soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
a949c8d3af5011b86e9ff07d3f7715cffe8e6013
fotospiel-app/docs/prp/11-public-gallery.md
Codex Agent a949c8d3af - Wired the checkout wizard for Google “comfort login”: added Socialite controller + dependency, new Google env 
hooks in config/services.php/.env.example, and updated wizard steps/controllers to store session payloads,
attach packages, and surface localized success/error states.
- Retooled payment handling for both Stripe and PayPal, adding richer status management in CheckoutController/
PayPalController, fallback flows in the wizard’s PaymentStep.tsx, and fresh feature tests for intent
creation, webhooks, and the wizard CTA.
- Introduced a consent-aware Matomo analytics stack: new consent context, cookie-banner UI, useAnalytics/
useCtaExperiment hooks, and MatomoTracker component, then instrumented marketing pages (Home, Packages,
Checkout) with localized copy and experiment tracking.
- Polished package presentation across marketing UIs by centralizing formatting in PresentsPackages, surfacing
localized description tables/placeholders, tuning badges/layouts, and syncing guest/marketing translations.
- Expanded docs & reference material (docs/prp/*, TODOs, public gallery overview) and added a Playwright smoke
test for the hero CTA while reconciling outstanding checklist items.
2025-10-19 11:41:03 +02:00

1.8 KiB
Raw Blame History

11 — Public Guest Gallery

Purpose

  • Provide a shareable, mobile-friendly gallery for guests who only need to view and download approved photos.
  • Respect existing join-token security and automatically disable access once a packages gallery duration expires.

Access Model

  • URL pattern: https://<app-domain>/g/{joinToken}. Tokens are the same join tokens tenants already issue; revoking or expiring a token immediately locks the gallery.
  • Tokens expire when the associated event packages gallery_expires_at passes; guests receive an explanatory message (HTTP 410).
  • Only approved photos appear; pending/rejected items remain hidden.

Client Experience

  • Responsive grid with lazy-loaded thumbnails (IntersectionObserver) and infinite scroll/pagination.
  • Event branding colours (primary, secondary, background) are applied via CSS custom properties fetched from the API.
  • Fullscreen lightbox shows creation timestamp + guest label when available and exposes a single-photo download button (streams the original asset).

API Touchpoints (see 03 — API Contract for details)

  • GET /api/v1/gallery/{token} → event snapshot + branding.
  • GET /api/v1/gallery/{token}/photos → cursor-based pagination of approved photos.
  • GET /api/v1/gallery/{token}/photos/{photo}/download → single-photo download/redirect.

Tenant Admin Support

  • Filament action “Download all photos” (Event resource) queues a server-side ZIP export via GET /tenant/events/{event}/photos/archive for authenticated tenants.
  • Only approved photos are included; failed assets are skipped with logging.

Future Enhancements

  • Background job + notification for large ZIP exports (current implementation streams synchronously).
  • Optional passcode/PIN layered on top of join tokens for sensitive events.
  • Aggregate analytics (views/downloads per photo) presented in Tenant Admin dashboards.
Reference in New Issue View Git Blame Copy Permalink