
│   │   ├── db.js
│   │   └── server.js
│   ├── database.sql
│   ├── seed.js
│   ├── .env.example
│   └── package.json
│
└── frontend/
    ├── public/
    │   └── index.html
    └── src/
        ├── pages/
        │   ├── LoginPage.js
        │   ├── POSPage.js
        │   └── admin/
        │       ├── AdminLayout.js
        │       ├── DashboardPage.js
        │       ├── ProductsPage.js
        │       ├── CategoriesPage.js
        │       ├── ToppingsPage.js
        │       ├── OrdersPage.js
        │       └── UsersPage.js
        ├── components/
        │   ├── ToppingModal.js
        │   └── ReceiptModal.js
        ├── context/
        │   └── AuthContext.js
        ├── api.js
        ├── index.css
        ├── App.js
        └── index.js

🌐 API Endpoints

All endpoints require a valid Authorization: Bearer <token> header unless noted.

Auth

Method Endpoint Auth Description
POST /api/auth/login None Login and receive JWT
PUT /api/auth/change-password User Change own password

Categories

Method Endpoint Auth Description
GET /api/categories User List all categories
POST /api/categories Admin Create category
PUT /api/categories/:id Admin Update category
DELETE /api/categories/:id Admin Delete category

Products

Method Endpoint Auth Description
GET /api/products User All products
GET /api/products/available User Available products only
POST /api/products Admin Add product
PUT /api/products/:id Admin Update product
PATCH /api/products/:id/toggle Admin Toggle availability
DELETE /api/products/:id Admin Delete product

Toppings

Method Endpoint Auth Description
GET /api/toppings User All toppings
GET /api/toppings/available User Available only
POST /api/toppings Admin Add topping
PUT /api/toppings/:id Admin Update topping
PATCH /api/toppings/:id/toggle Admin Toggle availability
DELETE /api/toppings/:id Admin Delete topping

Orders

Method Endpoint Auth Description
POST /api/orders User Create order
GET /api/orders User List orders (supports ?date= & ?status=)
GET /api/orders/:id User Order details with items
PATCH /api/orders/:id/cancel User Cancel order (own orders only; admin can cancel any)

Reports

Method Endpoint Auth Description
GET /api/reports/daily?date=YYYY-MM-DD Admin Daily summary
GET /api/reports/weekly Admin Last 7 days breakdown
GET /api/reports/monthly?year=YYYY&month=MM Admin Monthly summary

Users

Method Endpoint Auth Description
GET /api/users Admin List all staff
POST /api/users Admin Create staff account
PUT /api/users/:id Admin Update staff account
DELETE /api/users/:id Admin Delete staff account

💼 Built For

Leche Lush — 475/B, Athurugiriya Road, Malabe, Sri Lanka

Built with ❤️ — Professional POS System v1.1.0

About

Full-stack POS system for Leche Lush — React, Node.js, Express & MySQL with JWT auth.

Topics

react nodejs javascript mysql jwt express rest-api full-stack point-of-sale possystem

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages