Updated vendor documentation

2025-11-22 07:43:26 +01:00
parent 608fa8b95c
commit e5f5a2ebf8
3 changed files with 290 additions and 112 deletions
--- a/docs/frontend/vendor/architecture.md
+++ b/docs/frontend/vendor/architecture.md
@@ -45,20 +45,21 @@ app/
 ├── templates/vendor/
 │   ├── base.html                    ← Base template (layout)
 │   ├── login.html                   ← Public login page
-│   ├── admin/                       ← Authenticated pages
-│   │   ├── dashboard.html
-│   │   ├── products.html
-│   │   ├── orders.html
-│   │   ├── customers.html
-│   │   ├── inventory.html
-│   │   ├── marketplace.html
-│   │   ├── team.html
-│   │   └── settings.html
-│   └── partials/                    ← Reusable components
-│       ├── header.html              ← Top navigation
-│       ├── sidebar.html             ← Main navigation
-│       ├── vendor_info.html         ← Vendor details card
-│       └── notifications.html       ← Toast notifications
+│   ├── dashboard.html               ← Authenticated pages
+│   ├── products.html
+│   ├── orders.html
+│   ├── customers.html
+│   ├── inventory.html
+│   ├── marketplace.html
+│   ├── team.html
+│   ├── settings.html
+│   ├── profile.html
+│   ├── partials/                    ← Reusable components
+│   │   ├── header.html              ← Top navigation
+│   │   ├── sidebar.html             ← Main navigation
+│   │   ├── vendor_info.html         ← Vendor details card
+│   │   └── notifications.html       ← Toast notifications
+│   └── errors/                      ← Error pages
 │
 ├── static/vendor/
 │   ├── css/
@@ -87,8 +88,8 @@ app/
 │   └── css/
 │       └── base.css                 ← Global styles
 │
-└── api/v1/vendor/
-    └── pages.py                     ← Route handlers
+└── routes/
+    └── vendor_pages.py              ← Route handlers


 🏗️  ARCHITECTURE LAYERS
@@ -108,17 +109,17 @@ Layer 5: Database
 Layer 1: ROUTES (FastAPI)
 ──────────────────────────────────────────────────────────────────
 Purpose: Authentication + Template Rendering
-Location: app/api/v1/vendor/pages.py
+Location: app/routes/vendor_pages.py

 Example:
-  @router.get("/vendor/{vendor_code}/dashboard")
+  @router.get("/{vendor_code}/dashboard")
  async def vendor_dashboard_page(
      request: Request,
-      vendor_code: str,
-      current_user: User = Depends(get_current_vendor_user)
+      vendor_code: str = Path(..., description="Vendor code"),
+      current_user: User = Depends(get_current_vendor_from_cookie_or_header)
  ):
      return templates.TemplateResponse(
-          "vendor/admin/dashboard.html",
+          "vendor/dashboard.html",
          {
              "request": request,
              "user": current_user,
@@ -142,7 +143,7 @@ Location: app/templates/vendor/
 Template Hierarchy:
  base.html (layout)
    ↓
-  admin/dashboard.html (page)
+  dashboard.html (page)
    ↓
  partials/sidebar.html (components)

@@ -181,7 +182,7 @@ Example:
              this.loading = true;
              try {
                  this.stats = await apiClient.get(
-                      `/api/v1/vendors/${this.vendorCode}/stats`
+                      `/api/v1/vendor/dashboard/stats`
                  );
              } finally {
                  this.loading = false;
@@ -200,14 +201,14 @@ Responsibilities:
 Layer 4: API (REST)
 ──────────────────────────────────────────────────────────────────
 Purpose: Business Logic + Data Access
-Location: app/api/v1/vendor/*.py (not pages.py)
+Location: app/api/v1/vendor/*.py

 Example Endpoints:
-  GET    /api/v1/vendors/{code}/stats
-  GET    /api/v1/vendors/{code}/products
-  POST   /api/v1/vendors/{code}/products
-  PUT    /api/v1/vendors/{code}/products/{id}
-  DELETE /api/v1/vendors/{code}/products/{id}
+  GET    /api/v1/vendor/dashboard/stats
+  GET    /api/v1/vendor/products
+  POST   /api/v1/vendor/products
+  PUT    /api/v1/vendor/products/{id}
+  DELETE /api/v1/vendor/products/{id}


 🔄 DATA FLOW
@@ -261,19 +262,26 @@ Custom CSS Variables (vendor/css/vendor.css):

 Auth Flow:
  1. Login → POST /api/v1/vendor/auth/login
-  2. API → Return JWT token
-  3. JavaScript → Store in localStorage
-  4. API Client → Add to all requests
-  5. Routes → Verify with get_current_vendor_user
+  2. API → Return JWT token + set vendor_token cookie
+  3. JavaScript → Token stored in localStorage (optional)
+  4. Cookie → Automatically sent with page requests
+  5. API Client → Add Authorization header for API calls
+  6. Routes → Verify with get_current_vendor_from_cookie_or_header
+
+Token Storage:
+  • HttpOnly Cookie: vendor_token (path=/vendor) - For page navigation
+  • LocalStorage: Optional, for JavaScript API calls
+  • Dual authentication: Supports both cookie and header-based auth

 Protected Routes:
-  • All /vendor/{code}/admin/* routes
-  • Require valid JWT token
+  • All /vendor/{code}/* routes (except /login)
+  • Require valid JWT token (cookie or header)
  • Redirect to login if unauthorized

 Public Routes:
  • /vendor/{code}/login
  • No authentication required
+  • Uses get_current_vendor_optional to redirect if already logged in


 📱 RESPONSIVE DESIGN
@@ -546,8 +554,8 @@ Components:
  • Recent orders table
  • Quick actions
 Data Sources:
-  • GET /api/v1/vendors/{code}/stats
-  • GET /api/v1/vendors/{code}/orders?limit=5
+  • GET /api/v1/vendor/dashboard/stats
+  • GET /api/v1/vendor/orders?limit=5

 /vendor/{code}/products
 ──────────────────────────────────────────────────────────────────
@@ -557,9 +565,9 @@ Components:
  • Search and filters
  • Create/Edit modal
 Data Sources:
-  • GET /api/v1/vendors/{code}/products
-  • POST /api/v1/vendors/{code}/products
-  • PUT /api/v1/vendors/{code}/products/{id}
+  • GET /api/v1/vendor/products
+  • POST /api/v1/vendor/products
+  • PUT /api/v1/vendor/products/{id}

 /vendor/{code}/orders
 ──────────────────────────────────────────────────────────────────
@@ -569,8 +577,8 @@ Components:
  • Status filters
  • Order detail modal
 Data Sources:
-  • GET /api/v1/vendors/{code}/orders
-  • PUT /api/v1/vendors/{code}/orders/{id}
+  • GET /api/v1/vendor/orders
+  • PUT /api/v1/vendor/orders/{id}

 /vendor/{code}/customers
 ──────────────────────────────────────────────────────────────────
@@ -580,7 +588,7 @@ Components:
  • Search functionality
  • Customer detail view
 Data Sources:
-  • GET /api/v1/vendors/{code}/customers
+  • GET /api/v1/vendor/customers

 /vendor/{code}/inventory
 ──────────────────────────────────────────────────────────────────
@@ -590,8 +598,8 @@ Components:
  • Stock adjustment modal
  • Low stock alerts
 Data Sources:
-  • GET /api/v1/vendors/{code}/inventory
-  • PUT /api/v1/vendors/{code}/inventory/{id}
+  • GET /api/v1/vendor/inventory
+  • PUT /api/v1/vendor/inventory/{id}

 /vendor/{code}/marketplace
 ──────────────────────────────────────────────────────────────────
@@ -601,8 +609,8 @@ Components:
  • Product browser
  • Import wizard
 Data Sources:
-  • GET /api/v1/vendors/{code}/marketplace/jobs
-  • POST /api/v1/vendors/{code}/marketplace/import
+  • GET /api/v1/vendor/marketplace/jobs
+  • POST /api/v1/vendor/marketplace/import

 /vendor/{code}/team
 ──────────────────────────────────────────────────────────────────
@@ -612,8 +620,19 @@ Components:
  • Role management
  • Invitation form
 Data Sources:
-  • GET /api/v1/vendors/{code}/team
-  • POST /api/v1/vendors/{code}/team/invite
+  • GET /api/v1/vendor/team
+  • POST /api/v1/vendor/team/invite
+
+/vendor/{code}/profile
+──────────────────────────────────────────────────────────────────
+Purpose: Manage vendor profile and branding
+Components:
+  • Profile information form
+  • Branding settings
+  • Business details
+Data Sources:
+  • GET /api/v1/vendor/profile
+  • PUT /api/v1/vendor/profile

 /vendor/{code}/settings
 ──────────────────────────────────────────────────────────────────
@@ -623,8 +642,8 @@ Components:
  • Form sections
  • Save buttons
 Data Sources:
-  • GET /api/v1/vendors/{code}/settings
-  • PUT /api/v1/vendors/{code}/settings
+  • GET /api/v1/vendor/settings
+  • PUT /api/v1/vendor/settings


 🎓 LEARNING PATH