feat(auth): add password strength indicator and magic links

Password strength (zxcvbn-ts):
- PasswordStrength component with 4-segment color bar and German feedback
- Lazy-loaded with 150ms debounce to avoid SSR/bundle issues
- Integrated into RegisterPage and ChangePassword components

Magic Links (passwordless email):
- Better Auth magicLink plugin (10-minute expiry)
- sendMagicLinkEmail() in email service (German template)
- Passthrough route for /magic-link/* endpoints
- sendMagicLink() in shared-auth client
- "Login-Link per E-Mail senden" button on all 20 login pages
- All 21 auth stores have sendMagicLink() method

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

apps/calendar/apps/web/src/lib/stores/auth.svelte.ts

@@ -145,6 +145,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/calendar/apps/web/src/routes/(auth)/login/+page.svelte

@@ -60,6 +60,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/chat/apps/web/src/lib/stores/auth.svelte.ts

@@ -145,6 +145,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/chat/apps/web/src/routes/(auth)/login/+page.svelte

@@ -67,6 +67,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/citycorners/apps/web/src/lib/stores/auth.svelte.ts

@@ -127,6 +127,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/citycorners/apps/web/src/routes/(auth)/login/+page.svelte

@@ -51,6 +51,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/clock/apps/web/src/lib/stores/auth.svelte.ts

@@ -145,6 +145,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/clock/apps/web/src/routes/(auth)/login/+page.svelte

@@ -58,6 +58,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/contacts/apps/web/src/lib/stores/auth.svelte.ts

@@ -145,6 +145,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/contacts/apps/web/src/routes/(auth)/login/+page.svelte

@@ -57,6 +57,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/context/apps/web/src/lib/stores/auth.svelte.ts

@@ -128,6 +128,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/context/apps/web/src/routes/(auth)/login/+page.svelte

@@ -52,6 +52,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/manacore/apps/web/src/lib/stores/auth.svelte.ts

@@ -101,7 +101,12 @@ export const authStore = {
 		}
 	},
 
-	/**
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	/**
 	 * Check if passkeys are available in this browser
 	 */

apps/manacore/apps/web/src/routes/(auth)/login/+page.svelte

@@ -36,6 +36,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect="/dashboard"
 	registerPath="/register"

apps/manadeck/apps/web/src/lib/stores/auth.svelte.ts

@@ -111,6 +111,10 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		return authService.isPasskeyAvailable();
 	},

apps/manadeck/apps/web/src/routes/(auth)/login/+page.svelte

@@ -36,6 +36,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect="/decks"
 	registerPath="/register"

apps/mukke/apps/web/src/lib/stores/auth.svelte.ts

@@ -129,6 +129,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/mukke/apps/web/src/routes/(auth)/login/+page.svelte

@@ -54,6 +54,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/nutriphi/apps/web/src/lib/stores/auth.svelte.ts

@@ -143,6 +143,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/nutriphi/apps/web/src/routes/(auth)/login/+page.svelte

@@ -56,6 +56,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/photos/apps/web/src/lib/stores/auth.svelte.ts

@@ -131,6 +131,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/photos/apps/web/src/routes/(auth)/login/+page.svelte

@@ -47,6 +47,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/picture/apps/web/src/lib/stores/auth.svelte.ts

@@ -143,6 +143,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/picture/apps/web/src/routes/auth/login/+page.svelte

@@ -40,6 +40,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect="/app/gallery"
 	registerPath="/auth/signup"

apps/planta/apps/web/src/lib/stores/auth.svelte.ts

@@ -137,6 +137,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/planta/apps/web/src/routes/(auth)/login/+page.svelte

@@ -56,6 +56,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/playground/apps/web/src/lib/stores/auth.svelte.ts

@@ -106,6 +106,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/playground/apps/web/src/routes/(auth)/login/+page.svelte

@@ -38,6 +38,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/presi/apps/web/src/lib/stores/auth.svelte.ts

@@ -142,6 +142,12 @@ export const auth = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/presi/apps/web/src/routes/(auth)/login/+page.svelte

@@ -44,6 +44,7 @@
 	onSignInWithPasskey={() => auth.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => auth.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => auth.verifyBackupCode(code)}
+	onSendMagicLink={(email) => auth.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/questions/apps/web/src/lib/stores/auth.svelte.ts

@@ -135,6 +135,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/questions/apps/web/src/routes/(auth)/login/+page.svelte

@@ -62,6 +62,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/skilltree/apps/web/src/lib/stores/auth.svelte.ts

@@ -139,6 +139,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/skilltree/apps/web/src/routes/(auth)/login/+page.svelte

@@ -62,6 +62,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/storage/apps/web/src/lib/stores/auth.svelte.ts

@@ -141,6 +141,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/todo/apps/web/src/lib/stores/auth.svelte.ts

@@ -156,6 +156,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/todo/apps/web/src/routes/(auth)/login/+page.svelte

@@ -59,6 +59,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"

apps/zitare/apps/web/src/lib/stores/auth.svelte.ts

@@ -145,6 +145,12 @@ export const authStore = {
 		return result;
 	},
 
+	async sendMagicLink(email: string) {
+		const authService = getAuthService();
+		if (!authService) return { success: false, error: 'Auth not available on server' };
+		return authService.sendMagicLink(email);
+	},
+
 	isPasskeyAvailable(): boolean {
 		const authService = getAuthService();
 		if (!authService) return false;

apps/zitare/apps/web/src/routes/(auth)/login/+page.svelte

@@ -57,6 +57,7 @@
 	onSignInWithPasskey={() => authStore.signInWithPasskey()}
 	onVerifyTwoFactor={(code, trust) => authStore.verifyTwoFactor(code, trust)}
 	onVerifyBackupCode={(code) => authStore.verifyBackupCode(code)}
+	onSendMagicLink={(email) => authStore.sendMagicLink(email)}
 	{goto}
 	successRedirect={redirectTo}
 	registerPath="/register"