# Verified Review Flow Roadmap This website now includes a static review form and an owner completion helper. That is enough to start collecting reviews by email, but it is not a true database-backed verification system yet. ## Static version included now - Public customers can submit a review from the website. - The owner completion page can create a review request link after a job is finished. - The review link includes a review code so the owner knows it came from the completion helper. - The review email goes to the owner for approval before posting. - Nothing is automatically published yet. ## True backend version later To make the verified badge fully legitimate, add a backend with these pieces: 1. Owner login 2. Appointment database 3. Appointment statuses: pending, approved, completed, canceled 4. Customer email stored with each appointment 5. Complete button in the owner dashboard 6. Automatic email sent to customer after completion 7. Unique secure review token tied to appointment ID 8. Customer review form reads token and validates it server-side 9. Owner approval queue for reviews 10. Public website only displays approved reviews 11. Verified badge only appears if the review token matches a completed appointment ## Suggested stack - Cloudflare Pages for the frontend - Cloudflare Workers for API routes - Cloudflare D1 or Supabase for database - Resend for email notifications - Optional Twilio for text messages ## Review database fields appointments: - id - customer_name - customer_email - customer_phone - package_id - vehicle - appointment_date - status - completed_at - review_token_hash reviews: - id - appointment_id - display_name - rating - review_text - photo_url - is_verified - status: pending, approved, rejected - created_at - approved_at ## Email button idea When the owner clicks **Complete Appointment** in the dashboard, the backend should: 1. Set appointment status to completed. 2. Generate a one-time review token. 3. Store only the hashed token in the database. 4. Send the customer an email with a link like: ```text https://saundersmobileglo.com/review?token=secure-random-token ``` The review form verifies the token before allowing the verified tag.