Skip to main content

Overview

The employee management system allows managers to create and manage user accounts for cashiers, inventory staff, and other managers. Each employee has a unique ID, secure PIN, and assigned role that determines their access permissions.

Role-based access

Three roles: Manager, Cashier, and Inventory with distinct permissions

PIN authentication

Secure 6-digit PIN with SHA-256 hashing

User activity tracking

Complete audit trail of employee actions

Active/inactive status

Deactivate employees without deleting records

User roles

Manager

Full system access including:
  • Access POS for sales processing
  • Apply discounts (no approval needed)
  • Process returns and refunds
  • View all reports and analytics
  • Manage inventory (add/edit/delete products)
  • Manage employees (create/edit/deactivate)
  • Configure system settings
  • View user activity logs
  • Access hardware configuration
Dashboard: Manager dashboard with complete system overview

Cashier

Point-of-sale focused access:
  • Access POS for sales processing
  • Request manager approval for discounts (if configured)
  • Cannot process returns (manager only)
  • Limited report access (own sales history)
  • Cannot manage inventory
  • Cannot manage employees
  • Cannot change system settings
  • Cannot view other user activity
Dashboard: Manager dashboard (limited access to certain sections)

Inventory

Inventory management focused access:
  • Access inventory management screen
  • Add/edit/delete products
  • Adjust stock quantities
  • Cannot access POS
  • Cannot process sales
  • Cannot manage employees
  • Limited report access (inventory reports)
Dashboard: Inventory dashboard with stock overview

Managing employees

Adding employees

1

Navigate to Employee Management

From the Manager dashboard, click “Employees” to access the employee management screen.
2

Fill in employee details

Enter required information:
  • Name - Employee’s full name
  • Employee ID - Unique identifier (e.g., “0001”, “CASH01”)
  • PIN - 6-digit numeric PIN for authentication
  • Role - Select from Manager, Cashier, or Inventory
3

Click 'Add'

The employee is created and appears in the employee list. The PIN is automatically hashed using SHA-256 before storage.
Validation rules:
  • Name cannot be empty
  • Employee ID must be unique
  • PIN must be exactly 6 digits (0-9)
  • Role must be one of: Manager, Cashier, Inventory

API endpoint

Create employee: POST /api/employees 
{
  "employeeId": "0001",
  "pin": "123456",
  "name": "John Smith",
  "role": "Cashier",
  "isManager": false
}
Response: Employee object with hashed PIN

Editing employees

1

Select employee

Click on an employee in the list to load their information into the edit form.
2

Modify details

Update any field:
  • Name
  • Employee ID (must remain unique)
  • PIN (displays as ”••••” for security)
  • Role
3

Click 'Save'

Changes are saved and logged in user activity. The system tracks:
  • What changed (field-level detail)
  • Who made the change
  • When the change occurred
Change tracking:
  • Name changes: 'John Smith' → 'John A. Smith'
  • Employee ID changes: '0001' → '0002'
  • PIN updates: "PIN updated" (actual PINs never logged)
  • Role changes: 'Cashier' → 'Manager'
  • Manager status: false → true
  • Active status: true → false

API endpoint

Update employee: PUT /api/employees/{id} 
{
  "id": 123,
  "employeeId": "0001",
  "pin": "654321",
  "name": "John A. Smith",
  "role": "Manager",
  "isManager": true,
  "isActive": true,
  "createdDate": "2026-01-15T10:30:00Z"
}

Deactivating employees

1

Select employee

Click on the employee to load their information.
2

Click 'Deactivate'

A confirmation dialog appears.
3

Confirm deactivation

The employee’s isActive status is set to false. They:
  • Cannot log in to the system
  • Appear in the employee list with “(Inactive)” label
  • Are grayed out in the list
  • Remain in the database for historical reporting
Reactivating: Click “Activate” button to restore access.

API endpoints

Deactivate: PUT /api/employees/{id}/deactivate Activate: PUT /api/employees/{id}/activate

PIN management

PIN requirements

  • Length: Exactly 6 digits
  • Characters: Numeric only (0-9)
  • Uniqueness: Not enforced (multiple employees can have same PIN, though not recommended)
  • Security: Hashed with SHA-256 before storage

Setting PINs

During employee creation or editing:
  1. Enter 6-digit PIN in PIN field
  2. PIN is displayed as entered (visible to manager)
  3. On save, PIN is hashed: SHA256(pin)
  4. Only hash is stored in database

Resetting PINs

1

Select employee

Click on the employee who needs PIN reset.
2

Click 'Reset PIN'

A modal keyboard appears with title “Enter New PIN (4-6 digits)”.
3

Enter new PIN

Type new 6-digit PIN using on-screen keyboard.Note: The UI says “4-6 digits” but the backend enforces exactly 6 digits.
4

Submit

New PIN is hashed and saved. The employee is notified to use the new PIN for their next login.
PIN reset logging: 
Reset PIN for employee: John Smith
Employee ID: 0001, PIN length changed from 88 to 6 digits
Note: The “88 characters” represents the SHA-256 hash length, not the actual PIN.

API endpoint

Reset PIN: PUT /api/employees/{id}/reset-pin 
{
  "newPin": "654321"
}
Alternative: Update entire employee with new PIN via PUT /api/employees/{id}

PIN security

Hashing algorithm

PINs are hashed using SHA-256: 
public string HashPin(string pin)
{
    using (var sha256 = SHA256.Create())
    {
        var bytes = Encoding.UTF8.GetBytes(pin);
        var hash = sha256.ComputeHash(bytes);
        return Convert.ToBase64String(hash);
    }
}

PIN verification

During login:
  1. User enters Employee ID and PIN
  2. System retrieves employee record
  3. User’s entered PIN is hashed
  4. Hashed value compared to stored hash
  5. If match, login succeeds
Login endpoint: Handled by Electron IPC validateUserLogin(employeeId, pin)

Manager PIN validation

For discount approval and return authorization:
  1. System prompts for manager PIN
  2. PIN is hashed and compared against all manager accounts
  3. If match found with role === 'Manager', approval succeeds
  4. Manager’s name is logged with the action
Validation endpoint: Handled by Electron IPC validateManagerPin(pin)

Security best practices

PIN security considerations:
  • PINs are only 6 digits (1,000,000 combinations)
  • SHA-256 without salt is vulnerable to rainbow table attacks
  • PINs should be treated as convenience, not high-security
  • Implement account lockout after failed attempts (not currently implemented)
  • Consider adding salt to PIN hashing for production deployments
  • Avoid sharing PINs between employees
  • Rotate PINs periodically for high-privilege accounts

Employee list

Display format

Employees are shown in a vertical list with:
  • Name - Primary identifier
  • Employee ID - Unique ID badge number
  • Role - Manager/Cashier/Inventory
  • Status - (Inactive) if not active
Visual indicators:
  • Blue background + blue left border: Selected employee
  • Gray text: Inactive employee
  • Hover effect: Light gray background

Search and filtering

Search bar filters employees by:
  • Name (case-insensitive)
  • Employee ID
  • Role
Inactive toggle: “Show inactive employees” checkbox includes deactivated users in list.

API endpoint

List employees: GET /api/employees?includeInactive=true Response: 
[
  {
    "id": 123,
    "employeeId": "0001",
    "pin": "hashed_pin_value",
    "name": "John Smith",
    "role": "Cashier",
    "isManager": false,
    "isActive": true,
    "createdDate": "2026-01-15T10:30:00Z"
  }
]

Access control

Session management

When an employee logs in:
  1. Credentials validated against database
  2. Session created in SessionManager
  3. Session includes:
    • Employee ID
    • Name
    • Role
    • Login timestamp
    • Last activity timestamp
Session storage: sessionStorage.setItem('currentUser', JSON.stringify(session))

Permission checking

Routes use SessionGuard component to enforce access: 
<SessionGuard requiredRole="Manager">
  {/* Employee management screen */}
</SessionGuard>
Permission levels:
  • requiredRole="Manager" - Managers only
  • requiredPermission="inventory.view" - Inventory or Manager
  • No restriction - All authenticated users

Auto-logout

Sessions expire after inactivity period (configured in System Settings):
  • Default: 15 minutes
  • Extends by 5 minutes on business actions (completing sale)
  • User redirected to login screen on expiration
  • Session data cleared from storage

User activity tracking

All employee actions are logged:

Tracked events

Employee management:
  • CREATE - New employee created
  • UPDATE - Employee details modified
  • DEACTIVATE - Employee deactivated
  • ACTIVATE - Employee reactivated
  • PIN_RESET - PIN changed
Inventory:
  • CREATE - Product added
  • UPDATE - Product modified
  • DELETE - Product deleted
  • PRICE_CHANGE_MAJOR - Price changed >20%
Sales:
  • SALE - Transaction completed
Returns:
  • CREATE - Return processed

Activity log format

{
  "id": 456,
  "employeeId": 123,
  "employeeName": "John Smith",
  "action": "Created employee: Jane Doe",
  "details": "Employee ID: 0002, Role: Cashier, Manager: false",
  "entityType": "Employee",
  "entityId": 789,
  "actionType": "CREATE",
  "timestamp": "2026-02-28T14:25:30Z",
  "ipAddress": "192.168.1.100"
}
View logs: Manager dashboard → User Activity

API endpoints

Complete employee management API:
EndpointMethodPurpose
/api/employeesGETList employees (with includeInactive param)
/api/employees/{id}GETGet single employee
/api/employeesPOSTCreate new employee
/api/employees/{id}PUTUpdate employee
/api/employees/{id}/deactivatePUTDeactivate employee
/api/employees/{id}/activatePUTReactivate employee
/api/employees/{id}/reset-pinPUTReset employee PIN

Best practices

  • Use descriptive Employee IDs (e.g., “CASH01”, “INV02”) for easy identification
  • Never share PINs between employees
  • Deactivate employees immediately on termination
  • Review user activity logs weekly for unusual actions
  • Rotate manager PINs monthly
  • Assign minimum role required (principle of least privilege)
  • Document role changes and reason in external records
  • Memorize your PIN - don’t write it down
  • Never share your PIN with coworkers
  • Log out when leaving the POS terminal unattended
  • Report forgotten PINs to manager immediately
  • Notify manager if you suspect someone else used your account
  • Back up employee database regularly
  • Implement account lockout after 3-5 failed login attempts
  • Add salt to PIN hashing algorithm before production
  • Monitor user activity logs for security anomalies
  • Set appropriate session timeout based on store traffic patterns
  • Consider adding password complexity rules for high-security environments

Troubleshooting

Symptoms: Error “Employee ID already exists” when addingSolutions:
  • Check employee list for duplicate Employee ID
  • Include inactive employees in search (toggle checkbox)
  • Choose a different Employee ID
  • If truly duplicate, deactivate or delete old record
Symptoms: “Invalid credentials” error at login screenSolutions:
  • Verify Employee ID is exactly as entered (case-sensitive)
  • Confirm employee is active (not deactivated)
  • Check PIN is exactly 6 digits
  • Use Reset PIN to set a new PIN
  • Verify employee record exists in database
Symptoms: Manager PIN rejected during discount approvalSolutions:
  • Verify PIN belongs to user with Role = “Manager”
  • Check manager account is active
  • Confirm PIN is exactly 6 digits
  • Test manager login directly to verify PIN works
  • Check user activity logs for PIN reset history
Symptoms: New PIN doesn’t work after resetSolutions:
  • Ensure new PIN is exactly 6 digits (not 4-6 as UI suggests)
  • Wait a few seconds for database to update
  • Refresh employee list to verify Last Updated timestamp
  • Check browser console for JavaScript errors
  • Try full employee update via Edit → Save instead

Build docs developers (and LLMs) love

Get started for freeTalk to us