sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(customers): migrate routes to module with auto-discovery

Browse Source 
- Move customer route implementations to app/modules/customers/routes/
- Convert legacy app/api/v1/{admin,vendor}/customers.py to re-exports
- Update router registrations to use module routers with access control
- Fix CustomerListResponse pagination (page/per_page/total_pages)
- Update URL routing docs to use storefront consistently
- Fix mkdocs.yml nav references (shop -> storefront)
- Fix broken doc links in logging.md and cdn-fallback-strategy.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-01-30 23:24:10 +01:00
parent 7245f79f7b
commit e0b69f5a7d
10 changed files with 533 additions and 444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
docs/architecture/url-routing/overview.md
View File

@@ -2,37 +2,37 @@
## Quick Answer
**How do customers access a vendor's shop in Wizamart?**
**How do customers access a vendor's storefront in Wizamart?**
There are three ways depending on the deployment mode:
**⚠️ Important:** This guide describes **customer-facing shop routes**. For vendor dashboard/management routes, see [Vendor Frontend Architecture](../../frontend/vendor/architecture.md). The shop uses `/vendors/{code}/shop/*` (plural) in path-based mode, while the vendor dashboard uses `/vendor/{code}/*` (singular).
**⚠️ Important:** This guide describes **customer-facing storefront routes**. For vendor dashboard/management routes, see [Vendor Frontend Architecture](../../frontend/vendor/architecture.md). The storefront uses `/vendors/{code}/storefront/*` (plural) in path-based mode, while the vendor dashboard uses `/vendor/{code}/*` (singular).
### 1. **SUBDOMAIN MODE** (Production - Recommended)
```
https://VENDOR_SUBDOMAIN.platform.com/shop/products
https://VENDOR_SUBDOMAIN.platform.com/storefront/products
Example:
https://acme.wizamart.com/shop/products
https://techpro.wizamart.com/shop/categories/electronics
https://acme.wizamart.com/storefront/products
https://techpro.wizamart.com/storefront/categories/electronics
```
### 2. **CUSTOM DOMAIN MODE** (Production - Premium)
```
https://VENDOR_CUSTOM_DOMAIN/shop/products
https://VENDOR_CUSTOM_DOMAIN/storefront/products
Example:
https://store.acmecorp.com/shop/products
https://shop.techpro.io/shop/cart
https://store.acmecorp.com/storefront/products
https://shop.techpro.io/storefront/cart
```
### 3. **PATH-BASED MODE** (Development Only)
```
http://localhost:PORT/vendors/VENDOR_CODE/shop/products
http://localhost:PORT/platforms/PLATFORM_CODE/vendors/VENDOR_CODE/storefront/products
Example:
http://localhost:8000/vendors/acme/shop/products
http://localhost:8000/vendors/techpro/shop/checkout
http://localhost:8000/platforms/oms/vendors/acme/storefront/products
http://localhost:8000/platforms/loyalty/vendors/techpro/storefront/checkout
```
---
@@ -51,7 +51,9 @@ Wizamart supports multiple platforms (OMS, Loyalty, Site Builder), each with its
| `/about` | Main marketing site about page |
| `/platforms/oms/` | OMS platform homepage |
| `/platforms/oms/pricing` | OMS platform pricing page |
| `/platforms/oms/vendors/{code}/` | Vendor storefront on OMS |
| `/platforms/oms/vendors/{code}/storefront/` | Vendor storefront on OMS |
| `/platforms/oms/admin/` | Admin panel for OMS platform |
| `/platforms/oms/vendor/{code}/` | Vendor dashboard on OMS |
| `/platforms/loyalty/` | Loyalty platform homepage |
| `/platforms/loyalty/features` | Loyalty platform features page |
@@ -63,9 +65,45 @@ Wizamart supports multiple platforms (OMS, Loyalty, Site Builder), each with its
| `wizamart.lu/about` | Main marketing site about page |
| `oms.lu/` | OMS platform homepage |
| `oms.lu/pricing` | OMS platform pricing page |
| `oms.lu/vendors/{code}/` | Vendor storefront on OMS |
| `oms.lu/admin/` | Admin panel for OMS platform |
| `oms.lu/vendor/{code}/` | Vendor dashboard on OMS |
| `https://mybakery.lu/storefront/` | Vendor storefront (vendor's custom domain) |
| `loyalty.lu/` | Loyalty platform homepage |
**Note:** In production, vendors configure their own custom domains for storefronts. The platform domain (e.g., `oms.lu`) is used for admin and vendor dashboards, while storefronts use vendor-owned domains.
### Quick Reference by Platform
#### For "oms" Platform
```
Dev:
Platform: http://localhost:8000/platforms/oms/
Admin: http://localhost:8000/platforms/oms/admin/
Vendor: http://localhost:8000/platforms/oms/vendor/{vendor_code}/
Storefront: http://localhost:8000/platforms/oms/vendors/{vendor_code}/storefront/
Prod:
Platform: https://oms.lu/
Admin: https://oms.lu/admin/
Vendor: https://oms.lu/vendor/{vendor_code}/
Storefront: https://mybakery.lu/storefront/ (vendor's custom domain)
```
#### For "loyalty" Platform
```
Dev:
Platform: http://localhost:8000/platforms/loyalty/
Admin: http://localhost:8000/platforms/loyalty/admin/
Vendor: http://localhost:8000/platforms/loyalty/vendor/{vendor_code}/
Storefront: http://localhost:8000/platforms/loyalty/vendors/{vendor_code}/storefront/
Prod:
Platform: https://loyalty.lu/
Admin: https://loyalty.lu/admin/
Vendor: https://loyalty.lu/vendor/{vendor_code}/
Storefront: https://myrewards.lu/storefront/ (vendor's custom domain)
```
### Platform Routing Logic
```
@@ -100,10 +138,10 @@ Request arrives
| Platform | Code | Dev URL | Prod Domain |
|----------|------|---------|-------------|
| Main Marketing | `main` | `localhost:9999/` | `wizamart.lu` |
| OMS | `oms` | `localhost:9999/platforms/oms/` | `oms.lu` |
| Loyalty | `loyalty` | `localhost:9999/platforms/loyalty/` | `loyalty.lu` |
| Site Builder | `site-builder` | `localhost:9999/platforms/site-builder/` | `sitebuilder.lu` |
| Main Marketing | `main` | `localhost:8000/` | `wizamart.lu` |
| OMS | `oms` | `localhost:8000/platforms/oms/` | `oms.lu` |
| Loyalty | `loyalty` | `localhost:8000/platforms/loyalty/` | `loyalty.lu` |
| Site Builder | `site-builder` | `localhost:8000/platforms/site-builder/` | `sitebuilder.lu` |
**See:** [Multi-Platform CMS Architecture](../multi-platform-cms.md) for content management details.
@@ -113,23 +151,23 @@ Request arrives
### 1. SUBDOMAIN MODE (Production - Recommended)
**URL Pattern:** `https://VENDOR_SUBDOMAIN.platform.com/shop/...`
**URL Pattern:** `https://VENDOR_SUBDOMAIN.platform.com/storefront/...`
**Example:**
- Vendor subdomain: `acme`
- Platform domain: `wizamart.com`
- Customer Shop URL: `https://acme.wizamart.com/shop/products`
- Product Detail: `https://acme.wizamart.com/shop/products/123`
- Customer Storefront URL: `https://acme.wizamart.com/storefront/products`
- Product Detail: `https://acme.wizamart.com/storefront/products/123`
**How It Works:**
1. Customer visits `https://acme.wizamart.com/shop/products`
1. Customer visits `https://acme.wizamart.com/storefront/products`
2. `vendor_context_middleware` detects subdomain `"acme"`
3. Queries: `SELECT * FROM vendors WHERE subdomain = 'acme'`
4. Finds Vendor with ID=1 (ACME Store)
5. Sets `request.state.vendor = Vendor(ACME Store)`
6. `context_middleware` detects it's a SHOP request
6. `context_middleware` detects it's a STOREFRONT request
7. `theme_context_middleware` loads ACME's theme
8. Routes to `shop_pages.py``shop_products_page()`
8. Routes to `storefront_pages.py``storefront_products_page()`
9. Renders template with ACME's colors, logo, and products
**Advantages:**
@@ -141,12 +179,12 @@ Request arrives
### 2. CUSTOM DOMAIN MODE (Production - Premium)
**URL Pattern:** `https://CUSTOM_DOMAIN/shop/...`
**URL Pattern:** `https://CUSTOM_DOMAIN/storefront/...`
**Example:**
- Vendor name: "ACME Store"
- Custom domain: `store.acme-corp.com`
- Customer Shop URL: `https://store.acme-corp.com/shop/products`
- Customer Storefront URL: `https://store.acme-corp.com/storefront/products`
**Database Setup:**
```sql
@@ -160,7 +198,7 @@ id | vendor_id | domain | is_active | is_verified
```
**How It Works:**
1. Customer visits `https://store.acme-corp.com/shop/products`
1. Customer visits `https://store.acme-corp.com/storefront/products`
2. `vendor_context_middleware` detects custom domain (not *.wizamart.com, not localhost)
3. Normalizes domain to `"store.acme-corp.com"`
4. Queries: `SELECT * FROM vendor_domains WHERE domain = 'store.acme-corp.com'`
@@ -181,24 +219,25 @@ id | vendor_id | domain | is_active | is_verified
### 3. PATH-BASED MODE (Development Only)
**URL Pattern:** `http://localhost:PORT/vendors/VENDOR_CODE/shop/...`
**URL Pattern:** `http://localhost:PORT/platforms/PLATFORM_CODE/vendors/VENDOR_CODE/storefront/...`
**Example:**
- Development: `http://localhost:8000/vendors/acme/shop/products`
- With port: `http://localhost:8000/vendors/acme/shop/products/123`
- Development: `http://localhost:8000/platforms/oms/vendors/acme/storefront/products`
- With port: `http://localhost:8000/platforms/loyalty/vendors/acme/storefront/products/123`
**How It Works:**
1. Developer visits `http://localhost:8000/vendors/acme/shop/products`
2. `vendor_context_middleware` detects path-based routing pattern `/vendors/acme/...`
3. Extracts vendor code `"acme"` from the path
4. Looks up Vendor: `SELECT * FROM vendors WHERE subdomain = 'acme'`
5. Sets `request.state.vendor = Vendor(acme)`
6. Routes to shop pages
1. Developer visits `http://localhost:8000/platforms/oms/vendors/acme/storefront/products`
2. Platform middleware detects `/platforms/oms/` prefix, sets platform context
3. `vendor_context_middleware` detects path-based routing pattern `/vendors/acme/...`
4. Extracts vendor code `"acme"` from the path
5. Looks up Vendor: `SELECT * FROM vendors WHERE subdomain = 'acme'`
6. Sets `request.state.vendor = Vendor(acme)`
7. Routes to storefront pages
**Advantages:**
- Perfect for local development
- No need to configure DNS/domains
- Test multiple vendors easily without domain setup
- Test multiple vendors and platforms easily without domain setup
**Limitations:**
- Only for development (not production-ready)
@@ -210,34 +249,34 @@ id | vendor_id | domain | is_active | is_verified
### Subdomain/Custom Domain (PRODUCTION)
```
https://acme.wizamart.com/shop/ → Homepage
https://acme.wizamart.com/shop/products → Product Catalog
https://acme.wizamart.com/shop/products/123 → Product Detail
https://acme.wizamart.com/shop/categories/electronics → Category Page
https://acme.wizamart.com/shop/cart → Shopping Cart
https://acme.wizamart.com/shop/checkout → Checkout
https://acme.wizamart.com/shop/search?q=laptop → Search Results
https://acme.wizamart.com/shop/account/login → Customer Login
https://acme.wizamart.com/shop/account/dashboard → Account Dashboard (Auth Required)
https://acme.wizamart.com/shop/account/orders → Order History (Auth Required)
https://acme.wizamart.com/shop/account/profile → Profile (Auth Required)
https://acme.wizamart.com/storefront/ → Homepage
https://acme.wizamart.com/storefront/products → Product Catalog
https://acme.wizamart.com/storefront/products/123 → Product Detail
https://acme.wizamart.com/storefront/categories/electronics → Category Page
https://acme.wizamart.com/storefront/cart → Shopping Cart
https://acme.wizamart.com/storefront/checkout → Checkout
https://acme.wizamart.com/storefront/search?q=laptop → Search Results
https://acme.wizamart.com/storefront/account/login → Customer Login
https://acme.wizamart.com/storefront/account/dashboard → Account Dashboard (Auth Required)
https://acme.wizamart.com/storefront/account/orders → Order History (Auth Required)
https://acme.wizamart.com/storefront/account/profile → Profile (Auth Required)
```
### Path-Based (DEVELOPMENT)
```
http://localhost:8000/vendors/acme/shop/ → Homepage
http://localhost:8000/vendors/acme/shop/products → Products
http://localhost:8000/vendors/acme/shop/products/123 → Product Detail
http://localhost:8000/vendors/acme/shop/cart → Cart
http://localhost:8000/vendors/acme/shop/checkout → Checkout
http://localhost:8000/vendors/acme/shop/account/login → Login
http://localhost:8000/platforms/oms/vendors/acme/storefront/ → Homepage
http://localhost:8000/platforms/oms/vendors/acme/storefront/products → Products
http://localhost:8000/platforms/oms/vendors/acme/storefront/products/123 → Product Detail
http://localhost:8000/platforms/oms/vendors/acme/storefront/cart → Cart
http://localhost:8000/platforms/oms/vendors/acme/storefront/checkout → Checkout
http://localhost:8000/platforms/oms/vendors/acme/storefront/account/login → Login
```
### API Endpoints (Same for All Modes)
```
GET /api/v1/public/vendors/1/products → Get vendor products
GET /api/v1/public/vendors/1/products/123 → Get product details
POST /api/v1/public/vendors/1/products/{id}/reviews → Add product review
GET /api/v1/storefront/vendors/1/products → Get vendor products
GET /api/v1/storefront/vendors/1/products/123 → Get product details
POST /api/v1/storefront/vendors/1/products/{id}/reviews → Add product review
```
---
@@ -266,19 +305,19 @@ POST /api/v1/public/vendors/1/products/{id}/reviews → Add product review
### Example: No Cross-Vendor Leakage
```python
# Customer on acme.wizamart.com tries to access TechPro's products
# They make API call to /api/v1/public/vendors/2/products
# They make API call to /api/v1/storefront/vendors/2/products
# Backend checks:
vendor = get_vendor_from_request(request) # Returns Vendor(id=1, name="ACME")
if vendor.id != requested_vendor_id: # if 1 != 2
raise UnauthorizedShopAccessException()
raise UnauthorizedStorefrontAccessException()
```
---
## Request Lifecycle: Complete Flow
### Scenario: Customer visits `https://acme.wizamart.com/shop/products`
### Scenario: Customer visits `https://acme.wizamart.com/storefront/products`
```
┌─────────────────────────────────────────────────────────────────┐
@@ -286,7 +325,7 @@ if vendor.id != requested_vendor_id: # if 1 != 2
└─────────────────────────────────────────────────────────────────┘
method: GET
host: acme.wizamart.com
path: /shop/products
path: /storefront/products
┌─────────────────────────────────────────────────────────────────┐
│ 2. MIDDLEWARE CHAIN │
@@ -299,9 +338,9 @@ if vendor.id != requested_vendor_id: # if 1 != 2
└─ Sets: request.state.vendor = Vendor(ACME Store)
B) context_middleware
├─ Checks path: "/shop/products"
├─ Checks path: "/storefront/products"
├─ Has request.state.vendor? YES
└─ Sets: request.state.context_type = RequestContext.SHOP
└─ Sets: request.state.context_type = RequestContext.STOREFRONT
C) theme_context_middleware
├─ Queries: SELECT * FROM vendor_themes WHERE vendor_id = 1
@@ -310,17 +349,17 @@ if vendor.id != requested_vendor_id: # if 1 != 2
┌─────────────────────────────────────────────────────────────────┐
│ 3. ROUTE MATCHING │
└─────────────────────────────────────────────────────────────────┘
Path: /shop/products
Matches: @router.get("/shop/products")
Handler: shop_products_page(request)
Path: /storefront/products
Matches: @router.get("/storefront/products")
Handler: storefront_products_page(request)
┌─────────────────────────────────────────────────────────────────┐
│ 4. HANDLER EXECUTES │
└─────────────────────────────────────────────────────────────────┘
@router.get("/shop/products", response_class=HTMLResponse)
async def shop_products_page(request: Request):
@router.get("/storefront/products", response_class=HTMLResponse)
async def storefront_products_page(request: Request):
return templates.TemplateResponse(
"shop/products.html",
"storefront/products.html",
{"request": request}
)
@@ -336,7 +375,7 @@ if vendor.id != requested_vendor_id: # if 1 != 2
┌─────────────────────────────────────────────────────────────────┐
│ 6. JAVASCRIPT LOADS PRODUCTS (Client-Side) │
└─────────────────────────────────────────────────────────────────┘
fetch(`/api/v1/public/vendors/1/products`)
fetch(`/api/v1/storefront/vendors/1/products`)
.then(data => renderProducts(data.products, {theme}))
┌─────────────────────────────────────────────────────────────────┐
@@ -349,7 +388,7 @@ if vendor.id != requested_vendor_id: # if 1 != 2
## Theme Integration
Each vendor's shop is fully branded with their custom theme:
Each vendor's storefront is fully branded with their custom theme:
```python
# Theme loaded for https://acme.wizamart.com
@@ -421,25 +460,26 @@ In Jinja2 template:
**Current Solution: Double Router Mounting**
The application handles path-based routing by registering shop routes **twice** with different prefixes:
The application handles path-based routing by registering storefront routes **twice** with different prefixes:
```python
# In main.py
app.include_router(shop_pages.router, prefix="/shop")
app.include_router(shop_pages.router, prefix="/vendors/{vendor_code}/shop")
app.include_router(storefront_pages.router, prefix="/storefront")
app.include_router(storefront_pages.router, prefix="/vendors/{vendor_code}/storefront")
```
**How This Works:**
1. **For Subdomain/Custom Domain Mode:**
- URL: `https://acme.wizamart.com/shop/products`
- Matches: First router with `/shop` prefix
- Route: `@router.get("/products")` → Full path: `/shop/products`
- URL: `https://acme.wizamart.com/storefront/products`
- Matches: First router with `/storefront` prefix
- Route: `@router.get("/products")` → Full path: `/storefront/products`
2. **For Path-Based Development Mode:**
- URL: `http://localhost:8000/vendors/acme/shop/products`
- Matches: Second router with `/vendors/{vendor_code}/shop` prefix
- Route: `@router.get("/products")` → Full path: `/vendors/{vendor_code}/shop/products`
- URL: `http://localhost:8000/platforms/oms/vendors/acme/storefront/products`
- Platform middleware strips `/platforms/oms/` prefix, sets platform context
- Matches: Second router with `/vendors/{vendor_code}/storefront` prefix
- Route: `@router.get("/products")` → Full path: `/vendors/{vendor_code}/storefront/products`
- Bonus: `vendor_code` available as path parameter!
**Benefits:**
@@ -451,13 +491,13 @@ app.include_router(shop_pages.router, prefix="/vendors/{vendor_code}/shop")
---
## Authentication in Multi-Tenant Shop
## Authentication in Multi-Tenant Storefront
Customer authentication uses vendor-scoped cookies:
```python
# Login sets cookie scoped to vendor's shop
Set-Cookie: customer_token=eyJ...; Path=/shop; HttpOnly; SameSite=Lax
# Login sets cookie scoped to vendor's storefront
Set-Cookie: customer_token=eyJ...; Path=/storefront; HttpOnly; SameSite=Lax
# This prevents:
# - Tokens leaking across vendors
@@ -471,9 +511,9 @@ Set-Cookie: customer_token=eyJ...; Path=/shop; HttpOnly; SameSite=Lax
| Mode | URL | Use Case | SSL | DNS |
|------|-----|----------|-----|-----|
| Subdomain | `vendor.platform.com/shop` | Production (standard) | *.platform.com | Add subdomains |
| Custom Domain | `vendor-domain.com/shop` | Production (premium) | Per vendor | Vendor configures |
| Path-Based | `localhost:8000/vendors/v/shop` | Development only | None | None |
| Subdomain | `vendor.platform.com/storefront` | Production (standard) | *.platform.com | Add subdomains |
| Custom Domain | `vendor-domain.com/storefront` | Production (premium) | Per vendor | Vendor configures |
| Path-Based | `localhost:8000/platforms/{p}/vendors/{v}/storefront` | Development only | None | None |
---
@@ -487,5 +527,5 @@ Set-Cookie: customer_token=eyJ...; Path=/shop; HttpOnly; SameSite=Lax
---
Generated: November 7, 2025
Generated: January 30, 2026
Wizamart Version: Current Development

2
docs/frontend/cdn-fallback-strategy.md
View File

@@ -493,7 +493,7 @@ Content-Security-Policy:
## Related Documentation
- [Shop Frontend Architecture](shop/architecture.md)
- [Storefront Architecture](storefront/architecture.md)
- [Vendor Frontend Architecture](vendor/architecture.md)
- [Admin Frontend Architecture](admin/architecture.md)
- [Production Deployment](../deployment/production.md)

2
docs/frontend/shared/logging.md
View File

@@ -395,7 +395,7 @@ window.LogConfig = {
- [Admin Page Templates](../admin/page-templates.md)
- [Vendor Page Templates](../vendor/page-templates.md)
- [Shop Page Templates](../shop/page-templates.md)
- [Storefront Page Templates](../storefront/page-templates.md)
---