Enhance documentation, implement Twilio OTP delivery, and update payment gateway methods. Updated AGENTS.md and README.md for clarity on ExecPlans and architecture. Added Twilio as a dependency and implemented capture/refund methods in MoyasarGateway. Improved frontend routing with react-router-dom and added authentication context. Updated styles and localization files for better user experience.

2026-02-28 15:33:50 +03:00
parent 86fd07c778
commit a1da918f95
37 changed files with 1645 additions and 277 deletions
@@ -5,7 +5,7 @@ This file tracks known gaps and risks to address in future iterations.
 ## Security And Auth
 - Phone normalization is KSA-focused and minimal; broaden for multi-country use.
 - OTP protections are basic; add device fingerprinting and IP throttling if needed.
- OTP provider adapters (Twilio/Unifonic) are scaffolds only; no real SMS/WhatsApp delivery yet.
+- Twilio OTP provider is implemented (SMS + WhatsApp); Unifonic remains a scaffold.
 - Social login is a placeholder.
 - USERNAME_FIELD is still `email` while email can be null; verify admin/login flows.

@@ -16,12 +16,12 @@ This file tracks known gaps and risks to address in future iterations.

 ## Payments
 - Moyasar payment creation, webhook reconciliation, and idempotency are implemented.
- Refund/capture operations are not implemented yet if required.
+- Moyasar capture and refund are implemented in the gateway; API endpoints for admin-initiated capture/refund can be added when needed.

 ## Data And UX
 - Ratings are not recalculated from reviews.
 - No image upload or storage strategy for photos.
- Booking lifecycle notifications are implemented (SMS/WhatsApp via provider scaffolds); production delivery still needs real provider adapters.
+- Booking lifecycle notifications are implemented; Twilio delivers SMS/WhatsApp when OTP_PROVIDER=twilio.
 - Localization foundations are in progress; full Arabic translation coverage and RTL QA are still pending.

 ## Ops And Compliance