Gassigeher - Dog Walking Booking System

Status: PRODUCTION READY | Simple-Mode & SaaS

A complete, production-ready web-based dog walking booking system for animal shelters. Built with Go and Vanilla JavaScript, available in two deployment modes:

Simple-Mode: Single-tenant deployment for individual shelters
SaaS-Mode: Multi-tenant platform serving 500+ shelters via subdomains

Implementation: 85+ API endpoints | 30+ pages | 18 email types | GDPR-compliant | Multi-database support

Quick Start

# 1. Clone and setup
git clone <repository-url>
cd gassigeher
cp .env.example .env

# 2. Configure .env (set SUPER_ADMIN_EMAIL and optionally email provider)
nano .env

# 3. Build and run
./bat.sh        # Linux/Mac
# or
bat.bat         # Windows

# 4. Visit http://localhost:8080

For production deployment, see DEPLOYMENT.md.

Deployment Modes

Simple-Mode (Single-Tenant)

Best for individual shelters running their own instance.

# No BASE_DOMAIN = Simple-Mode
BASE_URL=https://gassigeher.yourshelter.com
# BASE_DOMAIN is NOT set

Characteristics:

Single organization deployment
Direct URL access (no subdomains)
SQLite or PostgreSQL database
Local filesystem storage for uploads
Global rate limiting

SaaS-Mode (Multi-Tenant)

Best for hosting multiple shelters on a single platform.

# Set BASE_DOMAIN to enable SaaS mode
BASE_URL=https://gassigeher.org
BASE_DOMAIN=gassigeher.org

Characteristics:

Multi-tenant via subdomains (e.g., tierheim-goeppingen.gassigeher.org)
Tenant data isolation with PostgreSQL Row-Level Security (RLS)
Per-tenant theming with 10 color presets
S3 object storage (Hetzner)
Stripe billing integration
Central admin dashboard
Per-tenant rate limiting
Landing page with self-service registration

Feature	Simple-Mode	SaaS-Mode
Tenants	1	Unlimited
URL	Single domain	Subdomains
Database	SQLite or PostgreSQL	PostgreSQL with RLS
Storage	Local filesystem	S3 (with fallback)
Theming	Fixed	Per-tenant customizable
Billing	None	Stripe integration
Admin	Local super admin	Central + tenant admins

Features

User Features

User registration with email verification and welcome email
Registration password requirement - Shelter-provided code to prevent unauthorized registrations
JWT-based authentication with secure password requirements
Self-service password reset and change
Profile management with photo upload (first name, last name, phone, email)
Email re-verification on email change
Color-based access system (customizable per tenant)
Dog browsing with filters and search
Featured dogs on homepage with random selection
External dog links to shelter website for more information
Booking system with date/time selection
Configurable booking time slots for weekdays and weekends
German holiday integration - Automatic recognition of public holidays
View and manage bookings (upcoming and past)
Add notes to completed walks
Cancel bookings with notice period
Booking reminders - Email notifications 1-2 hours before walks
Request additional color assignments
GDPR-compliant account deletion
WhatsApp group integration - Easy onboarding to shelter's WhatsApp community
German UI with mobile-first responsive design

Admin Features

Comprehensive admin dashboard with real-time statistics
Dog management (CRUD, photos, featured status, external links)
Dog-specific date blocking - Block dates for individual dogs
Booking management (view all, cancel, move)
Booking approval workflow - Approve/deny bookings for certain time slots
Booking time rules - Configure allowed/blocked time slots per day type
Custom holiday management - Add custom holidays
Block dates with reasons (global or per-dog)
User management (activate/deactivate accounts, edit names)
Color request approval workflow
Reactivation request management
Configurable site logo - Change site branding via settings
Registration password management - Control who can register
WhatsApp group settings - Enable/configure community link
System settings configuration
Recent activity feed
Unified admin navigation

System Features

Multi-provider email support - Gmail API or SMTP (Strato, Office365, etc.)
BCC admin copy - Audit trail for all emails
Automatic walk completion via cron jobs (every 15 minutes)
Automatic booking reminders via cron jobs
Automatic user deactivation after configurable inactivity period
Email notifications for all major actions (18 types)
German public holiday API (feiertage-api.de) with caching
Color-based access control
Double-booking prevention
Booking validation rules
Security headers and XSS protection
Standalone binary deployment - Frontend embedded in executable
Version info display in footer with build-time injection
Health check endpoint for monitoring
CLI parameter for .env path - Custom config file location
Configurable BASE_URL - No hardcoded localhost URLs
Comprehensive test suite (305+ tests)

SaaS-Mode Features (Multi-Tenant)

Subdomain-based routing - Each shelter gets {slug}.gassigeher.org
PostgreSQL Row-Level Security - Database-enforced data isolation
Per-tenant theming - 10 color presets + custom colors
Per-tenant branding - Custom logo, favicon, colors
S3 object storage - Hetzner Object Storage with local fallback
Stripe billing - Subscription management with free/pro tiers
Central admin dashboard - Platform-wide management
User impersonation - Support users by logging in as them
Self-service registration - Shelters can register their own tenant
Landing page - Marketing site with feature showcase
Per-tenant rate limiting - Configurable limits by subscription tier
Feature flags - Enable/disable features per tenant
Demo tenant - Auto-reset demo for prospective shelters
Promo codes - Percentage, fixed amount, or free months discounts
Referral system - Rewards for both referrer and referee
Marketing campaigns - FOMO countdowns, referral tracking

Billing & Subscription Tiers (SaaS)

Feature	Free Plan	Pro Plan
Price	€0/month	€29/month or €290/year
Dogs	10 maximum	Unlimited
Users	Unlimited	Unlimited
Storage	100MB	10GB
Support	Community	Priority
Branding	Basic	Full customization

Central Admin Features (SaaS)

Platform statistics - Total tenants, users, dogs, bookings
Tenant management - View, activate, deactivate tenants
User impersonation - Log in as any user for support
Billing management - Subscriptions, invoices, promo codes
Marketing campaigns - FOMO, referrals, campaigns
Feature flag management - Global and per-tenant toggles

Monitoring & Observability

Prometheus metrics - /metrics endpoint for monitoring
Sentry integration - Error tracking and alerting
Health check endpoint - /health for load balancers
Structured logging - JSON logs with request IDs
Audit logging - 30+ tracked actions for compliance

Tech Stack

Backend:

Go 1.24+
Multi-database support (SQLite and PostgreSQL)
gorilla/mux router
JWT authentication
bcrypt password hashing
Multi-provider email (Gmail API, SMTP)
Embedded frontend (go:embed)

Frontend:

Vanilla JavaScript (ES6+)
HTML5 & CSS3
SCSS/SASS for modular styling
Custom i18n system
No external dependencies

Project Structure

gassigeher/
├── cmd/
│   ├── server/
│   │   └── main.go           # Application entry point
│   └── migrate-to-saas/      # Migration tool for single→multi-tenant
├── internal/
│   ├── config/               # Configuration management
│   ├── cron/                 # Scheduled jobs (auto-complete, reminders, deactivation)
│   ├── database/             # Database setup and migrations (25+ migrations)
│   ├── handlers/             # HTTP request handlers (16 handlers)
│   │   ├── tenant_handler.go # SaaS: Tenant registration
│   │   ├── theme_handler.go  # SaaS: Dynamic theming
│   │   ├── billing_handler.go # SaaS: Stripe billing
│   │   └── central_admin_handler.go # SaaS: Platform admin
│   ├── logging/              # Production logging with rotation
│   ├── middleware/           # Auth, logging, CORS, tenant middleware
│   │   ├── tenant.go         # SaaS: Subdomain→tenant resolution
│   │   └── ratelimit_tenant.go # SaaS: Per-tenant rate limiting
│   ├── models/               # Data models (including Tenant, Theme)
│   ├── repository/           # Database operations (14 repositories)
│   ├── services/             # Business logic
│   │   ├── s3_service.go     # SaaS: S3 object storage
│   │   └── provisioning_service.go # SaaS: Tenant setup
│   ├── static/
│   │   ├── frontend/         # Tenant app (HTML, JS, CSS, i18n)
│   │   ├── landing/          # SaaS: Landing page
│   │   └── central/          # SaaS: Central admin dashboard
│   └── version/              # Build version information
├── docs/                     # Documentation files
├── deploy/                   # Production deployment configs
├── uploads/                  # User and dog photos (Simple-Mode)
├── .env                      # Environment variables
├── .env.example              # Environment template
├── Dockerfile                # Docker build
├── docker-compose.yml        # Docker stack (--profile production for Caddy)
├── Caddyfile                 # SaaS: Wildcard SSL reverse proxy
├── go.mod                    # Go dependencies
└── README.md                 # This file

Setup

1. Prerequisites

Go 1.24 or higher
SQLite3 (default) or PostgreSQL

2. Clone and Install

cd gassigeher
go mod download

3. Configure Environment

Copy .env.example to .env and configure:

cp .env.example .env

Edit .env and set your configuration, especially:

JWT_SECRET: Generate a secure random string
SUPER_ADMIN_EMAIL: Your Super Admin email address (for first-time setup)
BASE_URL: Your production URL (e.g., "https://gassigeher.yourdomain.com")
Email provider credentials (see Email Configuration below)

Important: On first run, the system will automatically:

Create a Super Admin account with the email from SUPER_ADMIN_EMAIL
Generate a secure random password
Display credentials in console and save to SUPER_ADMIN_CREDENTIALS.txt
Generate a unique registration password (shown in admin settings)
Create sample data (3 users, 5 dogs, 3 bookings)

4. Email Configuration

The application supports two email providers:

Option A: Gmail API (Recommended)

EMAIL_PROVIDER=gmail
GMAIL_CLIENT_ID=your-client-id
GMAIL_CLIENT_SECRET=your-client-secret
GMAIL_REFRESH_TOKEN=your-refresh-token
GMAIL_FROM_EMAIL=noreply@yourdomain.com

Option B: SMTP (Any Provider)

EMAIL_PROVIDER=smtp
SMTP_HOST=smtp.strato.de       # or smtp.office365.com, etc.
SMTP_PORT=465                   # 465 for SSL, 587 for TLS
SMTP_USERNAME=your-email@domain.com
SMTP_PASSWORD=your-password
SMTP_FROM_EMAIL=your-email@domain.com
SMTP_USE_SSL=true              # or SMTP_USE_TLS=true for port 587

Optional: BCC Admin Copy

EMAIL_BCC_ADMIN=admin@yourdomain.com  # Receive copies of all emails

Note: For development, you can skip email setup. The app will run but emails won't be sent.

5. Build and Test

Windows:

bat.bat

Linux/Mac:

chmod +x bat.sh
./bat.sh

This will:

Check Go installation
Download dependencies
Build the application
Run all tests

6. Run the Application

Development mode:

go run cmd/server/main.go

Using compiled binary:

Windows:

gassigeher.exe

Linux/Mac:

./gassigeher

Custom .env file:

./gassigeher -env /path/to/custom.env

The server will start on http://localhost:8080

7. Custom Port

# Windows
set PORT=3000 && gassigeher.exe

# Linux/Mac
PORT=3000 ./gassigeher

API Endpoints

Authentication (Public)

POST /api/auth/register - Register new user (requires registration password)
POST /api/auth/verify-email - Verify email with token
POST /api/auth/login - Login and get JWT token
POST /api/auth/forgot-password - Request password reset
POST /api/auth/reset-password - Reset password with token

Authentication (Protected)

PUT /api/auth/change-password - Change password

Users (Protected)

GET /api/users/me - Get current user profile
PUT /api/users/me - Update profile (email, phone)
POST /api/users/me/photo - Upload profile photo
DELETE /api/users/me - Delete account (GDPR anonymization)

Dogs (Protected - Read)

GET /api/dogs - List all dogs with filters (breed, size, age, category, availability, search)
GET /api/dogs/:id - Get dog details
GET /api/dogs/breeds - Get all dog breeds
GET /api/dogs/featured - Get featured dogs for homepage

Dogs (Admin Only)

POST /api/dogs - Create new dog
PUT /api/dogs/:id - Update dog
DELETE /api/dogs/:id - Delete dog (cancels future bookings)
POST /api/dogs/:id/photo - Upload dog photo
PUT /api/dogs/:id/availability - Toggle dog availability (health status)

Bookings (Protected)

GET /api/bookings - List bookings (user sees own, admin sees all)
GET /api/bookings/:id - Get booking details
POST /api/bookings - Create booking
PUT /api/bookings/:id/cancel - Cancel booking
PUT /api/bookings/:id/notes - Add notes to completed booking
GET /api/bookings/calendar/:year/:month - Get calendar data

Bookings (Admin Only)

PUT /api/bookings/:id/move - Move booking to new date/time
GET /api/bookings/pending-approval - List bookings awaiting approval
PUT /api/bookings/:id/approve - Approve booking
PUT /api/bookings/:id/reject - Reject booking

Booking Time Rules (Admin Only)

GET /api/booking-times/rules - Get all time rules
PUT /api/booking-times/rules - Update time rules
GET /api/booking-times/available-slots - Get available time slots for a date

Holidays (Admin Only)

GET /api/holidays - List all holidays
POST /api/holidays - Add custom holiday
DELETE /api/holidays/:id - Delete holiday
POST /api/holidays/fetch - Fetch holidays from API

Blocked Dates (Protected - Read)

GET /api/blocked-dates - List all blocked dates

Blocked Dates (Admin Only)

POST /api/blocked-dates - Block a date (globally or per-dog)
DELETE /api/blocked-dates/:id - Unblock a date

Color Requests (Protected)

POST /api/color-requests - Request color assignment
GET /api/color-requests - List requests (user sees own, admin sees all pending)

Color Requests (Admin Only)

PUT /api/color-requests/:id/approve - Approve request
PUT /api/color-requests/:id/deny - Deny request

Reactivation Requests (Public)

POST /api/reactivation-requests - Request account reactivation

Reactivation Requests (Admin Only)

GET /api/reactivation-requests - List all pending requests
PUT /api/reactivation-requests/:id/approve - Approve and reactivate user
PUT /api/reactivation-requests/:id/deny - Deny request

User Management (Admin Only)

GET /api/users - List all users with filters (active/inactive)
GET /api/users/:id - Get user by ID
PUT /api/users/:id - Update user (name, email, phone)
PUT /api/users/:id/activate - Activate user account
PUT /api/users/:id/deactivate - Deactivate user account
PUT /api/users/:id/promote - Promote user to admin
PUT /api/users/:id/demote - Demote admin to user

System Settings (Admin Only)

GET /api/settings - Get all settings
PUT /api/settings/:key - Update setting value
GET /api/settings/registration-password - Get registration password

Admin Dashboard (Admin Only)

GET /api/admin/stats - Get dashboard statistics
GET /api/admin/activity - Get recent activity feed

System (Public)

GET /api/health - Health check endpoint
GET /api/version - Get version information

SaaS-Mode: Tenant Management (Public)

POST /api/v1/tenants/register - Self-service tenant registration
GET /api/v1/tenants/check-slug - Check subdomain availability

SaaS-Mode: Tenant Management (Protected)

GET /api/v1/tenants/me - Get current tenant info
PUT /api/v1/tenants/me - Update tenant settings (Admin)

SaaS-Mode: Theming

GET /api/v1/theme/css - Dynamic CSS variables for tenant
GET /api/v1/theme/presets - List 10 color presets
PUT /api/admin/theme - Update tenant theme (Admin)

SaaS-Mode: Billing (Stripe)

GET /api/v1/billing/subscription - Current subscription status
GET /api/v1/billing/plans - Available subscription plans
POST /api/v1/billing/checkout - Create Stripe checkout session
POST /api/v1/billing/portal - Redirect to Stripe billing portal
POST /api/v1/billing/cancel - Cancel subscription

SaaS-Mode: Central Admin (Platform Admin Only)

GET /api/v1/central-admin/stats - Platform-wide statistics
GET /api/v1/central-admin/tenants - List all tenants
GET /api/v1/central-admin/tenants/{id} - Tenant details
POST /api/v1/central-admin/tenants/{id}/activate - Activate tenant
POST /api/v1/central-admin/tenants/{id}/deactivate - Deactivate tenant
GET /api/v1/central-admin/feature-flags - Platform feature flags

SaaS-Mode: Demo

GET /api/v1/demo/credentials - Demo tenant login credentials
GET /api/v1/demo/status - Demo tenant status

Database

The application supports two database backends with automatic migrations and feature parity:

Supported Databases

Database	Best For	Max Users	Setup Time	Cost
SQLite (default)	Development, small deployments (Simple-Mode)	<1,000	5 min	$0
PostgreSQL	Enterprise, SaaS-Mode (required for RLS)	100,000+	45 min	$$

Note: SaaS-Mode requires PostgreSQL for Row-Level Security (RLS) tenant isolation. Simple-Mode can use either database.

Quick Start - SQLite (Default)

No configuration needed! The database file is created automatically on first run:

# Just run the application
./gassigeher

Database file: ./gassigeher.db (configurable via DATABASE_PATH)

PostgreSQL Configuration

# In .env file
DB_TYPE=postgres
DB_HOST=localhost
DB_PORT=5432
DB_NAME=gassigeher
DB_USER=gassigeher_user
DB_PASSWORD=your_secure_password
DB_SSLMODE=require
DB_MAX_OPEN_CONNS=25
DB_MAX_IDLE_CONNS=5

See PostgreSQL_Setup_Guide.md for complete setup instructions.

Database Selection Guide

Choose SQLite if:

Development or testing
Small animal shelter (<1,000 users)
Simple deployment (single server)
Zero setup time required

Choose PostgreSQL if:

Enterprise deployment (10,000+ users)
Advanced features needed (JSON, full-text search)
Complex analytics queries
Strong ACID compliance required
SaaS-Mode deployment (required for RLS)

See Database_Selection_Guide.md for detailed comparison.

Tables Created (All Databases)

Core Tables (Simple-Mode & SaaS):

users - User accounts and profiles (with first_name, last_name, tenant_id)
dogs - Dog information (with is_featured, external_link)
bookings - Walk bookings (with approval workflow)
blocked_dates - Admin-blocked dates (global or per-dog)
color_requests - User color assignment requests
reactivation_requests - Account reactivation requests
system_settings - Configurable system settings
booking_time_rules - Configurable time slots
custom_holidays - Custom and API-fetched holidays
feiertage_cache - Holiday API cache
schema_migrations - Migration version tracking

SaaS-Mode Tables:

tenants - Tenant organizations (slug, name, status, contact info)
tenant_settings - Per-tenant branding (theme, colors, logo)
feature_flags - Platform and tenant feature toggles
subscriptions - Stripe subscription tracking

All 25+ migrations run automatically on application startup.

Implementation Status

Simple-Mode: ALL PHASES COMPLETE (10 of 10)

Phase 1: Foundation (Auth, Database, Email)
Phase 2: Dog Management (CRUD, Photos, Categories)
Phase 3: Booking System (Create, View, Cancel, Auto-complete)
Phase 4: Blocked Dates & Admin Actions (Block dates, Move bookings)
Phase 5: Color System (Request, Approve, Deny workflow)
Phase 6: User Profiles & Photos (Edit, Upload, Email re-verification)
Phase 7: Account Management & GDPR (Delete, Deactivate, Reactivate)
Phase 8: Admin Dashboard & Reports (Stats, Activity, Settings)
Phase 9: Polish & Testing (Test suite, Security, Documentation)
Phase 10: Deployment (Production setup, Documentation)

SaaS-Mode: COMPLETE (12 Phases)

Phase 1: Database Foundation (tenants table, tenant_id columns)
Phase 2: Tenant Middleware & JWT (subdomain resolution, JWT claims)
Phase 3: Repository Layer Updates (tenant filtering, RLS)
Phase 4: Handler Layer Updates (tenant context extraction)
Phase 5: Enhanced Security (rate limiting, brute force protection)
Phase 6: Hetzner S3 Storage (object storage, tenant isolation)
Phase 7: Theming System (10 presets, custom colors)
Phase 8: Tenant Registration (self-service signup)
Phase 9: Landing Page (marketing site, registration)
Phase 10: Central Admin Dashboard (platform management)
Phase 11: Docker Infrastructure (containerized deployment)
Phase 12: Testing & Migration (tenant isolation tests)

Status: PRODUCTION READY (both modes)

Current Coverage

Backend Tests: 305+ tests passing
- Handlers: Comprehensive coverage
- Models: Validation tests
- Repository: CRUD and edge cases
- Services: Auth, email, holidays, booking times
- Middleware: Auth, security
- Database: Migrations, dialect
Frontend: Manual testing complete for all features
Security: Headers, XSS protection, password validation
CI/CD: GitHub Actions with Playwright E2E tests

See ImplementationPlan.md for complete phase details.

Development Notes

Color Scheme (Tierheim Göppingen)

Primary Green: #82b965
Dark Background: #26272b
Dark Gray: #33363b
Border Radius: 6px
System fonts only (Arial, sans-serif)

Admin Access

Super Admin System:

On first installation, a Super Admin is created automatically using SUPER_ADMIN_EMAIL from .env
Super Admin credentials are saved in SUPER_ADMIN_CREDENTIALS.txt
Super Admin can promote/demote other users to/from admin role via the web UI
Admin privileges are stored in the database (no server restart needed)
Change Super Admin password by editing SUPER_ADMIN_CREDENTIALS.txt and restarting

Becoming an Admin:

Register as a regular user (requires registration password from shelter)
Ask the Super Admin to promote you via "Benutzerverwaltung" page
Super Admin clicks "Zu Admin ernennen" on your account
You immediately gain admin access

Color-Based Access System

Colors are customizable per tenant. Users can be assigned multiple colors by admins. Dogs are assigned a required color, and users can only book dogs if they have the matching color assigned. New users start with the first color and can request additional colors through the approval workflow.

Booking Time Rules

The system supports configurable time slots:

Weekday slots: Morning, afternoon, evening walks
Weekend slots: Different timing for weekends
Blocked periods: Feeding times, rest periods
Holiday handling: Uses German public holiday API
Approval workflow: Certain times may require admin approval

Testing Infrastructure

Backend Tests (Go):

go test ./... -v                           # All tests
go test ./internal/services/... -v         # Service tests only
go test ./... -coverprofile=coverage.out   # With coverage
go tool cover -html=coverage.out           # View coverage report

Frontend Tests (Jest):

npm test                    # Run Jest unit tests
npm run test:watch          # Watch mode
npm run test:coverage       # With coverage report

E2E Tests (Playwright):

cd e2e-tests
npm install
npm run test                # Headless tests
npm run test:headed         # With visible browser
npm run test:debug          # Debug mode
npm run test:ui             # Interactive UI mode

Comprehensive Test Suite:

./test-overview.sh          # Full test suite with reporting

Test Coverage Goals:

Target: 90% code coverage
TDD approach: tests written alongside features
CI integration: Coverage reports in GitHub Actions

Default System Settings

Booking advance: 14 days
Cancellation notice: 12 hours
Auto-deactivation: 365 days (1 year)
Booking time granularity: 15 minutes
Morning walks require approval: true
German state for holidays: BW (Baden-Württemberg)

These can be adjusted by admins in the settings page.

Automated Tasks (Cron Jobs)

The application runs the following automated tasks:

Auto-complete Bookings (every 15 minutes)
- Marks past scheduled bookings as completed
- Updates booking status automatically
Send Booking Reminders (every 15 minutes)
- Sends email reminders 1-2 hours before walks
- Tracks sent reminders to prevent duplicates
Auto-deactivate Inactive Users (daily at 3:00 AM)
- Checks for users inactive beyond configured period
- Deactivates accounts with "auto_inactivity" reason
- Sends notification emails

Email Notifications

The system sends 18 types of email notifications:

Authentication:

Email verification link
Welcome email after verification (with optional WhatsApp link)
Password reset link

Bookings: 4. Booking confirmation 5. Booking reminder (1-2 hours before) 6. User cancellation confirmation 7. Admin cancellation notification 8. Booking approval notification 9. Booking rejection notification

Admin Actions: 10. Booking moved notification

Color Requests: 11. Color assignment approved 12. Color assignment denied

Account Lifecycle: 13. Account deactivated notification 14. Account reactivated notification 15. Reactivation request denied 16. Account deletion confirmation

Auto-deactivation: 17. Auto-deactivation warning 18. Auto-deactivation notification

All emails use HTML templates with inline CSS for consistent branding.

Security

The application implements multiple security measures:

Authentication: JWT tokens with configurable expiration
Password Security: bcrypt hashing with cost factor 12
Password Requirements: Min 8 chars, uppercase, lowercase, number
Registration Password: Shelter-controlled access code
Email Verification: Required before account activation
Admin Authorization: Database-stored, managed via UI
Security Headers:
- X-Frame-Options: DENY (clickjacking protection)
- X-Content-Type-Options: nosniff (MIME sniffing protection)
- X-XSS-Protection: enabled
- Strict-Transport-Security: HTTPS enforcement
- Content-Security-Policy: XSS protection
File Upload Validation: Type and size checks
SQL Injection Protection: Parameterized queries throughout
GDPR Compliance: Right to deletion, data anonymization
XSS Protection: HTML escaping in user name rendering

Documentation

Complete documentation suite: 12,000+ lines across 18+ comprehensive guides

See DOCUMENTATION_INDEX.md for navigation guide.

Core Documentation

Document	Lines	Purpose	Audience
README.md	900+	Project overview, both modes, API list	Developers
FEATURES.md	1,000+	Complete feature reference (all features)	Everyone
ImplementationPlan.md	1,500+	Simple-Mode architecture & all 10 phases	Technical Leads
SaaS_Implementation_Plan.md	2,400+	SaaS architecture & all 12 phases	Technical Leads
API.md	800+	Complete REST API reference with examples	Developers/Integrators
DEPLOYMENT.md	800+	Production deployment (both modes)	DevOps/System Admins
USER_GUIDE.md	350+	How to use the application (German)	End Users
ADMIN_GUIDE.md	900+	Administrator operations manual	Administrators
PROJECT_SUMMARY.md	700+	Executive summary & statistics	Stakeholders
CLAUDE.md	1,200+	AI assistant development guide	AI Developers
DOCUMENTATION_INDEX.md	250+	Documentation navigation	Everyone

Database Documentation

Document	Lines	Purpose	Audience
Database_Selection_Guide.md	300+	Choosing the right database	Decision Makers
PostgreSQL_Setup_Guide.md	500+	Complete PostgreSQL setup and configuration	DevOps/System Admins
MultiDatabase_Testing_Guide.md	300+	Testing across both database backends	Developers/QA
DatabasesSupportPlan.md	2,300+	Complete multi-database implementation plan	Technical Leads

Email Documentation

Document	Purpose
Email_Provider_Selection_Guide.md	Choosing between Gmail API and SMTP
SMTP_Setup_Guides.md	Setup guides for various SMTP providers

Not sure where to start? See DOCUMENTATION_INDEX.md.

Getting Started Guide

For Users

Get registration password from the animal shelter
Visit the application URL
Click "Registrieren" to create an account
Enter registration password and your details
Verify your email (check inbox)
Login and join WhatsApp group (if enabled)
Start browsing dogs and book your first walk!

Read: USER_GUIDE.md for complete instructions.

For Administrators

First-Time Setup (Super Admin):

Set SUPER_ADMIN_EMAIL in .env before first run
Start the application
Note the Super Admin credentials displayed in console
Credentials also saved in SUPER_ADMIN_CREDENTIALS.txt
Login with those credentials
Go to settings to configure:
- Site logo
- Registration password (share with users)
- WhatsApp group link
- Booking time rules
- Holidays
Add dogs and start managing bookings

Additional Administrators:

Register and verify as normal user
Ask Super Admin to promote you via "Benutzerverwaltung"
Login - you'll be redirected to admin dashboard
Start managing dogs, users, and bookings

Read: ADMIN_GUIDE.md for complete operations guide.

For Developers

Clone repository
Copy .env.example to .env
Configure email provider (or skip for development)
Run ./bat.sh (Linux/Mac) or bat.bat (Windows)
Visit http://localhost:8080

Read: CLAUDE.md for development guide and API.md for endpoints.

For DevOps

Provision Ubuntu 22.04 server
Follow DEPLOYMENT.md step-by-step
Configure SSL with Let's Encrypt
Setup automated backups
Monitor via /api/health endpoint

Read: DEPLOYMENT.md for complete production setup.

Project Statistics

Category	Simple-Mode	SaaS-Mode
Implementation Phases	10/10	12/12
Backend Files	131 Go files	150+ Go files
Frontend Pages	26 HTML pages	30+ HTML pages
API Endpoints	71 REST endpoints	85+ REST endpoints
Database Tables	11 with indexes	15 with indexes + RLS
Database Migrations	21	25+
Email Templates	18 HTML templates	20+ HTML templates
Test Cases	305+ (all passing)	350+ (all passing)
German Translations	400+ strings	450+ strings
Theme Presets	1 (classic)	10 color presets
Documentation Files	15 guides	18+ guides
Deployment Configs	3 production files	Docker + Caddy
Security Measures	12+ implemented	15+ implemented
Cron Jobs	3 automated tasks	4 automated tasks

Complete Feature List

Core Features (Simple-Mode & SaaS - 60+ features): User registration with password • Email verification • JWT authentication • Password reset • Profile management (first/last name) • Photo uploads • Color-based access (customizable) • Color requests • Dog browsing • Featured dogs • External dog links • Advanced filters • Dog booking • Booking approval workflow • Configurable time slots • Holiday integration • Booking cancellation • Booking notes • Booking reminders • Dashboard • GDPR account deletion • Auto-deactivation with notification • Reactivation workflow • Admin dashboard • Dog management • Dog-specific blocking • Availability toggle • Booking management • Move bookings • Block dates (global/per-dog) • User management • Admin promotion/demotion • Color approvals • Registration password • Site logo configuration • WhatsApp integration • System settings • Real-time statistics • Activity feed • Email notifications (18 types) • Multi-provider email (Gmail/SMTP) • BCC admin copy • Auto-completion • Security headers • German i18n • Mobile-responsive design • SCSS modular styling • Terms & privacy pages • Embedded frontend • Version display • Health check • CI/CD pipeline • E2E testing

SaaS-Mode Features (20+ additional): Subdomain-based multi-tenancy • PostgreSQL Row-Level Security • Per-tenant data isolation • Tenant self-registration • Landing page • Feature showcase • 10 color theme presets • Custom color overrides • Per-tenant logo/favicon • S3 object storage • Tenant-organized file paths • Stripe billing integration • Free/Pro subscription tiers • Central admin dashboard • Platform statistics • Tenant activation/deactivation • Per-tenant rate limiting • Feature flags (platform + tenant) • Demo tenant mode • Brute force protection • Exponential lockout • Docker containerization • Caddy wildcard SSL • DNS challenge automation

What Makes Gassigeher Special

Core Features (Both Modes)

Complete GDPR Compliance: Full anonymization on deletion with legal email confirmation
Color-Based Access: Customizable color system with admin approvals
Flexible Time Management: Configurable booking slots with holiday awareness
Multi-Provider Email: Gmail API or any SMTP server with audit trail
Controlled Registration: Shelter-provided password prevents unauthorized sign-ups
WhatsApp Integration: Easy community onboarding for new users
Dog-Specific Blocking: Block dates for individual dogs (vet visits, etc.)
Automated Lifecycle: Auto-deactivation with warnings, reactivation workflow
Health Management: Quick dog availability toggle with reasons
Comprehensive Admin Tools: 10+ admin pages with unified navigation
Zero Frontend Dependencies: Pure vanilla JavaScript, instant page loads
Standalone Deployment: Single binary with embedded frontend
Email-First Communication: 18+ HTML email types for all actions
Production-Ready: Complete deployment package with CI/CD

SaaS-Mode Advantages

True Multi-Tenancy: Serve 500+ shelters from single deployment
Database-Enforced Isolation: PostgreSQL RLS prevents cross-tenant access
Self-Service Onboarding: Shelters register and configure independently
Scalable Storage: S3 object storage organized by tenant
Subscription Billing: Stripe integration with free/pro tiers
Platform Administration: Central dashboard for managing all tenants
Customizable Branding: 10 theme presets + custom colors per tenant
Wildcard SSL: Automatic HTTPS for all subdomains via Caddy

Contributing

This is a complete application following the implementation plan. Each phase builds upon the previous one with comprehensive testing and documentation.

All 10 phases are complete. The application is ready for production deployment.

License

This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0).

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

See the agpl-3.0.txt file for the full license text.

Name		Name	Last commit message	Last commit date
Latest commit History 394 Commits
.claude		.claude
.github/workflows		.github/workflows
cmd		cmd
deploy		deploy
docs		docs
e2e-tests		e2e-tests
frontend-tests		frontend-tests
internal		internal
scripts		scripts
tests/installation		tests/installation
.dockerignore		.dockerignore
.env		.env
.env.example		.env.example
.env.example.saas		.env.example.saas
.env.secrets.example		.env.secrets.example
.gitignore		.gitignore
CLAUDE.md		CLAUDE.md
Caddyfile		Caddyfile
Dockerfile		Dockerfile
Dockerfile.caddy		Dockerfile.caddy
README.md		README.md
agpl-3.0.txt		agpl-3.0.txt
bat.bat		bat.bat
bat.sh		bat.sh
docker-compose.yml		docker-compose.yml
go.mod		go.mod
go.sum		go.sum
jest.config.js		jest.config.js
package-lock.json		package-lock.json
package.json		package.json

Folders and files

Latest commit

History

Repository files navigation