Phase 4 implementa l'interfaccia web amministrativa per il sistema Hospitality Manager, utilizzando HTML + Vanilla JavaScript (no frameworks) con Tailwind CSS per lo styling.
- HTML5 - Semantic markup
- Vanilla JavaScript (ES6+) - No frameworks, modular approach
- Tailwind CSS (CDN) - Rapid styling
- Lucide Icons - Modern icon set
- Session Storage - Token management (NO localStorage)
- Module Pattern - Ogni file JS Γ¨ un modulo indipendente
- MVC-like - Separation of concerns (API, Auth, Utils, Controllers)
- Progressive Enhancement - Base funzionalitΓ + enhancements
- Mobile First - Responsive design
httpdocs/
βββ login.html # Login page
βββ dashboard.html # Main dashboard
βββ guests.html # Guest management
βββ import.html # Excel import
βββ events.html # Events CRUD
βββ rooms.html # Rooms CRUD
βββ users.html # Users/Hostess management
βββ stadiums.html # Stadiums (super admin)
β
βββ js/
β βββ config.js # Global configuration
β βββ auth.js # Authentication manager
β βββ api.js # API client wrapper
β βββ utils.js # Utility functions
β βββ dashboard.js # Dashboard controller
β βββ guests.js # Guests page controller
β βββ import.js # Import page controller
β βββ events.js # Events page controller
β βββ rooms.js # Rooms page controller
β βββ users.js # Users page controller
β βββ stadiums.js # Stadiums page controller
β
βββ assets/
βββ icons/ # PWA icons
- Login/Logout flow
- JWT token management
- Automatic token refresh
- Session persistence (sessionStorage)
- Role-based access control
- Permission checking
- Centralized API communication
- Automatic token injection
- Token refresh on 401
- Error handling
- RESTful endpoints wrapper
- Date/time formatting
- Badge generators (VIP levels, roles, status)
- Toast notifications
- Confirmation dialogs
- File validation
- HTML escaping
- Debouncing
- API endpoints
- Session keys
- Constants (roles, VIP levels, etc.)
- Validation rules
- Feature flags
- User info with avatar
- Role-based menu items
- Active state highlighting
- Logout button
- Page title
- Breadcrumbs
- Notifications bell
- Settings icon
- Icon + title
- Main metric (large number)
- Subtitle description
- Color-coded by type
- Sortable columns
- Search/filter
- Pagination
- Action buttons
- Row selection
- Inline validation
- Error messages
- Success feedback
- File upload with drag & drop
- Create/Edit dialogs
- Confirmation dialogs
- Loading overlays
Primary: #667eea (Purple)
Secondary: #764ba2 (Dark Purple)
Success: #10b981 (Green)
Warning: #f59e0b (Yellow)
Error: #ef4444 (Red)
Info: #3b82f6 (Blue)
Gray: #6b7280 (Neutral)Font Family: 'Inter', sans-serif
Sizes: text-xs, text-sm, text-base, text-lg, text-xl, text-2xl
Weights: 300 (light), 400 (normal), 500 (medium), 600 (semibold), 700 (bold)- Tokens stored in sessionStorage (not localStorage)
- Tokens cleared on logout
- Tokens cleared on browser close
- No persistent sessions
- All API calls use Authorization header
- Token automatically refreshed on expiry
- Failed refresh forces re-login
- CORS configured properly
- All user input escaped with
Utils.escapeHtml() - No
innerHTMLwith user data - Safe DOM manipulation
- Token-based auth (not cookies)
- No CSRF vulnerability
# Create local structure
mkdir -p hospitality-frontend/{js,assets/icons}
# Copy files to local folder
cp login.html dashboard.html hospitality-frontend/
cp js/*.js hospitality-frontend/js/# Upload files via SCP
scp -r hospitality-frontend/* checkindigitale@checkindigitale.cloud:/var/www/vhosts/checkindigitale.cloud/httpdocs/
# Or use SFTP client (FileZilla, Cyberduck, etc.)ssh checkindigitale@checkindigitale.cloud
cd /var/www/vhosts/checkindigitale.cloud/httpdocs
chmod 644 *.html
chmod 644 js/*.js
chmod 755 js/- Open
https://checkindigitale.cloud/login.html - Test login with credentials
- Verify dashboard loads
- Check browser console for errors
- Test logout
- Login page loads
- Valid credentials work
- Invalid credentials show error
- Token saved in sessionStorage
- Redirect to dashboard after login
- User info displays correctly
- Stats cards show data
- Menu items visible based on role
- Quick actions work
- Upcoming events list
- Logout works
- All menu links work
- Active state highlights current page
- Back button works
- Breadcrumbs accurate
- Mobile (< 640px) works
- Tablet (640-1024px) works
- Desktop (> 1024px) works
- Touch interactions work
- β Chrome 90+
- β Firefox 88+
- β Safari 14+
- β Edge 90+
β οΈ IE11 NOT SUPPORTED
| Metric | Target | Status |
|---|---|---|
| Login API | < 500ms | β |
| Dashboard Load | < 1s | β |
| Page Transitions | < 200ms | β |
| API Calls | < 200ms avg | β |
| Bundle Size | < 50KB (JS) | β |
Solution:
- Check API endpoint in config.js
- Verify CORS headers in .htaccess
- Check browser console for errors
- Test API with curl
Solution:
- Check sessionStorage has token
- Verify Auth.getAuthHeader() returns correct format
- Clear sessionStorage and login again
Solution:
- Check API endpoints respond correctly
- Verify token is valid
- Check stadium_id for non-super-admin users
- Review browser console errors
Solution:
- Check Tailwind CDN loads
- Verify internet connection
- Check browser console for CSP errors
- Clear browser cache
# Use local dev server
python3 -m http.server 8000
# Or use PHP built-in server
php -S localhost:8000
# Open browser
open http://localhost:8000/login.html# Build (nothing to build, just copy files)
cp src/* dist/
# Deploy
rsync -avz dist/ user@server:/path/to/httpdocs/
# Test
curl https://checkindigitale.cloud/login.html// Use const for immutable, let for mutable
const API_URL = 'https://api.example.com';
let counter = 0;
// Use arrow functions
const fetchData = async () => {
// ...
};
// Use template literals
const message = `Hello, ${userName}!`;
// Use destructuring
const { id, name } = user;
// Use async/await (not .then())
const data = await API.get('/endpoint');
// Add comments for complex logic
// Calculate total price with tax
const totalPrice = basePrice * (1 + taxRate);<!-- Use semantic HTML5 tags -->
<header></header>
<main></main>
<footer></footer>
<nav></nav>
<article></article>
<!-- Use data attributes for JavaScript hooks -->
<button data-action="delete" data-id="123">Delete</button>
<!-- Use ARIA labels for accessibility -->
<button aria-label="Close modal">Γ</button><!-- Use Tailwind utility classes -->
<div class="flex items-center justify-between p-4 bg-white rounded-lg shadow">
<!-- Group related utilities -->
<div class="w-full md:w-1/2 lg:w-1/3">
<!-- Use hover, focus, active states -->
<button class="hover:bg-blue-600 focus:outline-none focus:ring-2">- Browser DevTools (F12)
- Postman (API testing)
- VS Code (development)
- Login page
- Dashboard
- Auth system
- API client
- Utils
- Guest list page
- Guest search
- Guest edit
- Excel import
- Events CRUD
- Rooms CRUD
- Users management
- Room assignments
- Dashboard charts
- Room statistics
- Event reports
- Export functionality
- Create HTML file:
newpage.html - Create JS controller:
js/newpage.js - Add menu item in all pages
- Add route protection if needed
- Test all user roles
- Deploy
- Update config.js if needed
- Add API endpoint in api.js
- Implement UI in HTML
- Add controller logic in JS
- Test thoroughly
- Deploy
Version: 1.3.0
Status: Sprint 1 Complete, Sprint 2 In Progress
Last Updated: 2025-09-29
Maintainer: Antonio Tartaglia - bitAND solution