Fix tenant event form package selector so it no longer renders empty-value options, handles loading/empty

states, and pulls data from the authenticated /api/v1/tenant/packages endpoint. (resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts) - Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx, resources/js/admin/router.tsx, routes/web.php)
2025-10-19 23:00:47 +02:00
parent a949c8d3af
commit 6290a3a448
95 changed files with 3708 additions and 394 deletions
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -20,6 +20,8 @@ return Application::configure(basePath: dirname(__DIR__))
    )
    ->withCommands([
        \App\Console\Commands\OAuthRotateKeysCommand::class,
+        \App\Console\Commands\OAuthListKeysCommand::class,
+        \App\Console\Commands\OAuthPruneKeysCommand::class,
    ])
    ->withMiddleware(function (Middleware $middleware) {
        $middleware->alias([
@@ -37,6 +39,7 @@ return Application::configure(basePath: dirname(__DIR__))
            \App\Http\Middleware\SetLocale::class,
            SetLocaleFromUser::class,
            HandleAppearance::class,
+            \App\Http\Middleware\ContentSecurityPolicy::class,
            HandleInertiaRequests::class,
            AddLinkHeadersForPreloadedAssets::class,
        ]);