admin/pos-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
666 Commits 1 Branch 0 Tags
97b54ebd3929cd74dd48f0b45a87ec4c3cacdaf7
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Ho Ngoc Hai 97b54ebd39 fix(security): fix 5 P1 backend issues — BACK-C-01/03/04, BACK-W-02 
BACK-W-02: Replace string-interpolated SET LOCAL SQL with parameterized
set_config() calls in TenantMiddleware across 5 services (order, wallet,
inventory, catalog, fnb-engine). Eliminates SQL injection pattern;
set_config(key, $1, true) is local-to-transaction, same semantics as SET LOCAL.

BACK-C-01: Remove AllowAnyOrigin() from all 26 services. Switch to
WithOrigins() reading AllowedOrigins config array, with dev-only fallback
to localhost. In production, set AllowedOrigins=["https://goodgo.vn",
"https://admin.goodgo.vn"] via environment config.

BACK-C-03: Standardize OrdersController GET /orders/{id} 404 response
from {Message:...} to {success:false, error:{code,message}} per API contract.

BACK-C-04: Add complete ProblemDetails exception mappings to _template_dot_net:
ValidationException -> 400, DomainException -> 422, with TODO comments
for service-specific types (EntityNotFoundException -> 404, etc.).

BACK-C-02: wallet-service and booking-service already have full
IRequestManager idempotency implementation — no changes needed.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-23 09:48:22 +07:00
.agent
.claude/agents
.github/workflows
.scratchpad
apps
deployments
docs
infra
packages
scripts
services
.cursorignore
.cursorindexingignore
.gitignore
.nvmrc
CLAUDE.md
CONTRIBUTING.md
CTO_DEPLOYMENT_REPORT.md
CTO_FIX_TRACKER.md
CTO_REPORT_SHOP_DELETE.md
eslint.config.js
jsconfig.json
LICENSE
package.json
pnpm-lock.yaml
pnpm-workspace.yaml
README.md
README.vi.md
ROADMAP.md
TESTER_TRACKER.md
turbo.json

README.md

GoodGo Platform

Monorepo platform with microservices architecture for the merchant/customer ecosystem — POS, F&B, retail, spa, karaoke, and more.

Domain: goodgo.vn | Staging: api.staging.goodgo.vn

Tech Stack

Layer Technologies
Backend .NET 10.0 (C# 14), MediatR/CQRS, EF Core 10, FluentValidation, Serilog, Dapper, Polly
Web Blazor WASM + MudBlazor 8.15 (Material Design)
Mobile .NET MAUI (cross-platform), SwiftUI (iOS)
Database PostgreSQL 16 (local) / Neon PostgreSQL (cloud), Redis 7
Messaging RabbitMQ 3 (AMQP)
Storage MinIO (S3-compatible)
Gateway Traefik v3
Infra Docker Compose (local), Kubernetes RKE2 (staging/prod)
CI/CD GitHub Actions, Docker Hub
Observability Prometheus + Grafana + Loki + Promtail
Auth Duende IdentityServer, JWT Bearer, OAuth2
Monorepo pnpm 8 workspaces, Turborepo

Project Structure

services/                    # 26 .NET microservices (Clean Architecture + CQRS)
apps/                        # Frontend applications
packages/                    # Shared Node.js packages (@goodgo/*)
deployments/                 # Environment configs (local, staging, production)
infra/                       # Infrastructure (Traefik, databases, observability)
scripts/                     # Automation scripts (dev, db, deploy, build)

Services

Core Platform

  • iam-service-net — Identity & Access Management (JWT, RBAC, MFA, Sessions)
  • merchant-service-net — Merchant & Shop management
  • catalog-service-net — Product catalog
  • order-service-net — Order processing
  • inventory-service-net — Inventory management
  • wallet-service-net — Wallet & payments
  • fnb-engine-net — F&B engine
  • booking-service-net — Booking & reservations

Engagement

  • promotion-service-net — Promotions & discounts
  • membership-service-net — Membership & loyalty
  • chat-service-net — Chat & messaging (SignalR + Redis)
  • social-service-net — Social features
  • mission-service-net — Gamification missions

Advertising

  • ads-manager-service-net — Campaign management
  • ads-serving-service-net — Ad delivery
  • ads-billing-service-net — Ad billing
  • ads-tracking-service-net — Event tracking
  • ads-analytics-service-net — Analytics

Marketing Integrations

  • mkt-facebook-service-net — Facebook
  • mkt-whatsapp-service-net — WhatsApp
  • mkt-x-service-net — X (Twitter)
  • mkt-zalo-service-net — Zalo

Utilities

  • storage-service-net — File storage (MinIO)
  • mining-service-net — Data mining

Frontend Apps

App Stack Description
web-client-tpos-net Blazor WASM + MudBlazor POS system (multi-vertical: karaoke, restaurant, cafe, spa, retail)
web-client-base-net Blazor WASM + MudBlazor Enterprise portal
app-client-base-net .NET MAUI Cross-platform mobile app
app-client-base-swift SwiftUI iOS app
web-docs VitePress Documentation site

Quick Start

Prerequisites

  • Docker & Docker Compose
  • .NET 10.0 SDK
  • Node.js 25+
  • pnpm 8+

Run Locally

# Start infrastructure (PostgreSQL, Redis, RabbitMQ, MinIO, Traefik) + all services
cd deployments/local
docker compose up -d

# Run database migrations (per service)
./scripts/db/migrate.sh

# Start a specific service for development
./scripts/dev/start-service.sh iam-service-net

Architecture

Each .NET service follows Clean Architecture + CQRS:

ServiceName/
  src/
    ServiceName.API/              # Controllers + MediatR Commands/Queries
    ServiceName.Domain/           # Entities, aggregates, domain events (no dependencies)
    ServiceName.Infrastructure/   # EF Core, repositories, migrations
  tests/
    ServiceName.UnitTests/        # xUnit + FluentAssertions
    ServiceName.FunctionalTests/  # WebApplicationFactory integration tests

Documentation

  • ROADMAP.md — Development roadmap and phase tracking
  • CLAUDE.md — Full architecture reference and agent configuration

Maintainer

Built by VelikHo (@hongochai10)

Reference in New Issue View Git Blame Copy Permalink
Description
GoodGo POS Platform
Readme 42 MiB
Languages
C# 60.8%
HTML 22%
TypeScript 10.2%
CSS 3.1%
Swift 1.9%
Other 1.9%