Quick Reference
A one-page reference for the most common Hygate operations.
URLs
| Page | Path |
|---|
| Login | /login |
| Dashboard | /dashboard |
| Doors | /doors |
| Devices | /devices |
| Locations | /locations |
| Payments | /payments |
| Reports | /reports |
| Sessions | /sessions |
| Audit Logs | /audit-logs |
| Settings | /settings |
| Setup Wizard | /setup |
Role Permissions at a Glance
| Action | Admin | Operator |
|---|
| Configure integrations | Yes | No |
| Manage team | Yes | No |
| View audit logs | Yes | No |
| Add/edit/delete doors | Yes | Edit only |
| Add/edit/delete devices | Yes | Edit only |
| Add/delete locations | Yes | No |
| Rename locations | Yes | Yes |
| Force-end sessions | Yes | No |
| Change security settings | Yes | No |
Door Status Modes
| Mode | Payments | Guest Experience |
|---|
| Active | Enabled | Standard payment page |
| Passage Mode | Disabled | "Free Access" message |
| Maintenance Mode | Blocked | Maintenance message |
Device Status Modes
| Mode | Payments | Relay Control |
|---|
| Active | Enabled | Normal operation |
| Maintenance Mode | Blocked | Existing sessions continue |
Session States
| State | Relay | Timer | Guest Sees |
|---|
| ACTIVE | ON | Running | Countdown circle |
| COMPLETED | OFF | Finished | "Session Complete" |
| CANCELLED | OFF | Ended early | "Session Ended" |
Payment Statuses
| Status | Description |
|---|
| PENDING | Payment initiated, awaiting confirmation |
| SUCCEEDED | Payment complete, access granted |
| FAILED | Payment declined or error |
| REFUNDED | Admin processed refund via Stripe |
Key Time Intervals
| Process | Frequency |
|---|
| Session cleanup (cron) | Every 5 minutes |
| Session reconciliation | Every 2 minutes |
| 2FA code expiry | 5 minutes |
| 2FA attempt limit | 3 attempts |
| Session page polling | 2 seconds (active), 30 seconds (steady) |
| Password reset link expiry | 1 hour |
| Trusted device period | 30 days (configurable) |
| Credential rotation | Every 90 days |
Stripe Webhook Events
Required events for Hygate to function:
checkout.session.completedpayment_intent.succeededcharge.refunded
Test Card Numbers
| Card | Result |
|---|
4242 4242 4242 4242 | Successful payment |
4000 0000 0000 0002 | Declined |
4000 0025 0000 3155 | Requires 3D Secure |
4000 0000 0000 9995 | Insufficient funds |
Integrations
| Integration | Purpose | Key Setting |
|---|
| Stripe | Payments | Webhook URL, Secret Key |
| TTLock | Smart locks | Client ID, Client Secret |
| Shelly | IoT relays | Auth Key |
| Resend | Email 2FA | API Key, From Email |
Logging Events (Key Ones)
| Event | When It Fires |
|---|
payment_confirmed | Webhook receives successful payment |
duplicate_payment_ignored | Webhook duplicate detected |
session_activated | Device session fully started |
session_ended | Session completed normally |
session_interrupted | Session cancelled early |
shelly_on_failed | Relay ON command failed |
reconciliation | State mismatch detected |
Troubleshooting Checklist
- Dashboard → Module health indicators green?
- Audit logs → Any recent errors?
- Settings → Credentials valid?
- Stripe Dashboard → Webhook logs?
- Service status pages → All integrations healthy?
Environment Variables (Core)
| Variable | Description |
|---|
DATABASE_URL | PostgreSQL connection string |
ENCRYPTION_KEY | 32-byte key for credential encryption |
| Stripe keys | From Stripe Dashboard |
| TTLock credentials | From TTLock developer portal |
| Shelly Auth Key | From Shelly Cloud |
| Resend API Key | From Resend dashboard |