Added opaque join-token support across backend and frontend: new migration/model/service/endpoints, guest controllers now resolve tokens, and the demo seeder seeds a token. Tenant event details list/manage tokens with copy/revoke actions, and the guest PWA uses tokens end-to-end (routing, storage, uploads, achievements, etc.). Docs TODO updated to reflect completed steps.

resources/js/guest/pages/LegalPage.tsx

@@ -13,12 +13,13 @@ export default function LegalPage() {
     if (!page) {
       return;
     }
+    const slug = page;
     const controller = new AbortController();
 
     async function loadLegal() {
       try {
         setLoading(true);
-        const res = await fetch(`/api/v1/legal/${encodeURIComponent(page)}?lang=de`, {
+        const res = await fetch(`/api/v1/legal/${encodeURIComponent(slug)}?lang=de`, {
           headers: { 'Cache-Control': 'no-store' },
           signal: controller.signal,
         });
@@ -45,8 +46,10 @@ export default function LegalPage() {
     return () => controller.abort();
   }, [page]);
 
+  const fallbackTitle = page ? `Rechtliches: ${page}` : 'Rechtliche Informationen';
+
   return (
-    <Page title={title || `Rechtliches: ${page}` }>
+    <Page title={title || fallbackTitle}>
       {loading ? <p>Laedt...</p> : <LegalMarkdown markdown={body} />}
     </Page>
   );