bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove admin SPA and update to two-app production setup

Browse Source 
Remove apps/admin/ entirely — platform admin functionality now lives
in apps/app/ under /platform/* routes for super_admin users.

Production URL scheme changed:
- Organizer app: crewli.app (was app.crewli.app)
- Portal: portal.crewli.app (unchanged)
- API: api.crewli.app (unchanged)
- admin.crewli.app and app.crewli.app retired

Backend:
- Removed FRONTEND_ADMIN_URL config and admin cookie (crewli_admin_token)
  from SetAuthCookie, CookieBearerToken, cors.php, app.php
- Updated .env and .env.example (two origins, no port 5173)
- Updated cookie test: admin origin test → unknown origin fallback test

Infrastructure:
- Makefile: removed admin target
- deploy/nginx: updated CSP comment, removed admin vhost
- Updated README.md, CLAUDE.md, and all dev-docs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-15 08:44:10 +02:00
parent 945e22f322
commit 28727f246b
1390 changed files with 29 additions and 181476 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dev-docs/BACKLOG.md
View File

@@ -130,7 +130,7 @@ Handmatige per-persoon toewijzing is de uitzondering, niet de norm.
- Zoekbalk (CTRL+K) aansluiten op Crewli-entiteiten
(personen, events, secties zoeken)
- Notificatie bell koppelen aan COMM-01
- App switcher: Organizer / Admin / Portal wisselen
- App switcher: Organizer / Portal wisselen (admin SPA retired; platform admin in `/platform/*`)
- User avatar: gekoppeld aan ingelogde gebruiker (deels al gedaan)
**Prioriteit:** Middel — werkt zonder maar verbetert UX significant
@@ -410,7 +410,7 @@ De volgende items zijn geïmplementeerd en afgerond (673+ tests):
- ~~Cross-event section auto-redirect~~ ✅
- ~~Shift claiming in portal (5 endpoints, 26 tests, ClaimenTab + RoosterTab)~~ ✅
- ~~Cross-app auth isolation (CookieBearerToken per app, 3 isolatietests)~~ ✅
- ~~Password reset (alle 3 SPAs, custom notification, app-aware links)~~ ✅
- ~~Password reset (beide SPAs, custom notification, app-aware links)~~ ✅
- ~~Email change with verification (self-service + admin, 24h token expiry)~~ ✅
- ~~Password change while logged in~~ ✅
- ~~"Lid toevoegen als deelnemer" shortcut (2 endpoints, 11 tests)~~ ✅

2
dev-docs/start-guide.md
View File

@@ -30,7 +30,7 @@ PHP 8.2 | Sanctum | Spatie Permission | MySQL 8 | Redis | Queue Workers
>
> Laravel is uitsluitend een JSON REST API. Elke response is application/json.
>
> Vue doet ALLES met de gebruikersinterface. De drie SPA's communiceren via HTTPS met de API.
> Vue doet ALLES met de gebruikersinterface. De twee SPA's communiceren via HTTPS met de API.
| **App / Laag** | **Technology** | **Gebruik & verantwoordelijkheid** |
|----|----|----|