5 commits

Author	SHA1	Message	Date
Till JS	440f6507f1	fix: extract types from .svelte files for proper named re-exports ... Svelte 5 .svelte modules only expose a default export, so 'export type { X } from "./X.svelte"' fails type-check. Move shared interfaces into adjacent .ts type files. - shared-ui/navigation: SpotlightAction, ContentSearcher, ContentSearch{Result,Group} → types.ts - shared-auth-ui: PasskeyManagerTranslations, TwoFactorSetupTranslations, SessionManagerTranslations → types.ts - mana/web/page-carousel: CarouselPage → new types.ts - mana/web: bump @vitest/* to 4.1.2 (matches lockfile) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 13:53:13 +02:00
Till JS	3b7b6c9761	refactor(auth-ui): SessionManager i18n, shared userAgent util, a11y fixes ... - Add locale prop (de/en) to SessionManager with full English translations - Extract duplicated parseUserAgent/getDeviceType to utils/userAgent.ts - Fix hardcoded aria-label in SessionManager refresh button - Add prefers-reduced-motion to PasskeyManager, TwoFactorSetup, SessionExpiredBanner Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 14:14:16 +02:00
Till JS	5fa773d400	refactor(auth-ui): unify dark mode to CSS variables + .dark class pattern ... Replace hardcoded colors and inconsistent dark mode patterns across 7 auth-ui components with semantic CSS variables (--theme-*). - PasskeyManager: 24 :global(.dark) rules → CSS vars (kept semantic amber/red) - TwoFactorSetup: flip from dark-default + :global(.light) → light-default + CSS vars - ChangePassword: flip from :global(.light) → CSS vars, zero :global(.dark) rules - SecurityOnboarding: flip from :global(.light) → CSS vars - GuestWelcomeModal: convert @media prefers-color-scheme → :global(.dark) pattern - SessionManager: replace hardcoded fallbacks with CSS vars - AuditLog: replace all fallback patterns with CSS vars Net: -451 lines / +180 lines of CSS Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 14:06:25 +02:00
Till JS	7073756117	feat(auth): UX improvements for passkeys, 2FA, and password management ... 1. Passkey Conditional UI: autocomplete="username webauthn" on email field enables browser passkey suggestions in autofill dropdown 2. Trust Device checkbox: "Diesem Gerät 30 Tage vertrauen" option during 2FA verification (uses Better Auth trust_device cookie) 3. Local QR code generation: replaced external api.qrserver.com with local qrcode package for 2FA setup (no external dependency) 4. SecurityOnboarding component: post-registration wizard suggesting passkey setup to new users 5. ChangePassword component: reusable password change form with validation, visibility toggles, and changePassword() in authService Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-26 21:15:09 +01:00
Till JS	f5a9edcfb6	feat(auth): add TOTP two-factor authentication across all apps ... Uses Better Auth's built-in twoFactor plugin for TOTP + backup codes: Backend (mana-core-auth): - twoFactor plugin in better-auth.config.ts (issuer: ManaCore) - twoFactorEnabled field on users table, backupCodes as encrypted text - 2FA redirect detection in signIn flow - Passthrough controller forwards /two-factor/* to Better Auth - Security event types for 2FA operations Client (shared-auth): - enableTwoFactor, disableTwoFactor, verifyTwoFactor, verifyBackupCode, generateBackupCodes methods with session-to-token exchange UI (shared-auth-ui): - LoginPage: 2FA code input view after password login, backup code toggle - TwoFactorSetup: settings component with enable/disable/QR code/backup codes App integration: - All 19 auth stores have verifyTwoFactor() and verifyBackupCode() - All 19 login pages pass onVerifyTwoFactor and onVerifyBackupCode callbacks - ManaCore settings page has TwoFactorSetup component Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-26 19:55:09 +01:00