- Fix getBookingByToken to only accept booking_access tokens
- Add sweepExpiredRescheduleProposals with admin notifications
- Return isExpired flag instead of throwing errors for expired proposals
- Fix email template to use actual token expiry time
- Remove duplicate admin emails in acceptReschedule
- Add one-click accept/decline support via URL parameters
- Change confirmation emails from CC to BCC for admin notifications
- Change cancellation emails from CC to BCC for admin notifications
- Improve privacy: customers no longer see admin email address
- Admin still receives copies of all customer communications
- Maintain GDPR compliance and data protection
- Add confirmation modal for booking cancellations
- Implement proper error handling and success messages
- Fix live updates for booking status changes
- Add manual refetch to ensure immediate UI updates
- Auto-delete past availability slots on list access
- Add manual cleanup function for past slots
- Improve user experience with instant feedback
- Behebe Port-Konfiguration für interne RPC-Verbindungen (5173 -> 3000)
- Verbessere oRPC-Fehlerbehandlung: ursprüngliche Fehlermeldungen werden beibehalten
- Erweitere Frontend-Fehlerbehandlung für bessere oRPC-Integration
- Deaktiviere Duplikat-Prüfung in Development-Modus (NODE_ENV=development)
- Lokale Entwicklung ermöglicht mehrere Buchungen pro E-Mail-Adresse
- Produktion behält Duplikat-Schutz bei
- Changed from rpcApp.use to rpcApp.all for better route handling
- Added proper error handling with try-catch
- Return 404 for unmatched routes instead of calling next()
- Return 500 for internal server errors
- Improves RPC endpoint reliability and debugging
- Changed from 'src/client/main.tsx' to 'index.html' to match actual manifest
- Fixes production asset loading
- Resolves empty page issue in production mode
- Added NODE_ENV check before serving static files from ./dist
- Prevents 'serveStatic: root path ./dist is not found' error in development
- Keeps Docker/production configuration intact
- Development mode now works with pnpm dev without build step
- ICS-Dateianhänge in Bestätigungsmails mit Europe/Berlin Zeitzone
- Rate-Limiting: IP-basiert (5/10min) und E-Mail-basiert (3/1h)
- Mehrschichtige E-Mail-Validierung mit Rapid Email Validator API
- Disposable Email Detection (blockiert Wegwerf-Adressen)
- MX Record Verification
- Domain Verification
- Typo-Erkennung mit Vorschlägen
- Zod-Schema-Validierung für Name, E-Mail und Telefonnummer
- Dokumentation für Rate-Limiting und E-Mail-Validierung
- README mit neuen Features aktualisiert
- Backlog aktualisiert
- Implement /.well-known/security.txt endpoint for security vulnerability reporting
- Add SECURITY_CONTACT environment variable support
- Include proper HTTP headers (Content-Type, Cache-Control)
- Set automatic expiration date and preferred languages
- Add comprehensive security policy information
- Update .env.example with SECURITY_CONTACT variable
- Document security.txt endpoint in README.md with usage examples
- Follow RFC 9116 standard for responsible disclosure
- Add OpenStreetMap iframe to legal page showing business location
- Support ADDRESS_LATITUDE and ADDRESS_LONGITUDE environment variables
- Generate dynamic map URLs based on configured coordinates
- Include link to full map view
- Update legal-config.ts interface to include latitude/longitude
- Document new environment variables in README.md
- Use Kiel coordinates as default (54.3233, 10.1228)
- Alle Benutzer-E-Mails enthalten jetzt Links zu Impressum/Datenschutz
- Schöner blauer Info-Block mit 📋 Icon in HTML-E-Mails
- Text-Links in allen Text-Versionen der E-Mails
- Betroffen: Pending-Buchungen, Bestätigungen, Stornierungen
- Admin-E-Mails bleiben unverändert
- Konsistentes Design und Benutzerfreundlichkeit
- Direkte Navigation zu /legal für rechtliche Informationen
- Impressum-Tab zeigt jetzt korrekt rechtliche Informationen an
- Direkter HTTP-Endpoint /api/legal-config als Workaround für RPC-Problem
- Client-Komponente verwendet fetch() anstatt RPC-Calls
- Debug-Logs hinzugefügt für bessere Fehlerdiagnose
- Hinweis-Text über Umgebungsvariablen entfernt für saubereres Design
- Legal-Konfiguration funktioniert jetzt vollständig mit echten Daten
- Tab-Navigation zwischen Impressum und Datenschutz funktioniert
- Neues Impressum/Datenschutz-Tab mit konfigurierbaren rechtlichen Daten
- Konfigurationsdatei legal-config.ts für alle rechtlichen Informationen
- RPC-Endpoint legal.getConfig() für rechtliche Daten
- Schöne Tab-Navigation zwischen Impressum und Datenschutz
- Responsive Design mit Loading-States und Fehlerbehandlung
- Alle rechtlichen Daten über Umgebungsvariablen konfigurierbar
- FRONTEND_URL entfernt - nur noch DOMAIN wird verwendet
- Hilfsfunktion generateUrl() für konsistente URL-Generierung
- Code-Duplikation in bookings.ts eliminiert
- .env.example aktualisiert mit allen neuen Variablen
- README.md dokumentiert neue rechtliche Konfiguration
- DSGVO- und TMG-konforme Inhalte implementiert
- Neues Stornierungssystem mit sicheren Token-basierten Links
- Stornierungsfrist konfigurierbar über MIN_STORNO_TIMESPAN (24h Standard)
- Stornierungs-Seite mit Buchungsdetails und Ein-Klick-Stornierung
- Automatische Slot-Freigabe bei Stornierung
- Stornierungs-Link in Bestätigungs-E-Mails integriert
- Alle E-Mails enthalten jetzt Links zur Hauptseite (DOMAIN Variable)
- Schöne HTML-Buttons und Text-Links in allen E-Mail-Templates
- Vollständige Validierung: Vergangenheits-Check, Token-Ablauf, Stornierungsfrist
- Responsive Stornierungs-Seite mit Loading-States und Fehlerbehandlung
- Dokumentation in README.md aktualisiert
- Add production-ready Dockerfile with multi-stage build
- Add .dockerignore for optimized builds
- Add docker-compose.yml for easy deployment
- Add /health endpoint for container health checks
- Update README with comprehensive Docker documentation
- Include security best practices (non-root user, health checks)
- Support for both development and production deployments
- Create sendEmailWithInspirationPhoto() function to handle photo attachments
- Add renderAdminBookingNotificationHTML() template for admin notifications
- Extract photo extension and content from base64 data URLs
- Generate unique filenames with customer name and timestamp
- Send separate admin notification email with photo attachment
- Include comprehensive booking details in admin email
- Add visual indicators for photo availability in email template
- Support both HTML and text versions of admin notifications
- Handle cases where no photo is uploaded gracefully
- Import treatments KV to get treatment names for admin emails
Features:
- Inspiration photos automatically attached to admin notifications
- Structured admin email with all booking details
- Photo filename includes customer name and timestamp
- Fallback handling for missing photos
- German localization for admin notifications
- Visual photo availability indicators (✅/❌)
Changes:
- email.ts: Add sendEmailWithInspirationPhoto() function
- email-templates.ts: Add renderAdminBookingNotificationHTML() template
- bookings.ts: Send admin notifications with photo attachments
- Add formatDateGerman() helper function to convert yyyy-mm-dd to dd.mm.yyyy
- Update all email templates (HTML and text versions) to use European date format
- Apply formatting to booking pending, confirmed, and cancelled emails
- Ensure consistent date display across all customer communications
- Improve user experience with familiar German date format
Changes:
- email-templates.ts: Add date formatting to all HTML templates
- bookings.ts: Add date formatting to all text email versions
- Both files: Consistent European date format (dd.mm.yyyy) throughout
- Extend email system to support file attachments
- Add sendEmailWithAGB() function that automatically attaches AGB.pdf
- Implement AGB PDF caching for better performance
- Update booking confirmation email template with AGB notice
- Add visual highlight box in HTML email with AGB information
- Update email subject to indicate AGB attachment
- Include AGB reference in both HTML and text versions
- Ensure legal compliance by automatically sending terms with confirmations
Changes:
- email.ts: Add attachment support and AGB PDF integration
- email-templates.ts: Add AGB notice to confirmation emails
- bookings.ts: Use sendEmailWithAGB for confirmed bookings
- German localization for admin treatments component
- Add admin calendar component with booking overview and status management
- Implement treatment-specific availability slots with automatic duration
- Enhance availability management with better UI and error handling
- Move admin credentials to .env configuration
- Add .env.example with all required environment variables
- Update README.md with comprehensive setup guide including PowerShell password hash generation
- Improve slot deletion with proper error handling and user feedback
- Add toast notifications for better UX
- Add specific allowedHosts configuration for Tailscale domains
- Configure both Vite server and Hono dev server to accept .ts.net hosts
- Add global middleware to Hono app for host acceptance
- Allow master11.warbler-bearded.ts.net and all .ts.net subdomains
- Replace emoji icons with Stargil Nails logo in header and loading spinner
- Add favicon.png to public directory
- Copy logo to public/assets for browser access
- Update vite.config.ts to serve public directory
- Add favicon link to HTML head section
❯ pnpm dev
> quests-template-basic@0.0.0 dev C:\Users\mbusc\AppData\Roaming\Quests\workspace\projects\silver-bright-fork-23
> vite
VITE v7.1.3 ready in 780 ms
➜ Local: http://localhost:5173/
➜ Network: use --host to expose
➜ press h + enter to show help
18:15:12 [vite] (ssr) Error when evaluating SSR module ./src/server/index.ts: OPENAI_BASE_URL is not set
at eval (C:/Users/mbusc/AppData/Roaming/Quests/workspace/projects/silver-bright-fork-23/src/server/rpc/demo/ai.ts:13:9)
at async ESModulesEvaluator.runInlinedModule (file:///C:/Users/mbusc/AppData/Roaming/Quests/workspace/projects/silver-bright-fork-23/node_modules/.pnpm/vite@7.1.3_@types+node@22.1_7fc9e9804073d39b787b9384e0ee4b8c/node_modules/vite/dist/node/module-runner.js:910:3)
