1.5 KiB
1.5 KiB
Public Entry Points
This overview lists every user-facing URL surface, grouped by persona, and notes authentication/expiry rules.
Marketing Site
/— marketing landing page./packages— package overview./checkout/{package}— checkout wizard (requires logged-in tenant or email login within flow)./blog,/contact,/impressum,/datenschutz,/agb— legal and marketing content.
Tenant Admin
/event-admin/*— protected Filament SPA (requires tenant credentials)./tenant/events/{event}/photos/archive— authenticated ZIP export for approved photos (tenant ownership enforced).
Guest PWA (event-bound)
/event— landing for new guests (code entry / QR)./e/{token}— full guest experience (home, tasks, gallery, upload) gated by join token; token expiry revokes access./g/{token}— read-only public gallery (new). Shows approved photos themed by event branding; downloads allowed while token valid and gallery duration active./setup/{token}— onboarding/profile setup for guests.
API (selected public endpoints)
/api/v1/events/{token}— event metadata for guest PWA./api/v1/events/{token}/photos— guest gallery polling (legacy PWA)./api/v1/gallery/{token}— public gallery metadata (new)./api/v1/gallery/{token}/photos— public gallery pagination (new)./api/v1/gallery/{token}/photos/{photo}/download— single photo download (new).
All other /api/v1/* routes require authenticated tenant or super-admin access as documented in docs/prp/03-api.md.