Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/edgar2420/QrPermision/llms.txt

Use this file to discover all available pages before exploring further.

PermisosQR is a full-stack permission management system built for businesses that need to track when employees leave and return during working hours. Instead of paper logs or manual sign-outs, each exit is tied to a scannable QR code that records the exact departure time, the allowed return window, and — once the employee is back — calculates automatically whether they returned on time, how long they were away, and how many minutes over (or under) the allowed limit they ran. The result is an auditable, real-time record of every permission event with zero manual arithmetic.

How the Permission Lifecycle Works

Every permission in PermisosQR moves through four distinct stages:
  1. Generate — A super_admin or admin_operator generates one or more QR codes from the dashboard. Each code is assigned a unique ID and starts in the available state.
  2. Enable — When an employee needs to leave, a staff member scans the QR code, enters the recipient’s name, and sets the allowed time in minutes. The QR transitions to active and the exit timestamp is recorded.
  3. Return — When the employee comes back, the same QR code is scanned again. The return timestamp is captured and the code moves to expired.
  4. Score — The system instantly computes time_used_minutes, delay_minutes, and the boolean is_compliant flag (true when the employee returned within the allowed_minutes window).
This lifecycle creates a permanent, tamper-resistant record in PostgreSQL that can be filtered, exported, and reviewed at any time.

User Roles

PermisosQR ships with two built-in roles enforced at the JWT middleware level:
RoleCapabilities
super_adminFull access: manage users, generate and disable QR codes, view all reports and dashboard stats, access every API endpoint.
admin_operatorDay-to-day operations: scan QR codes to enable/return permissions, view history. Cannot manage other users or bulk-generate QR codes beyond their own allocation.

Key Features

  • Bulk QR generation — Create up to 500 QR codes in a single request, ready to print and distribute.
  • Permission enable & return with time tracking — Exit and return timestamps are recorded to the second; time_used_minutes and delay_minutes are computed automatically on return.
  • Automatic compliance scoring — Each completed permission is immediately flagged compliant or non-compliant based on whether time_used_minutes ≤ allowed_minutes.
  • Filterable history — The permission history endpoint supports date-range, employee name, compliance status, and operator filters.
  • Real-time dashboard with 30-second auto-refresh — Aggregate stats (total permissions today, compliance rate, active QR codes, top operators) update automatically without a page reload.
  • Public scan endpoints — The enable and return actions are accessible without authentication, so employees can be scanned from any mobile browser without a login screen.
  • JWT authentication with 8-hour tokens — All protected endpoints require a Bearer token signed with JWT_SECRET; tokens expire after 8 hours and must be refreshed via login.
  • PWA-capable frontend — Built with Vite + vite-plugin-pwa, the React/TypeScript frontend can be installed as a home-screen app on Android and iOS for fast mobile scanning.

Explore the Docs

Quickstart

Install PermisosQR locally in under five minutes and make your first API call.

QR Management

Generate, disable, and reactivate QR codes in bulk or individually.

Permissions

Enable exits, record returns, and understand how compliance is calculated.

API Overview

Full reference for every REST endpoint, request schema, and response shape.
System requirements: Node.js 18 or later and PostgreSQL 14 or later must be installed before running PermisosQR. The frontend requires a modern browser with camera access for QR scanning.

Build docs developers (and LLMs) love