soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
8e6c66f0dbe2b1218f0011afd917db3413204796
fotospiel-app/docs/prp/public-entrypoints.md
Codex Agent a949c8d3af - Wired the checkout wizard for Google “comfort login”: added Socialite controller + dependency, new Google env 
hooks in config/services.php/.env.example, and updated wizard steps/controllers to store session payloads,
attach packages, and surface localized success/error states.
- Retooled payment handling for both Stripe and PayPal, adding richer status management in CheckoutController/
PayPalController, fallback flows in the wizard’s PaymentStep.tsx, and fresh feature tests for intent
creation, webhooks, and the wizard CTA.
- Introduced a consent-aware Matomo analytics stack: new consent context, cookie-banner UI, useAnalytics/
useCtaExperiment hooks, and MatomoTracker component, then instrumented marketing pages (Home, Packages,
Checkout) with localized copy and experiment tracking.
- Polished package presentation across marketing UIs by centralizing formatting in PresentsPackages, surfacing
localized description tables/placeholders, tuning badges/layouts, and syncing guest/marketing translations.
- Expanded docs & reference material (docs/prp/*, TODOs, public gallery overview) and added a Playwright smoke
test for the hero CTA while reconciling outstanding checklist items.
2025-10-19 11:41:03 +02:00

1.5 KiB
Raw Blame History

Public Entry Points

This overview lists every user-facing URL surface, grouped by persona, and notes authentication/expiry rules.

Marketing Site

  • / — marketing landing page.
  • /packages — package overview.
  • /checkout/{package} — checkout wizard (requires logged-in tenant or email login within flow).
  • /blog, /contact, /impressum, /datenschutz, /agb — legal and marketing content.

Tenant Admin

  • /event-admin/* — protected Filament SPA (requires tenant credentials).
  • /tenant/events/{event}/photos/archive — authenticated ZIP export for approved photos (tenant ownership enforced).

Guest PWA (event-bound)

  • /event — landing for new guests (code entry / QR).
  • /e/{token} — full guest experience (home, tasks, gallery, upload) gated by join token; token expiry revokes access.
  • /g/{token} — read-only public gallery (new). Shows approved photos themed by event branding; downloads allowed while token valid and gallery duration active.
  • /setup/{token} — onboarding/profile setup for guests.

API (selected public endpoints)

  • /api/v1/events/{token} — event metadata for guest PWA.
  • /api/v1/events/{token}/photos — guest gallery polling (legacy PWA).
  • /api/v1/gallery/{token} — public gallery metadata (new).
  • /api/v1/gallery/{token}/photos — public gallery pagination (new).
  • /api/v1/gallery/{token}/photos/{photo}/download — single photo download (new).

All other /api/v1/* routes require authenticated tenant or super-admin access as documented in docs/prp/03-api.md.

Reference in New Issue View Git Blame Copy Permalink