soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

further rework to the documentation

Browse Source
This commit is contained in:
Codex Agent
2025-11-20 12:31:21 +01:00
parent 6afa44d947
commit 9afcaa7836
90 changed files with 1721 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
docs/archive/prp-addendum-2025-09-08-tenant-admin-pwa.md Normal file
View File

@@ -0,0 +1,45 @@
# PRP Addendum (2025-09-08): Tenant Admin PWA
This addendum supersedes tenant-facing Filament guidance in `fotospiel_prp.md`. Super Admin remains Filament (web-only). Tenant administration now lives in a separate, store-ready PWA.
## Summary
- Separate React/Vite PWA for tenant admins.
- Distribution: Android via TWA, iOS via Capacitor; PWA install (A2HS) supported.
- API-first backend: `/api/v1/tenant/*` endpoints cover all tenant operations.
- Auth: Authorization Code + PKCE + refresh tokens; access token includes `tenant_id` and roles.
- Tenancy: global scope + policies; host-based resolution remains for guest PWA.
- Billing: Event credits MVP; subscriptions deferred.
## Architecture Changes
- Replace tenant Filament panel with PWA + API.
- Add `BelongsToTenant` trait and composite uniques including `tenant_id`.
- Introduce `apps/admin-pwa` and `packages/mobile` directories; keep `apps/super-admin` for Filament.
## Mobile Packaging
- Android (TWA): bind to `admin.<platform-domain>` with `/.well-known/assetlinks.json`.
- iOS (Capacitor): native wrapper, push notifications, secure storage.
## Offline & Sync
- Service Worker caches app shell and essentials.
- Background sync queues mutations; conflicts resolved via ETag/If-Match.
## API Surface (Tenant)
- Auth: `/api/v1/tenant-auth/login`, `/tenant-auth/exchange`, `/tenant-auth/logout`, `/tenant-auth/me`.
- Entities: events, galleries, members, uploads, settings, purchases.
- Conventions: pagination, filtering, 429 rate limits, trace IDs in errors.
## Security
- Token storage in Keychain/Keystore (mobile) and IndexedDB (web) with rotation.
- Audit logs for destructive actions and impersonation.
## Migration Notes
- Treat Filament tenant resources in PRP as deprecated examples. Use them to inform field definitions and validation only.
- Future task: convert `fotospiel_prp.md` to UTF-8 and merge this addendum into the main PRP.