Create a Hotel Management System where users can register and log in as different roles (e.g., Manager, Front Desk Staff, Guest). The system should allow for managing room inventory, reservations, check-ins/check-outs, and generating overall booking and occupancy reports.
- Initialize a React application with TypeScript and organize folders logically (e.g., pages, components, services).
- Implement a registration and login flow for three roles: Manager, Front Desk Staff, and Guest.
- Use JWT for session management and secure routes.
- Only authorized roles can access certain features (e.g., Managers and Front Desk Staff can manage rooms, Guests can create reservations).
- Managers (and possibly Front Desk Staff) can:
- Create new rooms (fields: Room Number, Type, Status, Rate per Night, etc.).
- Update room information (e.g., room rate, status like “Under Maintenance,” “Available”).
- Remove rooms from the active list (e.g., if offline for maintenance).
- Guests can:
- View available rooms.
- Make reservations (choosing room type, check-in and check-out dates, number of occupants).
- Managers and Front Desk Staff can:
- View upcoming reservations.
- Confirm check-in and check-out.
- Modify reservations if needed (e.g., change room if available).
- Implement search functionality for rooms by room number, status, or type.
- Allow sorting of rooms or reservations by date, room type, or rate.
- Managers should see summary reports:
- Total reservations (daily, weekly, or monthly).
- Occupancy rate across room types.
- Average nightly rate or revenue summaries.
- This overview offers insight into business performance and revenue trends.
- Provide meaningful error messages for invalid inputs (e.g., overlapping reservations, invalid dates).
- Validate renaming or adding new rooms under constraints (e.g., unique room numbers).
- Establish a structured project layout (routes, controllers, services, etc.).
- Implement TypeScript best practices and linting if applicable.
- Use JWT-based authentication for secure endpoints.
- Create middleware to validate tokens and extract user roles from the JWT.
- Enforce different roles’ permissions at both route-handler and business logic levels (e.g., only Managers and Front Desk can access room management endpoints).
/auth/register
→ Register a new user (role specified in request, or separate invitation system)./auth/login
→ Authenticate credentials and return a JWT./rooms (POST)
→ Create a new room (Manager or Front Desk only)./rooms (GET)
→ Fetch rooms, support search/filter by status, type, etc./rooms/:id (PUT)
→ Update room info (Manager or Front Desk only)./rooms/:id (DELETE)
→ Delete/disable a room (Manager only, or also Front Desk depending on policy)./reservations (POST)
→ Make a new reservation (Guest or Staff on behalf of a guest)./reservations/:id (PUT)
→ Update a reservation (Manager, Front Desk, or the Guest who created it)./reservations/checkin (POST)
→ Check a guest in (Manager or Front Desk only)./reservations/checkout (POST)
→ Check a guest out (Manager or Front Desk only)./reports/occupancy (GET)
→ Get occupancy rates and reservation stats (Manager only).
- Users Table
- Stores user details (email, password hash, role).
- Rooms Table
- Fields: roomNumber, roomType, status (Available, Occupied, Maintenance), ratePerNight, etc.
- Reservations Table
- Maps Guests to Rooms, includes checkInDate, checkOutDate, reservationStatus (Booked, Checked-In, Checked-Out), numberOfGuests, totalCost, etc.
- Feel free to create any other tables if needed.
- Enforce constraints: no double-booking of the same room for overlapping dates.
- Enforce role-based constraints in database operations, not just in the frontend.
- Validate rate inputs, date ranges, occupant limits, etc.
- Users can register and log in, receiving JWTs.
- The role-based access flow is correctly enforced (Managers, Front Desk, Guests).
- Rooms can be created, edited, or removed by authorized roles only.
- Guests can book rooms, view their reservations and confirmation of check-in/check-out.
- Searching and sorting capabilities work correctly both at the API level and in the UI.
- Managers can view aggregated reports (occupancy, revenue, etc.) for better business insights.
- Code demonstrates good organization, readability, and TypeScript best practices, including secure password storage and authentication.
- If there are any gaps or assumptions needed within the task, developers are encouraged to make reasonable assumptions and document these assumptions clearly in their code or accompanying documentation.
- The developer should be able to explain their design and implementation decisions if asked.