Fix tenant event form package selector so it no longer renders empty-value options, handles loading/empty
states, and pulls data from the authenticated /api/v1/tenant/packages endpoint.
(resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts)
- Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA
routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx,
resources/js/admin/router.tsx, routes/web.php)
This commit is contained in:
Codex Agent
16
.env.example
16
.env.example
@@ -87,5 +87,21 @@ OAUTH_JWT_KID=fotospiel-jwt
|
||||
OAUTH_KEY_STORE=
|
||||
OAUTH_REFRESH_ENFORCE_IP=true
|
||||
OAUTH_REFRESH_ALLOW_SUBNET=false
|
||||
OAUTH_REFRESH_MAX_ACTIVE=5
|
||||
OAUTH_REFRESH_AUDIT_RETENTION_DAYS=90
|
||||
JOIN_TOKEN_FAILURE_LIMIT=10
|
||||
JOIN_TOKEN_FAILURE_DECAY=5
|
||||
JOIN_TOKEN_ACCESS_LIMIT=120
|
||||
JOIN_TOKEN_ACCESS_DECAY=1
|
||||
JOIN_TOKEN_DOWNLOAD_LIMIT=60
|
||||
JOIN_TOKEN_DOWNLOAD_DECAY=1
|
||||
|
||||
# Security scanning
|
||||
SECURITY_AV_ENABLED=false
|
||||
SECURITY_AV_BINARY=/usr/bin/clamscan
|
||||
SECURITY_AV_ARGUMENTS=--no-summary
|
||||
SECURITY_AV_TIMEOUT=60
|
||||
SECURITY_STRIP_EXIF=true
|
||||
SECURITY_SCAN_QUEUE=media-security
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user