Add employee

Full name Email (optional) PIN (4–12 digits) Badge code (optional) Add

All employees

Add kiosk

Name Create

All kiosks

Flagged events

Currently locked out

Repeated failed PIN attempts

Recent failed attempts

Add yard

A yard is a circular geofence around the office. Clock-ins outside the circle are flagged.

Office Name Center latitude Center longitude Radius (meters) Create yard

Existing yards

Propose a correction

Any manager+ can propose. A different admin or owner must approve.

Employee Office Event type CLOCK_IN CLOCK_OUT Proposed time (local) Reason Submit proposal

Pending

Recently decided

Add user

Only owners can add users.

Email Password (min 12) Role Manager Admin Owner Create

New users must change their password on first login.

All users

Exports

All exports are filtered by the date range above.

Daily ledger checksums (preview)

Publish these to make tampering with past events detectable: anyone who keeps a copy can re-verify the chain later.

Database backup

The application stores all attendance data in PostgreSQL. To back up:

1. Take a logical dump with pg_dump:

   pg_dump "$DATABASE_URL" --no-owner --no-privileges \
     --file=backup-$(date +%F).sql

2. Store the dump in encrypted off-site storage (S3 SSE, GCS CMEK, etc.).
3. Schedule daily: cron / managed service / hosting provider's backup tool.
4. Quarterly: verify a restore into a staging database and run /api/admin/verify-ledger/:employeeId on a few employees to confirm the hash-chain is intact.
5. Also export the daily ledger checksums (button at left) and store them separately from the dump — that way a tampered restore can't quietly rewrite history.

The APP_SECRET / LEDGER_SECRET / BADGE_SECRET are not in the database. Back them up via your secrets manager.