diff --git a/CLAUDE.md b/CLAUDE.md index 905f3b7f..06cdde68 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -24,12 +24,11 @@ Design document: `/dev-docs/design-document.md` - `composer rector` — Rector dry-run for modernisation suggestions. See `/dev-docs/RECTOR.md`. Apply only in scoped sprints, never automatically. -- ts-reset patches TypeScript's loosest default types in both SPAs. +- ts-reset patches TypeScript's loosest default types in the SPA. See `/dev-docs/FRONTEND-TOOLING.md`. New TypeScript code adheres to ts-reset's stricter types automatically. -- Vitest — `apps/portal` has 113+ tests; `apps/app` currently has - no Vitest setup (tracked as TECH-APP-VITEST, must close before - S3b lands). +- Vitest — `apps/app` has Vitest with 213 tests as of WS-3 PR-B2a. + Test count grows with each PR; check `pnpm test` for current value. ## Development tooling @@ -40,24 +39,23 @@ Design document: `/dev-docs/design-document.md` ## Repository layout - `api/` — Laravel backend -- `apps/app/` — Organizer SPA (main product app + Platform Admin for super admins) -- `apps/portal/` — External portal (volunteers, artists, suppliers, etc.) +- `apps/app/` — Single SPA covering organizers, volunteers, crew, super admins (context-routed in-app) plus the public form-fill / artist-advance flows -## Apps and portal architecture +## App architecture -- `apps/app/` — Organizer: event management per organisation. Includes **Platform Admin** section (`/platform/*`) for super_admin users (organisation management, user management, impersonation, activity log). -- `apps/portal/` — External users: one app, two access modes: - - Login-based (`auth:sanctum`): volunteers, crew — persons with `user_id` - - Token-based (`portal.token` middleware): artists, suppliers, press — persons without `user_id` +`apps/app/` — single workspace, two access modes: + +- Login-based (`auth:sanctum`): organizers, volunteers, crew, super_admin. Includes **Platform Admin** section (`/platform/*`) for super_admin users (organisation management, user management, impersonation, activity log). Context-aware routing inside the SPA distinguishes organizer vs. volunteer experience based on `useAuthStore.availableContexts` (see `dev-docs/AUTH_ARCHITECTURE.md`). +- Token-based (`portal.token` middleware): artists, suppliers, press — persons without `user_id`. Stateless per-request token via `Authorization: Bearer` header or `?token=` query parameter. ### CORS -Configure two frontend origins in both Laravel (`config/cors.php` via env) and the Vite dev server proxy: +Single frontend origin in both Laravel (`config/cors.php` via env) and the Vite dev server proxy: -- app: `localhost:5174` -- portal: `localhost:5175` +- dev: `localhost:5174` +- prod: `https://crewli.app` -**Production (`crewli.app`):** API `https://api.crewli.app`, SPAs `https://crewli.app`, `https://portal.crewli.app` — see `api/.env.example` for `FRONTEND_*` and `SANCTUM_STATEFUL_DOMAINS`. **`crewli.nl`** is only for a future marketing site; this application stack uses **`crewli.app`** (not `.nl` for API, SPAs, or transactional mail). +See `api/.env.example` for `FRONTEND_*` and `SANCTUM_STATEFUL_DOMAINS`. **`crewli.nl`** is only for a future marketing site; this application stack uses **`crewli.app`** (not `.nl` for API, SPA, or transactional mail). ## Backend rules (strict) diff --git a/Makefile b/Makefile index 587ae267..fffccbdb 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: help services services-stop api app portal docs migrate fresh db-shell test test-db-create schema-dump +.PHONY: help services services-stop api app docs migrate fresh db-shell test test-db-create schema-dump # Colors GREEN := \033[0;32m @@ -19,7 +19,6 @@ help: @echo " $(YELLOW)Development Servers:$(NC)" @echo " make api Laravel API → http://localhost:8000" @echo " make app Organizer SPA → http://localhost:5174" - @echo " make portal Portal SPA → http://localhost:5175" @echo " make docs VitePress docs → http://localhost:5176" @echo "" @echo " $(YELLOW)Database:$(NC)" @@ -58,10 +57,6 @@ app: @echo "$(GREEN)Starting Organizer SPA → http://localhost:5174$(NC)" @cd apps/app && pnpm dev -portal: - @echo "$(GREEN)Starting Portal SPA → http://localhost:5175$(NC)" - @cd apps/portal && pnpm dev - docs: @echo "$(GREEN)Starting VitePress docs → http://localhost:5176$(NC)" @cd docs && npm run docs:dev diff --git a/README.md b/README.md index 8d6c6d8b..3ffbdef6 100644 --- a/README.md +++ b/README.md @@ -21,10 +21,9 @@ Implementation is phased; the authoritative feature and schema list lives in the | App | Path | Port | Role | |-----|------|------|------| -| **Organizer** | `apps/app/` | 5174 | Main product for **org and event staff**: events, sections, shifts, people, artists, accreditation, briefings, reports. Includes **Platform Admin** section for super admins (`/platform/*`). | -| **Portal** | `apps/portal/` | 5175 | **External** users: stripped layout; login- or token-based access. | +| **SPA** | `apps/app/` | 5174 | Single-SPA product covering **organizers, volunteers, crew, super admins** (context-routed in-app), plus token-based access for artists, suppliers, press. Includes **Platform Admin** section for super admins (`/platform/*`). | -All apps talk to the API over **CORS** with **Laravel Sanctum** tokens. +The SPA talks to the API over **CORS** with **Laravel Sanctum** tokens. --- diff --git a/api/app/Http/Controllers/Api/V1/Auth/MfaVerifyController.php b/api/app/Http/Controllers/Api/V1/Auth/MfaVerifyController.php index d7d8ce54..87a0c4d1 100644 --- a/api/app/Http/Controllers/Api/V1/Auth/MfaVerifyController.php +++ b/api/app/Http/Controllers/Api/V1/Auth/MfaVerifyController.php @@ -4,12 +4,12 @@ declare(strict_types=1); namespace App\Http\Controllers\Api\V1\Auth; +use App\Enums\MfaMethod; use App\Http\Controllers\Api\V1\Traits\SetAuthCookie; use App\Http\Controllers\Controller; use App\Http\Requests\Api\V1\Auth\MfaEmailSendRequest; use App\Http\Requests\Api\V1\Auth\MfaVerifyRequest; use App\Http\Resources\Api\V1\MeResource; -use App\Enums\MfaMethod; use App\Models\User; use App\Services\MfaService; use Illuminate\Http\JsonResponse; @@ -58,19 +58,18 @@ final class MfaVerifyController extends Controller ]); $token = $user->createToken('auth-token')->plainTextToken; - $cookieName = $this->resolveCookieName($request); return $this->success([ 'user' => new MeResource($user), ], 'MFA verification successful') - ->withCookie($this->makeAuthCookie($cookieName, $token)); + ->withCookie($this->makeAuthCookie($token)); } public function sendEmailCode(MfaEmailSendRequest $request): JsonResponse { $sessionToken = $request->validated('mfa_session_token'); - $cacheKey = 'mfa_session:' . $sessionToken; + $cacheKey = 'mfa_session:'.$sessionToken; $session = Cache::get($cacheKey); if (! $session) { diff --git a/api/app/Http/Controllers/Api/V1/AuthRefreshController.php b/api/app/Http/Controllers/Api/V1/AuthRefreshController.php index 70cd6d11..65d99b40 100644 --- a/api/app/Http/Controllers/Api/V1/AuthRefreshController.php +++ b/api/app/Http/Controllers/Api/V1/AuthRefreshController.php @@ -24,7 +24,6 @@ final class AuthRefreshController extends Controller // Create a new token $newToken = $user->createToken('auth-token')->plainTextToken; - $cookieName = $this->resolveCookieName($request); $user->load(['organisations', 'roles', 'permissions']); @@ -34,6 +33,6 @@ final class AuthRefreshController extends Controller ]); return $this->success(new MeResource($user), 'Token refreshed') - ->withCookie($this->makeAuthCookie($cookieName, $newToken)); + ->withCookie($this->makeAuthCookie($newToken)); } } diff --git a/api/app/Http/Controllers/Api/V1/InvitationController.php b/api/app/Http/Controllers/Api/V1/InvitationController.php index e0eff145..13d777d1 100644 --- a/api/app/Http/Controllers/Api/V1/InvitationController.php +++ b/api/app/Http/Controllers/Api/V1/InvitationController.php @@ -18,6 +18,7 @@ use Illuminate\Support\Facades\Gate; final class InvitationController extends Controller { use SetAuthCookie; + public function __construct( private readonly InvitationService $invitationService, ) {} @@ -65,7 +66,6 @@ final class InvitationController extends Controller ); $sanctumToken = $user->createToken('auth-token')->plainTextToken; - $cookieName = $this->resolveCookieName($request); return $this->success([ 'user' => [ @@ -76,7 +76,7 @@ final class InvitationController extends Controller 'email' => $user->email, ], ], 'Uitnodiging geaccepteerd') - ->withCookie($this->makeAuthCookie($cookieName, $sanctumToken)); + ->withCookie($this->makeAuthCookie($sanctumToken)); } public function revoke(Organisation $organisation, UserInvitation $invitation): JsonResponse diff --git a/api/app/Http/Controllers/Api/V1/LoginController.php b/api/app/Http/Controllers/Api/V1/LoginController.php index c790f57b..1d31775c 100644 --- a/api/app/Http/Controllers/Api/V1/LoginController.php +++ b/api/app/Http/Controllers/Api/V1/LoginController.php @@ -65,13 +65,11 @@ final class LoginController extends Controller // Return MFA challenge — NO auth token, NO auth cookie. // Expire the auth cookie to invalidate any stale browser session. - $cookieName = $this->resolveCookieName($request); - return response()->json([ 'success' => true, 'mfa_required' => true, ...$mfaSession, - ])->withCookie($this->forgetAuthCookie($cookieName)); + ])->withCookie($this->forgetAuthCookie()); } // MFA required by policy but not yet set up — issue token with flag @@ -80,11 +78,10 @@ final class LoginController extends Controller $data = $response->getData(true); $data['mfa_setup_required'] = true; - $cookieName = $this->resolveCookieName($request); $token = $user->createToken('auth-token')->plainTextToken; return response()->json($data) - ->withCookie($this->makeAuthCookie($cookieName, $token)); + ->withCookie($this->makeAuthCookie($token)); } // No MFA — issue token as normal @@ -101,11 +98,10 @@ final class LoginController extends Controller ]); $token = $user->createToken('auth-token')->plainTextToken; - $cookieName = $this->resolveCookieName($request); return $this->success([ 'user' => new MeResource($user), ], 'Login successful') - ->withCookie($this->makeAuthCookie($cookieName, $token)); + ->withCookie($this->makeAuthCookie($token)); } } diff --git a/api/app/Http/Controllers/Api/V1/LogoutController.php b/api/app/Http/Controllers/Api/V1/LogoutController.php index 73889296..d1ff3d3e 100644 --- a/api/app/Http/Controllers/Api/V1/LogoutController.php +++ b/api/app/Http/Controllers/Api/V1/LogoutController.php @@ -17,9 +17,7 @@ final class LogoutController extends Controller { $request->user()->currentAccessToken()->delete(); - $cookieName = $this->resolveCookieName($request); - return $this->success(null, 'Logged out successfully') - ->withCookie($this->forgetAuthCookie($cookieName)); + ->withCookie($this->forgetAuthCookie()); } } diff --git a/api/app/Http/Controllers/Api/V1/Traits/SetAuthCookie.php b/api/app/Http/Controllers/Api/V1/Traits/SetAuthCookie.php index 84f86088..a575a818 100644 --- a/api/app/Http/Controllers/Api/V1/Traits/SetAuthCookie.php +++ b/api/app/Http/Controllers/Api/V1/Traits/SetAuthCookie.php @@ -4,42 +4,18 @@ declare(strict_types=1); namespace App\Http\Controllers\Api\V1\Traits; -use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Cookie; trait SetAuthCookie { - private const COOKIE_MAP = [ - 'app' => 'crewli_app_token', - 'portal' => 'crewli_portal_token', - ]; + private const COOKIE_NAME = 'crewli_app_token'; private const COOKIE_TTL_MINUTES = 60 * 24 * 7; // 7 days - protected function resolveCookieName(Request $request): string - { - $origin = $request->headers->get('Origin') - ?? $request->headers->get('Referer') - ?? ''; - - $appUrl = config('app.frontend_app_url', 'http://localhost:5174'); - $portalUrl = config('app.frontend_portal_url', 'http://localhost:5175'); - - if ($this->originMatches($origin, $appUrl)) { - return self::COOKIE_MAP['app']; - } - - if ($this->originMatches($origin, $portalUrl)) { - return self::COOKIE_MAP['portal']; - } - - return self::COOKIE_MAP['app']; - } - - protected function makeAuthCookie(string $cookieName, string $token): Cookie + protected function makeAuthCookie(string $token): Cookie { return new Cookie( - name: $cookieName, + name: self::COOKIE_NAME, value: $token, expire: now()->addMinutes(self::COOKIE_TTL_MINUTES), path: '/', @@ -50,10 +26,10 @@ trait SetAuthCookie ); } - protected function forgetAuthCookie(string $cookieName): Cookie + protected function forgetAuthCookie(): Cookie { return new Cookie( - name: $cookieName, + name: self::COOKIE_NAME, value: '', expire: now()->subMinute(), path: '/', @@ -63,19 +39,4 @@ trait SetAuthCookie sameSite: 'Strict', ); } - - private function originMatches(string $origin, string $configuredUrl): bool - { - if ($origin === '' || $configuredUrl === '') { - return false; - } - - // Parse to compare host+port, ignoring trailing slashes and paths - $originHost = parse_url($origin, PHP_URL_HOST); - $originPort = parse_url($origin, PHP_URL_PORT); - $configHost = parse_url($configuredUrl, PHP_URL_HOST); - $configPort = parse_url($configuredUrl, PHP_URL_PORT); - - return $originHost === $configHost && $originPort === $configPort; - } } diff --git a/api/app/Http/Middleware/CookieBearerToken.php b/api/app/Http/Middleware/CookieBearerToken.php index 805e2ff8..9ed50860 100644 --- a/api/app/Http/Middleware/CookieBearerToken.php +++ b/api/app/Http/Middleware/CookieBearerToken.php @@ -10,74 +10,21 @@ use Symfony\Component\HttpFoundation\Response; final class CookieBearerToken { - private const COOKIE_NAMES = [ - 'crewli_app_token', - 'crewli_portal_token', - ]; + private const COOKIE_NAME = 'crewli_app_token'; public function handle(Request $request, Closure $next): Response { - // Skip if an Authorization header is already present + // Skip if an Authorization header is already present (e.g. portal-token + // Bearer flow for artists/suppliers, or server-to-server callers). if ($request->hasHeader('Authorization')) { return $next($request); } - // Resolve the cookie name for the requesting app via Origin header. - // This prevents cross-app cookie leakage on localhost where the - // browser sends all cookies regardless of port. - $cookieName = $this->resolveCookieName($request); - - if ($cookieName) { - $token = $request->cookie($cookieName); - if ($token) { - $request->headers->set('Authorization', 'Bearer ' . $token); - } + $token = $request->cookie(self::COOKIE_NAME); + if ($token) { + $request->headers->set('Authorization', 'Bearer '.$token); } return $next($request); } - - private function resolveCookieName(Request $request): ?string - { - $origin = $request->headers->get('Origin') - ?? $request->headers->get('Referer') - ?? ''; - - if ($origin === '') { - // No Origin — fall back to first available cookie (e.g. server-to-server) - foreach (self::COOKIE_NAMES as $name) { - if ($request->cookie($name)) { - return $name; - } - } - - return null; - } - - $originHost = parse_url($origin, PHP_URL_HOST); - $originPort = parse_url($origin, PHP_URL_PORT); - - $map = [ - 'app' => [config('app.frontend_app_url', 'http://localhost:5174'), 'crewli_app_token'], - 'portal' => [config('app.frontend_portal_url', 'http://localhost:5175'), 'crewli_portal_token'], - ]; - - foreach ($map as [$configuredUrl, $cookieName]) { - $configHost = parse_url($configuredUrl, PHP_URL_HOST); - $configPort = parse_url($configuredUrl, PHP_URL_PORT); - - if ($originHost === $configHost && $originPort === $configPort) { - return $cookieName; - } - } - - // Origin didn't match any configured frontend — fall back to first available - foreach (self::COOKIE_NAMES as $name) { - if ($request->cookie($name)) { - return $name; - } - } - - return null; - } } diff --git a/api/tests/Feature/Security/HttpOnlyCookieAuthTest.php b/api/tests/Feature/Security/HttpOnlyCookieAuthTest.php index 636a0227..db2118e5 100644 --- a/api/tests/Feature/Security/HttpOnlyCookieAuthTest.php +++ b/api/tests/Feature/Security/HttpOnlyCookieAuthTest.php @@ -7,7 +7,6 @@ namespace Tests\Feature\Security; use App\Models\User; use Database\Seeders\RoleSeeder; use Illuminate\Foundation\Testing\RefreshDatabase; -use Laravel\Sanctum\Sanctum; use Tests\TestCase; final class HttpOnlyCookieAuthTest extends TestCase @@ -45,7 +44,7 @@ final class HttpOnlyCookieAuthTest extends TestCase $response = $this->postJson('/api/v1/auth/login', [ 'email' => $user->email, 'password' => 'password', - ], ['Origin' => 'http://localhost:5174']); + ]); $response->assertOk(); $response->assertCookie('crewli_app_token'); @@ -58,7 +57,7 @@ final class HttpOnlyCookieAuthTest extends TestCase $response = $this->postJson('/api/v1/auth/login', [ 'email' => $user->email, 'password' => 'password', - ], ['Origin' => 'http://localhost:5174']); + ]); $cookie = $this->findCookie($response, 'crewli_app_token'); $this->assertNotNull($cookie, 'Cookie crewli_app_token not found'); @@ -72,37 +71,41 @@ final class HttpOnlyCookieAuthTest extends TestCase $response = $this->postJson('/api/v1/auth/login', [ 'email' => $user->email, 'password' => 'password', - ], ['Origin' => 'http://localhost:5174']); + ]); $cookie = $this->findCookie($response, 'crewli_app_token'); $this->assertNotNull($cookie); $this->assertEquals('strict', strtolower($cookie->getSameSite())); } - public function test_login_sets_app_cookie_for_unknown_origin(): void + public function test_login_sets_app_cookie_regardless_of_origin(): void { - $user = User::factory()->create(); + // Post-WS-3 PR-B2b: there is no per-app cookie resolution. Whatever + // Origin (or no Origin) the request carries, the auth cookie issued + // is always crewli_app_token. The request body alone determines auth. + $cases = [ + 'no Origin header' => [], + 'app Origin' => ['Origin' => 'http://localhost:5174'], + 'unknown Origin' => ['Origin' => 'http://localhost:9999'], + 'foreign Origin' => ['Origin' => 'https://elsewhere.example.com'], + ]; - $response = $this->postJson('/api/v1/auth/login', [ - 'email' => $user->email, - 'password' => 'password', - ], ['Origin' => 'http://localhost:9999']); + foreach ($cases as $label => $headers) { + $user = User::factory()->create(); - $response->assertOk(); - $response->assertCookie('crewli_app_token'); - } + $response = $this->postJson('/api/v1/auth/login', [ + 'email' => $user->email, + 'password' => 'password', + ], $headers); - public function test_login_sets_portal_cookie_for_portal_origin(): void - { - $user = User::factory()->create(); + $response->assertOk(); - $response = $this->postJson('/api/v1/auth/login', [ - 'email' => $user->email, - 'password' => 'password', - ], ['Origin' => 'http://localhost:5175']); - - $response->assertOk(); - $response->assertCookie('crewli_portal_token'); + $cookie = $this->findCookie($response, 'crewli_app_token'); + $this->assertNotNull( + $cookie, + "crewli_app_token must be set for case: {$label}", + ); + } } // --- Middleware Tests --- @@ -142,7 +145,7 @@ final class HttpOnlyCookieAuthTest extends TestCase $token = $user->createToken('auth-token')->plainTextToken; $response = $this->withUnencryptedCookie('crewli_app_token', $token) - ->postJson('/api/v1/auth/logout', [], ['Origin' => 'http://localhost:5174']); + ->postJson('/api/v1/auth/logout'); $response->assertOk(); @@ -161,7 +164,7 @@ final class HttpOnlyCookieAuthTest extends TestCase $token = $accessToken->plainTextToken; $response = $this->withUnencryptedCookie('crewli_app_token', $token) - ->postJson('/api/v1/auth/refresh', [], ['Origin' => 'http://localhost:5174']); + ->postJson('/api/v1/auth/refresh'); $response->assertOk(); $response->assertCookie('crewli_app_token'); @@ -192,45 +195,6 @@ final class HttpOnlyCookieAuthTest extends TestCase $response->assertUnauthorized(); } - // --- Cross-App Isolation Tests --- - - public function test_app_cookie_does_not_authenticate_portal_requests(): void - { - $user = User::factory()->create(); - $token = $user->createToken('auth-token')->plainTextToken; - - // App cookie is set, but request comes from portal origin — - // middleware should only read crewli_portal_token, not crewli_app_token - $response = $this->withUnencryptedCookie('crewli_app_token', $token) - ->getJson('/api/v1/auth/me', ['Origin' => 'http://localhost:5175']); - - $response->assertUnauthorized(); - } - - public function test_portal_cookie_does_not_authenticate_app_requests(): void - { - $user = User::factory()->create(); - $token = $user->createToken('auth-token')->plainTextToken; - - $response = $this->withUnencryptedCookie('crewli_portal_token', $token) - ->getJson('/api/v1/auth/me', ['Origin' => 'http://localhost:5174']); - - $response->assertUnauthorized(); - } - - public function test_correct_cookie_authenticates_with_matching_origin(): void - { - $user = User::factory()->create(); - $token = $user->createToken('auth-token')->plainTextToken; - - // Portal cookie + portal origin = authenticated - $response = $this->withUnencryptedCookie('crewli_portal_token', $token) - ->getJson('/api/v1/auth/me', ['Origin' => 'http://localhost:5175']); - - $response->assertOk(); - $response->assertJsonPath('data.id', $user->id); - } - // --- Helper --- private function findCookie($response, string $name): ?\Symfony\Component\HttpFoundation\Cookie diff --git a/apps/app/auto-imports.d.ts b/apps/app/auto-imports.d.ts index e8747446..2d95ae79 100644 --- a/apps/app/auto-imports.d.ts +++ b/apps/app/auto-imports.d.ts @@ -139,6 +139,7 @@ declare global { const registerPlugins_: typeof import('./src/@core/utils/plugins')['registerPlugins_'] const requiredValidator: typeof import('./src/@core/utils/validators')['requiredValidator'] const resolveComponent: typeof import('vue')['resolveComponent'] + const resolvePostLoginTarget: typeof import('./src/utils/postLoginRedirect')['resolvePostLoginTarget'] const resolveRef: typeof import('@vueuse/core')['resolveRef'] const resolveUnref: typeof import('@vueuse/core')['resolveUnref'] const resolveVuetifyTheme: typeof import('./src/@core/utils/vuetify')['resolveVuetifyTheme'] @@ -519,6 +520,7 @@ declare module 'vue' { readonly registerPlugins: UnwrapRef readonly requiredValidator: UnwrapRef readonly resolveComponent: UnwrapRef + readonly resolvePostLoginTarget: UnwrapRef readonly resolveRef: UnwrapRef readonly resolveUnref: UnwrapRef readonly resolveVuetifyTheme: UnwrapRef diff --git a/apps/app/components.d.ts b/apps/app/components.d.ts index d9e515be..1b865bc5 100644 --- a/apps/app/components.d.ts +++ b/apps/app/components.d.ts @@ -36,6 +36,7 @@ declare module 'vue' { ClaimenTab: typeof import('./src/components/portal/event/ClaimenTab.vue')['default'] CompanyDialog: typeof import('./src/components/organisation/CompanyDialog.vue')['default'] ConfirmDialog: typeof import('./src/components/dialogs/ConfirmDialog.vue')['default'] + ContextSwitcher: typeof import('./src/components/shared/ContextSwitcher.vue')['default'] CreateAppDialog: typeof import('./src/components/dialogs/CreateAppDialog.vue')['default'] CreateEventDialog: typeof import('./src/components/events/CreateEventDialog.vue')['default'] CreatePersonDialog: typeof import('./src/components/persons/CreatePersonDialog.vue')['default'] diff --git a/apps/app/package.json b/apps/app/package.json index 8aab373a..f7e67855 100644 --- a/apps/app/package.json +++ b/apps/app/package.json @@ -38,6 +38,7 @@ "cookie-es": "1.2.2", "destr": "2.0.5", "eslint-plugin-regexp": "2.10.0", + "flatpickr": "^4.6.13", "jwt-decode": "4.0.0", "mapbox-gl": "3.5.2", "ofetch": "1.5.0", diff --git a/apps/app/pnpm-lock.yaml b/apps/app/pnpm-lock.yaml index d7ff1e59..64077762 100644 --- a/apps/app/pnpm-lock.yaml +++ b/apps/app/pnpm-lock.yaml @@ -75,6 +75,9 @@ importers: eslint-plugin-regexp: specifier: 2.10.0 version: 2.10.0(eslint@8.57.1) + flatpickr: + specifier: ^4.6.13 + version: 4.6.13 jwt-decode: specifier: 4.0.0 version: 4.0.0 diff --git a/apps/app/src/@core/components/app-form-elements/AppDateTimePicker.vue b/apps/app/src/@core/components/app-form-elements/AppDateTimePicker.vue index f7cddbd1..f3de917b 100644 --- a/apps/app/src/@core/components/app-form-elements/AppDateTimePicker.vue +++ b/apps/app/src/@core/components/app-form-elements/AppDateTimePicker.vue @@ -1,5 +1,6 @@