fotospiel-app/docs/todo/event-join-token-hardening.md

Event Join Token Hardening TODO

Goal

Replace slug-based guest access with opaque, revocable join tokens and provide printable QR layouts tied to those tokens.

Phase 1 – Data & Backend

• Create event_join_tokens table (token, event_id, usage_limit/count, expires_at, revoked_at, created_by).
• Add Eloquent model + relations (Event::joinTokens()), factory, and seed helper.
• Implement service for token generation/rotation (secure RNG, audit logging).
• Expose tenant API endpoints for listing/creating/revoking tokens.
• Introduce middleware/controller updates so guest API resolves /e/{token} → event.
• Add rate limiting + logging for invalid token attempts.

Phase 2 – Guest PWA

• Update router and data loaders to use :token paths.
• Adjust storage/cache keys to use token identifiers.
• Display friendly error states for expired/invalid tokens.
• Regression-test photo upload, likes, and stats flows via token.

Phase 3 – Tenant Admin UX

• Build “QR & Invites” management UI (list tokens, usage stats, rotate/revoke).
• Hook Filament action + PWA screens to call new token endpoints.
• Generate five print-ready layouts (PDF/SVG) per token with download options.
• Deprecate slug-based QR view; link tenants to new flow.

Phase 4 – Migration & Cleanup

• Backfill tokens for existing published events and notify tenants to reprint.
• Remove slug parameters from public endpoints once traffic confirms token usage.
• Update documentation (PRP, onboarding guides, runbooks) to reflect token process.
• Add feature/integration tests covering expiry, rotation, and guest flows.

Open Questions

• Decide on default token lifetime and rotation cadence.
• Confirm whether guest tokens should embed locale or package metadata.