letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
43719b49e94aec0dc992eccc929573e23040da44
pn-new-crm/src/components/shared/branded-auth-shell.tsx

71 lines
2.8 KiB
TypeScript
Raw Normal View History

feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
'use client';
import { useAuthBranding } from '@/components/shared/auth-branding-provider';
feat(portal): branded auth pages + legacy email styling + dev redirect override - New PortalAuthShell component: blurred Port Nimara overhead background + circular logo + white rounded card, used by /portal/login, /portal/activate, /portal/reset-password - New email/templates/portal-auth.ts: table-based, responsive (max-width 600px / width 100%), matching the existing legacy inquiry templates; replaces the inline templates that lived in portal-auth.service - EMAIL_REDIRECT_TO env override: when set, sendEmail routes every outbound message to that address regardless of recipient and tags the subject with "[redirected from <original>]". Dev/test safety net only; unset in production - Portal password minimum length 12 → 9 (service + both API routes + client-side form) - Dev helper script scripts/dev-trigger-portal-invite.ts: seeds a portal user against the first port-nimara client and uses EMAIL_REDIRECT_TO as the stored email so the tester can sign in with the address that received the activation mail Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 15:04:21 +02:00
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
interface BrandedAuthShellProps {
children: React.ReactNode;
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
/** Per-port branding override. When omitted, the shell picks up
* branding from the surrounding `<AuthBrandingProvider>` (mounted at
* the route-group layout). When neither is present, falls back to
* neutral defaults (no logo, plain background). */
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
branding?: {
logoUrl?: string | null;
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
backgroundUrl?: string | null;
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
appName?: string | null;
};
}
feat(platform): residential module + admin UI + reliability fixes Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
/**
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
* Branded shell shared by every auth/form surface CRM login, portal login,
* password set/reset/activate, forgot-password. Renders the background,
* the port logo, and a centered white card that consumers populate with
* their own form/content.
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
*
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
* Pages that know their portId at render time can pass `branding` as an
* explicit prop; otherwise the surrounding `<AuthBrandingProvider>` is
* the source of truth.
feat(platform): residential module + admin UI + reliability fixes Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
*/
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
export function BrandedAuthShell({ children, branding }: BrandedAuthShellProps) {
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
const ctx = useAuthBranding();
const logoUrl = branding?.logoUrl ?? ctx?.logoUrl ?? null;
const backgroundUrl = branding?.backgroundUrl ?? ctx?.backgroundUrl ?? null;
feat(uat-batch-10): copy polish, TTL trim, and a11y discrete fixes - Supplemental-info link TTL trimmed from 30 → 14 days (single constant in supplemental-forms.service). - LinkedBerthsList toggle renamed "Mark in EOI bundle" → "Include in EOI"; tooltip aria-label updated to match. - Icon-only row-action triggers on the interest / client / berth list tables gain aria-label (Row actions for <name>) so SR users hear the row context. - Table / Board view toggle on interest list gains aria-label + aria-pressed on each variant; wrapper gets role="group". - Upcoming-milestones disclosure on interest-tabs gains aria-expanded + aria-controls; recommender Hide/Add filters button matches. - BrandedAuthShell logo alt no longer defaults to "Sign in" — uses the configured `appName` when known, empty string otherwise so screen readers don't announce "Sign in" on password-reset / set-password pages. tsc clean. 1419/1419 vitest pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-21 18:01:17 +02:00
// When no port name is known, treat the logo as decorative — "Sign in"
// as alt text was being read on every auth page even when the page
// itself isn't a sign-in surface (e.g. password reset, set-password).
const appName = branding?.appName ?? ctx?.appName ?? null;
const altText = appName ?? '';
fix(analytics): stop UMAMI_NOT_CONFIGURED returning 409 — caused dev server hangs Root cause of recurring dev server hangs: /api/v1/website-analytics threw CodedError('UMAMI_NOT_CONFIGURED') which rendered as HTTP 409. React Query default-retries on 4xx (we set retry=1 globally), so every page render fired the umami queries → 409 → retry → 409. Each request queried system_settings to resolve umami credentials. Six analytics widgets on the /website-analytics page + two on the dashboard glance tile × 2 (initial + retry) = 16 system_settings queries on first paint. Combined with React Query refetching on mount, the postgres pool (max=20) saturated and the server appeared hung. Fix: return 200 with `{ data: null, notConfigured: true }` instead of 4xx. Not-configured is a steady empty state, not a transient error — no retry loop. Updated WebsiteGlanceTile (hides itself) and WebsiteAnalyticsShell (renders configure-umami CTA) to check the new notConfigured flag. Also includes from in-flight work: package.json dev script binds 0.0.0.0 so iPhone on LAN can reach the dev server, and BrandedAuthShell uses fixed/inset-0 + flex to lock the login surface to the viewport so iOS Safari doesn't rubber-band-scroll the card. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 16:10:40 +02:00
// fixed inset-0 anchors the auth surface to the viewport directly —
// iOS Safari ignores overflow-hidden on inner divs for body-level
feat(deps): Tailwind 3 → 4 + swap tailwindcss-animate for tw-animate-css Ran the official @tailwindcss/upgrade tool: - tailwind.config.ts → @theme directive in globals.css - @tailwind base/components/utilities → @import 'tailwindcss' - postcss.config switched from tailwindcss + autoprefixer to @tailwindcss/postcss (autoprefixer baked in) - focus-visible:outline-none → focus-visible:outline-hidden (the v3 utility was a footgun — outline still showed in forced-colors mode) Reverted the migration tool's over-zealous variant="outline" → variant="outline-solid" rename on CVA prop values; that rename was meant for the Tailwind `outline:` utility, not our Button/Badge component variants. Swapped tailwindcss-animate (v3-style JS plugin) for tw-animate-css (v4-native @import). Same utility surface (animate-spin, animate-in, etc.), one fewer JS plugin in the bundle. Fixed the upgrade tool's malformed dark variant (@custom-variant dark (&:is(class *)) — `class` was being parsed as a tag) to canonical &:where(.dark, .dark *). Verified: tsc 0 errors, eslint 0 errors (16 pre-existing warnings), vitest 1315/1315, next build clean. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 22:14:38 +02:00
// scrolling, so a regular `h-dvh overflow-hidden` wrapper doesn't
fix(analytics): stop UMAMI_NOT_CONFIGURED returning 409 — caused dev server hangs Root cause of recurring dev server hangs: /api/v1/website-analytics threw CodedError('UMAMI_NOT_CONFIGURED') which rendered as HTTP 409. React Query default-retries on 4xx (we set retry=1 globally), so every page render fired the umami queries → 409 → retry → 409. Each request queried system_settings to resolve umami credentials. Six analytics widgets on the /website-analytics page + two on the dashboard glance tile × 2 (initial + retry) = 16 system_settings queries on first paint. Combined with React Query refetching on mount, the postgres pool (max=20) saturated and the server appeared hung. Fix: return 200 with `{ data: null, notConfigured: true }` instead of 4xx. Not-configured is a steady empty state, not a transient error — no retry loop. Updated WebsiteGlanceTile (hides itself) and WebsiteAnalyticsShell (renders configure-umami CTA) to check the new notConfigured flag. Also includes from in-flight work: package.json dev script binds 0.0.0.0 so iPhone on LAN can reach the dev server, and BrandedAuthShell uses fixed/inset-0 + flex to lock the login surface to the viewport so iOS Safari doesn't rubber-band-scroll the card. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 16:10:40 +02:00
// stop the rubber-band bounce. Pinning to the viewport via position
// fixed does. The fixed-position shell then uses flex to center the
// card within the visible area.
feat(portal): branded auth pages + legacy email styling + dev redirect override - New PortalAuthShell component: blurred Port Nimara overhead background + circular logo + white rounded card, used by /portal/login, /portal/activate, /portal/reset-password - New email/templates/portal-auth.ts: table-based, responsive (max-width 600px / width 100%), matching the existing legacy inquiry templates; replaces the inline templates that lived in portal-auth.service - EMAIL_REDIRECT_TO env override: when set, sendEmail routes every outbound message to that address regardless of recipient and tags the subject with "[redirected from <original>]". Dev/test safety net only; unset in production - Portal password minimum length 12 → 9 (service + both API routes + client-side form) - Dev helper script scripts/dev-trigger-portal-invite.ts: seeds a portal user against the first port-nimara client and uses EMAIL_REDIRECT_TO as the stored email so the tester can sign in with the address that received the activation mail Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 15:04:21 +02:00
return (
fix(analytics): stop UMAMI_NOT_CONFIGURED returning 409 — caused dev server hangs Root cause of recurring dev server hangs: /api/v1/website-analytics threw CodedError('UMAMI_NOT_CONFIGURED') which rendered as HTTP 409. React Query default-retries on 4xx (we set retry=1 globally), so every page render fired the umami queries → 409 → retry → 409. Each request queried system_settings to resolve umami credentials. Six analytics widgets on the /website-analytics page + two on the dashboard glance tile × 2 (initial + retry) = 16 system_settings queries on first paint. Combined with React Query refetching on mount, the postgres pool (max=20) saturated and the server appeared hung. Fix: return 200 with `{ data: null, notConfigured: true }` instead of 4xx. Not-configured is a steady empty state, not a transient error — no retry loop. Updated WebsiteGlanceTile (hides itself) and WebsiteAnalyticsShell (renders configure-umami CTA) to check the new notConfigured flag. Also includes from in-flight work: package.json dev script binds 0.0.0.0 so iPhone on LAN can reach the dev server, and BrandedAuthShell uses fixed/inset-0 + flex to lock the login surface to the viewport so iOS Safari doesn't rubber-band-scroll the card. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 16:10:40 +02:00
<div className="fixed inset-0 flex items-center justify-center px-4 py-8 overscroll-none">
fix(auth/mobile): support LAN-IP access in dev + edge-to-edge auth bg - branded-auth-shell: split the background image into a separate fixed-positioned layer behind the layout. Previously the bg was on a min-h-screen container and iOS Safari left visible whitespace at the top/bottom when the URL bar showed/hid (the container's height didn't match the visual viewport). Now the bg pins to the actual visible viewport via `fixed inset-0`. min-h-[100dvh] also added so the layout layer matches. - auth client: derive baseURL from window.location.origin instead of NEXT_PUBLIC_APP_URL. Same dev build now works whether opened on localhost (Mac) or the LAN IP (iPhone on Wi-Fi). - auth server: dynamic trustedOrigins function that allows localhost / 127.x / 192.168.x / 10.x in dev (function form inspects the incoming request's Origin). Production stays locked to NEXT_PUBLIC_APP_URL. - new dev helper: scripts/dev-set-password.ts to set a user's better-auth password directly (bypasses the email-reset flow); used to bootstrap matt@letsbe.solutions for mobile testing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 16:21:59 +02:00
<div
aria-hidden
fix(analytics): stop UMAMI_NOT_CONFIGURED returning 409 — caused dev server hangs Root cause of recurring dev server hangs: /api/v1/website-analytics threw CodedError('UMAMI_NOT_CONFIGURED') which rendered as HTTP 409. React Query default-retries on 4xx (we set retry=1 globally), so every page render fired the umami queries → 409 → retry → 409. Each request queried system_settings to resolve umami credentials. Six analytics widgets on the /website-analytics page + two on the dashboard glance tile × 2 (initial + retry) = 16 system_settings queries on first paint. Combined with React Query refetching on mount, the postgres pool (max=20) saturated and the server appeared hung. Fix: return 200 with `{ data: null, notConfigured: true }` instead of 4xx. Not-configured is a steady empty state, not a transient error — no retry loop. Updated WebsiteGlanceTile (hides itself) and WebsiteAnalyticsShell (renders configure-umami CTA) to check the new notConfigured flag. Also includes from in-flight work: package.json dev script binds 0.0.0.0 so iPhone on LAN can reach the dev server, and BrandedAuthShell uses fixed/inset-0 + flex to lock the login surface to the viewport so iOS Safari doesn't rubber-band-scroll the card. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 16:10:40 +02:00
className="absolute inset-0 -z-10"
fix(auth/mobile): support LAN-IP access in dev + edge-to-edge auth bg - branded-auth-shell: split the background image into a separate fixed-positioned layer behind the layout. Previously the bg was on a min-h-screen container and iOS Safari left visible whitespace at the top/bottom when the URL bar showed/hid (the container's height didn't match the visual viewport). Now the bg pins to the actual visible viewport via `fixed inset-0`. min-h-[100dvh] also added so the layout layer matches. - auth client: derive baseURL from window.location.origin instead of NEXT_PUBLIC_APP_URL. Same dev build now works whether opened on localhost (Mac) or the LAN IP (iPhone on Wi-Fi). - auth server: dynamic trustedOrigins function that allows localhost / 127.x / 192.168.x / 10.x in dev (function form inspects the incoming request's Origin). Production stays locked to NEXT_PUBLIC_APP_URL. - new dev helper: scripts/dev-set-password.ts to set a user's better-auth password directly (bypasses the email-reset flow); used to bootstrap matt@letsbe.solutions for mobile testing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 16:21:59 +02:00
style={{
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
backgroundImage: backgroundUrl ? `url('${backgroundUrl}')` : undefined,
fix(auth/mobile): support LAN-IP access in dev + edge-to-edge auth bg - branded-auth-shell: split the background image into a separate fixed-positioned layer behind the layout. Previously the bg was on a min-h-screen container and iOS Safari left visible whitespace at the top/bottom when the URL bar showed/hid (the container's height didn't match the visual viewport). Now the bg pins to the actual visible viewport via `fixed inset-0`. min-h-[100dvh] also added so the layout layer matches. - auth client: derive baseURL from window.location.origin instead of NEXT_PUBLIC_APP_URL. Same dev build now works whether opened on localhost (Mac) or the LAN IP (iPhone on Wi-Fi). - auth server: dynamic trustedOrigins function that allows localhost / 127.x / 192.168.x / 10.x in dev (function form inspects the incoming request's Origin). Production stays locked to NEXT_PUBLIC_APP_URL. - new dev helper: scripts/dev-set-password.ts to set a user's better-auth password directly (bypasses the email-reset flow); used to bootstrap matt@letsbe.solutions for mobile testing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 16:21:59 +02:00
backgroundSize: 'cover',
backgroundPosition: 'center',
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
// Neutral slate fallback so we never leak any one port's brand
// imagery when branding hasn't been configured.
fix(auth/mobile): support LAN-IP access in dev + edge-to-edge auth bg - branded-auth-shell: split the background image into a separate fixed-positioned layer behind the layout. Previously the bg was on a min-h-screen container and iOS Safari left visible whitespace at the top/bottom when the URL bar showed/hid (the container's height didn't match the visual viewport). Now the bg pins to the actual visible viewport via `fixed inset-0`. min-h-[100dvh] also added so the layout layer matches. - auth client: derive baseURL from window.location.origin instead of NEXT_PUBLIC_APP_URL. Same dev build now works whether opened on localhost (Mac) or the LAN IP (iPhone on Wi-Fi). - auth server: dynamic trustedOrigins function that allows localhost / 127.x / 192.168.x / 10.x in dev (function form inspects the incoming request's Origin). Production stays locked to NEXT_PUBLIC_APP_URL. - new dev helper: scripts/dev-set-password.ts to set a user's better-auth password directly (bypasses the email-reset flow); used to bootstrap matt@letsbe.solutions for mobile testing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 16:21:59 +02:00
backgroundColor: '#f2f2f2',
}}
/>
feat(portal): branded auth pages + legacy email styling + dev redirect override - New PortalAuthShell component: blurred Port Nimara overhead background + circular logo + white rounded card, used by /portal/login, /portal/activate, /portal/reset-password - New email/templates/portal-auth.ts: table-based, responsive (max-width 600px / width 100%), matching the existing legacy inquiry templates; replaces the inline templates that lived in portal-auth.service - EMAIL_REDIRECT_TO env override: when set, sendEmail routes every outbound message to that address regardless of recipient and tags the subject with "[redirected from <original>]". Dev/test safety net only; unset in production - Portal password minimum length 12 → 9 (service + both API routes + client-side form) - Dev helper script scripts/dev-trigger-portal-invite.ts: seeds a portal user against the first port-nimara client and uses EMAIL_REDIRECT_TO as the stored email so the tester can sign in with the address that received the activation mail Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 15:04:21 +02:00
<div className="w-full max-w-md">
<div className="bg-white rounded-lg shadow-lg p-8">
feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity Removes the last hardcoded "Port Nimara" references so a tenant cloning the deploy with a fresh slug sees their own brand throughout. Browser + native chrome: - `generateMetadata` reads `branding_app_name` from the first port row so the browser tab title, apple-web-app title, and template literal reflect the tenant (fallback "CRM" until DB is seeded). - Mobile topbar derives the brand-mark initials from the port slug ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone. - `documenso-payload` default redirect URL is `""` so Documenso falls back to its own post-sign page instead of routing every tenant's signers to portnimara.com; per-port `redirectUrl` setting still wins. - Server-startup log uses generic "CRM server listening". Email + auth shell: - New `auth-shell-branding.ts` resolves logo / background / appName once per request from `system_settings`; used by both the email shell and the auth-pages SSR layout. - `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`, portal `/portal/*` so the branded shell hydrates with the same assets the inbox sees. - `me/email` change email uses the branded shell instead of inline HTML with "Port Nimara CRM" baked into copy. - Admin branding page adds an email-preview card (POSTs to `/api/v1/admin/branding/email-preview`) so an admin can spot-check their templates before going live. - `/api/public/files/[id]` exposes branding-category files anonymously so inbox images (no session cookie) can render; any other category still flows through authenticated `/api/v1/files/[id]/preview`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00
{logoUrl ? (
<div className="flex justify-center mb-6">
{/* eslint-disable-next-line @next/next/no-img-element */}
<img src={logoUrl} alt={altText} className="w-24 h-auto" />
</div>
) : null}
feat(portal): branded auth pages + legacy email styling + dev redirect override - New PortalAuthShell component: blurred Port Nimara overhead background + circular logo + white rounded card, used by /portal/login, /portal/activate, /portal/reset-password - New email/templates/portal-auth.ts: table-based, responsive (max-width 600px / width 100%), matching the existing legacy inquiry templates; replaces the inline templates that lived in portal-auth.service - EMAIL_REDIRECT_TO env override: when set, sendEmail routes every outbound message to that address regardless of recipient and tags the subject with "[redirected from <original>]". Dev/test safety net only; unset in production - Portal password minimum length 12 → 9 (service + both API routes + client-side form) - Dev helper script scripts/dev-trigger-portal-invite.ts: seeds a portal user against the first port-nimara client and uses EMAIL_REDIRECT_TO as the stored email so the tester can sign in with the address that received the activation mail Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 15:04:21 +02:00
{children}
</div>
</div>
</div>
);
}
Reference in New Issue Copy Permalink