- Fix malformed verification links caused by config.public.domain
- Use absolute HTTPS URLs for verification links in both registration and verification emails
- Ensures verification buttons work correctly in all email clients
- Fixes the 'app://renderer/' URL prefix issue seen in email clients
- Fix logo URLs in all email templates to use absolute HTTPS URL
- Ensures MonacoUSA logo displays correctly in all email clients
- Updated all email service methods to use https://portal.monacousa.org/MONACOUSA-Flags_376x376.png
- Convert all email templates to table-based layouts for compatibility with Outlook, Gmail, Apple Mail, etc.
- Use only inline CSS and email-safe properties
- Fix welcome.hbs, verification.hbs, password-reset.hbs, dues-reminder.hbs, test.hbs templates
- Enhanced user dashboard with complete member information (Member ID, registration date, dues status, etc.)
- Added proper loading states and error handling for member data
- Improved member profile page with comprehensive information display
- Fixed missing wiring information in user and profile screens as requested
- Generate and store unique member IDs during user registration
- Update email templates to include formatted member ID and registration date
- Add member_id field mapping in NocoDB utility functions
- Enhance email service with better logging and template data handling
- Add payment date dialog when marking dues as paid with date validation
- Replace direct member view emission with dedicated ViewMemberDialog component
- Add backend support for custom payment dates in mark-dues-paid endpoint
- Prevent future date selection for payment records
- Improve user workflow for viewing and editing member details
- Add grace period logic for new members (1 month from join date)
- Enhance dues status computation with actual payment date validation
- Update member card to show grace period status with warning indicators
- Remove overdue dues banner from member list
- Add payment due date calculation in registration process
- Update email templates for improved member communication
- Enhanced update-overdue-statuses API to calculate and return specific overdue durations (years/months)
- Updated overdue-count API to provide detailed member information with overdue durations
- Enhanced DuesOverdueBanner component to display expandable list of overdue members with their specific overdue time
- Added automatic marking of members as inactive when dues are over 1 year overdue
- Improved UI to show 'Dues Overdue - X Members Affected' with detailed breakdown
- Members with overdue dues now display exact time overdue (e.g., '2 years 3 months overdue')
- Added proper TypeScript interfaces for overdue member data
- Enhanced banner shows inactive status and overdue duration for each affected member
- Create DuesOverdueBanner component for displaying overdue member counts
- Add API endpoints for overdue count retrieval and status updates
- Integrate overdue dues banner into admin and member list dashboards
- Implement handlers for viewing overdue members and updating statuses
- Add dues management section to admin dashboard
- Add BoardDuesManagement and DuesActionCard components
- Create API endpoints for dues status tracking and payment marking
- Integrate dues management section into board dashboard
- Move create portal account button to member card action buttons
- Add edit button to member view dialog
- Implement member update handlers and navigation between views
- Add MonacoUSA logo component with global header placement
- Implement member ID generation and migration system
- Create profile page and improve dashboard navigation
- Add member ID as payment reference in dues banner
- Enable support contact functionality with pre-filled email
Implement rate limiting and attempt tracking to prevent verification abuse and infinite reload loops. Add temporary blocking with clear user feedback, enhanced error states, and retry logic. Includes new verification state utilities and improved UI components for better user experience during blocked states.
- Replace server-side redirects with JSON API responses for better error handling
- Add support for partial success when Keycloak update fails but token is valid
- Improve error messages with specific status codes (410 for expired, 409 for already used)
- Extract email from API response instead of URL query parameters
- Enable client-side navigation with proper error state management
- Replace external password setup link with internal navigation
- Add comprehensive password validation utility with strength requirements
- Create dedicated password setup page and API endpoint
- Streamline user flow from email verification to password creation
```
Fix mobile Safari country dropdown with touch-optimized dialog interface
- Replace broken v-select with mobile-friendly dialog for Safari
- Add device detection to switch between desktop and mobile interfaces
- Implement full-screen country selection with search functionality
- Add touch-optimized UI with larger targets and smooth scrolling
- Update documentation with fix details and implementation notes
```
The main change is addressing a completely broken country selection dropdown on mobile Safari by implementing a mobile-specific dialog interface while maintaining the original desktop experience.
- Update domain configuration to portal subdomain with HTTPS
- Add keycloak_id field to member creation and update operations
- Add API endpoint for linking Keycloak accounts to existing members
- Update domain config to use portal.monacousa.org for verification links
- Correct membership fee from €50 to €150/year in welcome emails
- Add password setup link to verification success page
- Include registration date in welcome email template
- Add Keycloak user deletion to member removal process
- Implement Handlebars email templates for verification, password reset, and dues reminders
- Improve JWT secret configuration with multiple fallbacks
- Add getMemberById function and enhance error handling
- Update Dockerfile to include email templates in production build
- Add jwtSecret to runtime config with fallback to sessionSecret
- Enhance email error tracking in portal account creation API
- Fix jsonwebtoken imports and improve type safety
- Include detailed email error information in API responses
Handle masked sensitive fields (passwords/secrets) in reCAPTCHA and SMTP
configuration endpoints. When the frontend sends masked values (bullets),
preserve existing credentials instead of overwriting them. This prevents
accidental credential loss when updating other configuration fields.
- Check for masked placeholder values ('••••••••••••••••')
- Preserve existing secretKey/password when masked
- Add logging to track credential update actions
- Add explicit POST method to portal account creation API call
- Improve error handling with specific messages for different failure cases
- Remove SMTP verification step that was causing issues with some servers
- Make email sending non-critical to portal account creation success
- Add better response data handling for keycloak_id
- Add integration review documentation
- Simplify admin dashboard by consolidating configuration sections
- Fix mobile dropdown display issues in PhoneInputWrapper component
- Add proper flex layout and minimum height for mobile country list
- Update email configuration and testing functionality
- Remove redundant configuration cards in favor of unified portal settings
Convert getEmailService() to async function and update all callers to use await.
Replace synchronous require() with dynamic import() for admin-config module.
Add SMTP config loading to admin configuration dialog.
- Add SMTP configuration UI in admin panel with test functionality
- Implement email verification workflow with tokens and templates
- Add verification success/expired pages for user feedback
- Include nodemailer, handlebars, and JWT dependencies
- Create API endpoints for email config, testing, and verification
- Replaces group-based tiers with proper Keycloak realm roles
- `monaco-user`, `monaco-board`, `monaco-admin` roles
- Backward compatibility with existing group system
#### __2. Advanced User Management__
- Comprehensive user profile synchronization
- Membership data stored in Keycloak user attributes
- Bidirectional sync between NocoDB and Keycloak
#### __3. Session Security & Monitoring__
- Real-time session tracking and management
- Administrative session control capabilities
- Enhanced security analytics foundation
#### __4. Email Workflow System__
- Multiple email types: DUES_REMINDER, MEMBERSHIP_RENEWAL, WELCOME, VERIFICATION
- Customizable email parameters and lifespans
- Advanced email template support
#### __5. Seamless Migration Path__
- All existing functionality continues to work
- New users automatically get realm roles
- Gradual migration from groups to roles
- Zero breaking changes
### 🔧 __What You Can Do Now__
#### __For New Users:__
- Public registrations automatically assign `monaco-user` role
- Portal account creation syncs member data to Keycloak attributes
- Enhanced email verification and welcome workflows
#### __For Administrators:__
- Session management and monitoring capabilities
- Advanced user profile management with member data sync
- Comprehensive role assignment and management
- Enhanced email communication workflows
#### __For Developers:__
- Use `hasRole('monaco-admin')` for role-based checks
- Access `getAllRoles()` for debugging and analytics
- Enhanced `useAuth()` composable with backward compatibility
- Comprehensive TypeScript support throughout
### 🛡️ __Security & Reliability__
- __Backward Compatibility__: Existing users continue to work seamlessly
- __Enhanced Security__: Proper realm role-based authorization
- __Error Handling__: Comprehensive error handling and fallbacks
- __Type Safety__: Full TypeScript support throughout the system
- Add new admin-config utility for persistent configuration management
- Replace hardcoded runtime config with dynamic configuration retrieval
- Enable admin panel to save and apply NocoDB settings immediately
- Add dynamic table ID resolution with fallback to defaults
- Update configuration endpoints to use new persistence system
- Add NocoDBSettingsDialog component with API endpoints for config management
- Update dashboard navigation routes and menu structure
- Integrate external user management via auth portal
- Add NocoDB settings dialog to admin panel
- Add member CRUD operations with API endpoints
- Implement member list page with card-based layout
- Add member creation and viewing dialogs
- Support multiple nationalities with country flags
- Include phone number input with international formatting
- Integrate NocoDB as backend database
- Add comprehensive member data types and utilities
- Add Keycloak admin credentials configuration to environment variables
- Extract Keycloak admin operations into reusable utility module
- Refactor forgot-password endpoint to use new admin client utility
- Add documentation for Keycloak custom login implementation
- Add password reset fix summary documentation
This improves code organization by separating admin operations from
business logic and provides proper admin credentials for Keycloak
API operations instead of using regular client credentials.
- Add session check throttling in useAuth to prevent iOS Safari authentication loops
- Simplify admin dashboard by removing complex system metrics and stats
- Remove system-metrics utility and streamline stats API endpoint
- Update admin interface to focus on core user and role management
- Add systeminformation package for system metrics collection
- Create system-metrics utility for CPU, memory, disk monitoring
- Update admin stats API to return real system health data
- Replace mock data with live system metrics in admin dashboard
- Update @vite-pwa/nuxt to v0.10.8
- Configure @vite-pwa/nuxt module with manifest and service worker
- Add PWA install banner component to login page
- Include app icons (192x192, 512x512) and favicon assets
- Update admin dashboard layout and remove backup section
- Add PWA-related API endpoints and utility scripts
