soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
776da57ca97cc21f2f23c80098950993f84f2f98
fotospiel-app/docs/prp/11-public-gallery.md
Codex Agent a949c8d3af - Wired the checkout wizard for Google “comfort login”: added Socialite controller + dependency, new Google env 
hooks in config/services.php/.env.example, and updated wizard steps/controllers to store session payloads,
attach packages, and surface localized success/error states.
- Retooled payment handling for both Stripe and PayPal, adding richer status management in CheckoutController/
PayPalController, fallback flows in the wizard’s PaymentStep.tsx, and fresh feature tests for intent
creation, webhooks, and the wizard CTA.
- Introduced a consent-aware Matomo analytics stack: new consent context, cookie-banner UI, useAnalytics/
useCtaExperiment hooks, and MatomoTracker component, then instrumented marketing pages (Home, Packages,
Checkout) with localized copy and experiment tracking.
- Polished package presentation across marketing UIs by centralizing formatting in PresentsPackages, surfacing
localized description tables/placeholders, tuning badges/layouts, and syncing guest/marketing translations.
- Expanded docs & reference material (docs/prp/*, TODOs, public gallery overview) and added a Playwright smoke
test for the hero CTA while reconciling outstanding checklist items.
2025-10-19 11:41:03 +02:00

30 lines
1.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 11 — Public Guest Gallery
Purpose
- Provide a shareable, mobile-friendly gallery for guests who only need to view and download approved photos.
- Respect existing join-token security and automatically disable access once a packages gallery duration expires.
Access Model
- URL pattern: `https://<app-domain>/g/{joinToken}`. Tokens are the same join tokens tenants already issue; revoking or expiring a token immediately locks the gallery.
- Tokens expire when the associated event packages `gallery_expires_at` passes; guests receive an explanatory message (HTTP `410`).
- Only *approved* photos appear; pending/rejected items remain hidden.
Client Experience
- Responsive grid with lazy-loaded thumbnails (IntersectionObserver) and infinite scroll/pagination.
- Event branding colours (primary, secondary, background) are applied via CSS custom properties fetched from the API.
- Fullscreen lightbox shows creation timestamp + guest label when available and exposes a single-photo download button (streams the original asset).
API Touchpoints (see 03 — API Contract for details)
- `GET /api/v1/gallery/{token}` → event snapshot + branding.
- `GET /api/v1/gallery/{token}/photos` → cursor-based pagination of approved photos.
- `GET /api/v1/gallery/{token}/photos/{photo}/download` → single-photo download/redirect.
Tenant Admin Support
- Filament action “Download all photos” (Event resource) queues a server-side ZIP export via `GET /tenant/events/{event}/photos/archive` for authenticated tenants.
- Only approved photos are included; failed assets are skipped with logging.
Future Enhancements
- Background job + notification for large ZIP exports (current implementation streams synchronously).
- Optional passcode/PIN layered on top of join tokens for sensitive events.
- Aggregate analytics (views/downloads per photo) presented in Tenant Admin dashboards.
Reference in New Issue View Git Blame Copy Permalink