letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
b4bf9cca3f047873b116e5006995d0101b83121a
pn-new-crm/src/app/(portal)/layout.tsx
Matt b4bf9cca3f feat(branding): multi-tenant brand naming + per-port email shell + auth UI continuity 
Removes the last hardcoded "Port Nimara" references so a tenant cloning
the deploy with a fresh slug sees their own brand throughout.

Browser + native chrome:
- `generateMetadata` reads `branding_app_name` from the first port row
  so the browser tab title, apple-web-app title, and template literal
  reflect the tenant (fallback "CRM" until DB is seeded).
- Mobile topbar derives the brand-mark initials from the port slug
  ("port-nimara" → "PN", "marina-alpha" → "MA") — no code edit on clone.
- `documenso-payload` default redirect URL is `""` so Documenso falls
  back to its own post-sign page instead of routing every tenant's
  signers to portnimara.com; per-port `redirectUrl` setting still wins.
- Server-startup log uses generic "CRM server listening".

Email + auth shell:
- New `auth-shell-branding.ts` resolves logo / background / appName once
  per request from `system_settings`; used by both the email shell and
  the auth-pages SSR layout.
- `auth-branding-provider` wraps `/login`, `/reset-password`, `/set-password`,
  portal `/portal/*` so the branded shell hydrates with the same assets
  the inbox sees.
- `me/email` change email uses the branded shell instead of inline HTML
  with "Port Nimara CRM" baked into copy.
- Admin branding page adds an email-preview card (POSTs to
  `/api/v1/admin/branding/email-preview`) so an admin can spot-check
  their templates before going live.
- `/api/public/files/[id]` exposes branding-category files anonymously
  so inbox images (no session cookie) can render; any other category
  still flows through authenticated `/api/v1/files/[id]/preview`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 15:54:10 +02:00

88 lines
3.5 KiB
TypeScript
Raw Blame History

import type { Metadata } from 'next';
import { getPortalSession } from '@/lib/portal/auth';
import { getPortalDashboard } from '@/lib/services/portal.service';
import { isPortalDisabledGlobally } from '@/lib/services/portal-auth.service';
import { PortalHeader } from '@/components/portal/portal-header';
import { PortalNav } from '@/components/portal/portal-nav';
import { AuthBrandingProvider } from '@/components/shared/auth-branding-provider';
import { resolveAuthShellBranding } from '@/lib/email/auth-shell-branding';
import { getPortBrandingConfig } from '@/lib/services/port-config';
export const metadata: Metadata = {
title: {
default: 'Client Portal',
template: '%s | Client Portal',
},
};
export default async function PortalLayout({ children }: { children: React.ReactNode }) {
// Route-level kill switch. When every port has client_portal_enabled=false,
// surface a clean "Portal not available" notice instead of letting the
// login form render (it would just reject every submit with a confusing
// ConflictError). Single-port deployments effectively get a global toggle
// out of the admin System Settings UI.
if (await isPortalDisabledGlobally()) {
return (
<div className="min-h-screen bg-gray-50 flex items-center justify-center px-4">
<div className="max-w-md text-center space-y-3">
<h1 className="text-2xl font-semibold text-gray-900">Client portal unavailable</h1>
<p className="text-sm text-gray-600">
The client portal isn&apos;t currently enabled for this site. If you were expecting to
sign in here, please contact your account manager.
</p>
</div>
</div>
);
}
// This layout wraps all portal routes including login/verify
// We can't easily check pathname in a server layout, so we attempt
// to get the session and pass it down - login/verify pages handle their own
// redirect logic independently.
const session = await getPortalSession().catch(() => null);
// For authenticated routes we need client info for the header.
// If session is absent, children (login/verify pages) handle their own redirect.
let clientName = '';
let portName = 'Client Portal';
let portLogoUrl: string | null = null;
if (session) {
const dashboard = await getPortalDashboard(session.clientId, session.portId).catch(() => null);
if (dashboard) {
clientName = dashboard.client.fullName;
portName = dashboard.port.name;
portLogoUrl = dashboard.port.logoUrl;
}
}
// Branding for the auth-shell pages (login, forgot-password, reset).
// When the visitor has a session, use that port's branding so they
// stay inside one tenant's look. Otherwise pick up the first-port
// default — the same path the CRM auth pages take.
const branding = session
? await getPortBrandingConfig(session.portId)
.then((cfg) => ({
logoUrl: cfg.logoUrl,
backgroundUrl: cfg.emailBackgroundUrl,
appName: cfg.appName,
}))
.catch(() => null)
: await resolveAuthShellBranding();
return (
<AuthBrandingProvider branding={branding}>
<div className="min-h-screen bg-gray-50">
{session && (
<>
<PortalHeader portName={portName} portLogoUrl={portLogoUrl} clientName={clientName} />
<PortalNav />
</>
)}
<main className={session ? 'max-w-5xl mx-auto px-4 sm:px-6 py-8' : ''}>{children}</main>
</div>
</AuthBrandingProvider>
);
}
Reference in New Issue View Git Blame Copy Permalink