Introduce ChangePasswordRequest DTO and a new ChangePassword endpoint in AuthController that validates input, changes the user's password via UserManager, updates the security stamp, signs out the user to invalidate sessions, and returns localized messages. Add a simple authorized AppUserController stub (GET /auth/user). Update the 404 view to resolve auth status via fetchCurrentUser, show a dynamic CTA/icon (Dashboard vs Home), auto-redirect after a short delay with proper timer cleanup, and adjust navigation behavior. Update codexInfo.md to document the 404 behavior change.
Ensure brand click reliably routes to Dashboard by making navigateToBrandTarget async and fetching current user if not yet loaded (prevents misnavigation to Welcome). Update mobile account menu label to "Zum Dashboard". Change 404 page primary CTA/text to point to the Dashboard and make navigateBack fall back to Dashboard. Update codexInfo.md to document these changes and note the new codexinfo-komprimieren skill.
Introduce a global app banners store (GUI/src/stores/appBanners.ts) and switch authentication error/notification flows to use it. GUI/src/Layout.vue now consumes the banner store, replaces the single snackbar with a stacked, dismissible banner UI (styles, transitions and z-index included), and adds navigateToBrandTarget() to route the brand button based on auth state. GUI/src/routes/authentication/Login.vue was updated to push errors to the new banner store and remove the local alert. Minor route adjustments in GUI/src/plugins/routesLayout.ts: rename 'Dash' to 'Dashboard' and change Login visibility to Unauthenticated. codexInfo.md updated to document these UI/behavior changes.
Introduce a complete frontend auth flow and protected dashboard.
- Add auth session module (GUI/src/services/authSession.ts) with fetchCurrentUser, login, logout, caching and structured errors.
- Add Dashboard page (GUI/src/routes/dashboard/Dashboard.vue) and a protected Dashboard route (meta.requiresAuth) at '/'.
- Move public landing page to /welcome and mark it Visibility.Unauthenticated; update 404 and Impressum links.
- Implement router guard (GUI/src/router/index.ts) to redirect unauthenticated users to Login and prevent logged-in users from accessing guest-only pages.
- Update routes layout (GUI/src/plugins/routesLayout.ts) to include authenticated/unauthenticated visibility and dashboard entry.
- Update Layout.vue to track current user, show username/menu, conditionally render sidebar items, add logout flow and error snackbar, and insert visual divider before auth-only items.
- Convert Login.vue into a working login form with loading state, error handling and redirect after success.
- Update codexInfo.md to document the new auth features and related UI/route changes.
Update codexInfo.md to reflect backend changes: add auth endpoints (POST /auth/login, POST /auth/logout, GET /auth/me) alongside existing health check; introduce ASP.NET Identity with AppUser (Guid key, IsAdmin/IsActive/MustChangePassword/CreatedAt/UpdatedAt) and IdentityDbContext mapping; add InitIdentity migration and auto-apply on startup; add IdentitySeedService to create an initial admin if missing; remove temporary test entity/endpoints and include RemoveTestItems migration; update API project dependencies and add AppUser configuration, Auth DTOs and AuthController; document Program.cs changes for Identity registration, cookie config (hoard.auth), UseAuthentication/UseAuthorization, startup seeding and enhanced logging; preserve notes about local dev docker-compose and appsettings.custom.json behavior.
Introduce authentication API: add AuthController with login, logout and me endpoints using SignInManager/UserManager; add LoginRequest and CurrentUserResponse DTOs. Login enforces active users, updates UpdatedAt on success, and returns localized messages. Also change default seed admin password from "Hoard" to "HoardPassword".
Introduce ASP.NET Core Identity with Guid keys: add Microsoft.AspNetCore.Identity.EntityFrameworkCore and update EF packages to 10.0.6. Replace DbContext with IdentityDbContext<AppUser, IdentityRole<Guid>, Guid>, apply entity configurations and map Identity tables to custom names (Users, Roles, UserRoles, etc.).
Add AppUser model (IsAdmin, IsActive, MustChangePassword, CreatedAt, UpdatedAt) and AppUserConfiguration to enforce required properties and table name. Add IdentitySeedService to create an initial admin account if none exists and log results.
Add generated migration InitIdentity and update the DbContext model snapshot. Wire up Identity in Program.cs (identity options, cookie config, AddEntityFrameworkStores), enable structured console logging and HTTP request logging, run migrations on startup and call the seed service, and enable authentication/authorization middleware. Update codexInfo.md to document the logging and seeding changes.
Add PostgreSQL support and EF Core migrations for local development. Introduces ApplicationDbContext, adds Npgsql.EntityFrameworkCore.PostgreSQL and EF Core Design packages, and includes generated migrations (InitialPostgres and RemoveTestItems) plus updated model snapshot. Program.cs now loads an optional API/appsettings.custom.json, configures the DbContext from ConnectionStrings:Postgres and runs Database.Migrate() on startup. Adds a Dev docker-compose.yml to run postgres + pgAdmin, pins dotnet-ef in dotnet-tools.json, and adds ConnectionStrings to appsettings files. Also ignores API/appsettings.custom.json in .gitignore and updates README/codexInfo to document the new DB/dev workflow.
Add Swashbuckle.AspNetCore (v6.6.2) to API project and register Swagger services (AddEndpointsApiExplorer, AddSwaggerGen). Enable UseSwagger/UseSwaggerUI only in Development to expose /swagger for API exploration without affecting production behavior. Update codexInfo.md to document the dev-only Swagger endpoint.
Switch backend to serve the built SPA and static assets, add a minimal health endpoint, and clean up template code. Changes: added API/Controllers/HealthController.cs (GET /api/health -> 200), removed WeatherForecast controller and model, removed OpenAPI package reference and OpenAPI wiring from API.csproj/Program.cs, updated Program.cs to serve wwwroot with default files/static files and a SPA fallback that returns index.html for non-/api routes (/api/* returns 404), updated GUI/vite.config.ts to output build to API/wwwroot and clear the directory, added API/wwwroot to .gitignore, and updated codexInfo.md to document these changes. This enables the GUI build to be deployed directly into the API project and served as a single-page app.
Add comprehensive mobile-first adjustments across the UI: reorganize topbar actions and context in Layout.vue, make the navigation drawer mobile-friendly (new mobile class, bottom location, density and block-button behavior), and add many responsive CSS rules. Introduce safe-area variables and larger touch targets in global.css (44px buttons, icon sizes, nav item heights), plus additional responsive patterns in page-layouts.css and surface-patterns.css. Apply mobile breakpoints and spacing/stacking tweaks to Home, Login, Impressum and 404 pages to ensure CTAs, cards and forms behave well on <=960px and <=600px viewports. Document the responsive implementation standard in GUI/style.md and update codexInfo.md to note the mobile/usability changes. Changes are scoped to mobile breakpoints to avoid desktop regressions.
Introduce reusable global CSS modules and apply them across routes to centralize layout/surface patterns. Added GUI/src/styles/global/page-layouts.css and GUI/src/styles/global/surface-patterns.css and imported both in GUI/src/main.ts. Updated Layout.vue, Home.vue, 404NotFound.vue, Impressum.vue and authentication/Login.vue to use hoard-* utility classes (hoard-page, hoard-shell-grid, hoard-kicker, hoard-action-row, hoard-panel-gradient, etc.) and removed duplicated scoped styles. Also updated codexInfo.md to document the new CSS modules and provide usage guidance. This reduces per-page CSS duplication and standardizes gradients, spacing and page-shell behavior.
Replace placeholder Impressum with a full, design-aligned Vue page (GUI/src/routes/Impressum.vue). Added a <script setup> providing company, contact, register and legal note data (test data), a structured template (hero, details grid, notes) using Vuetify buttons/links, and comprehensive scoped CSS for layout and responsive behavior. Also updated codexInfo.md to document the new Impressum implementation and its test-data status. Intended to provide a ready-to-customize legal page for production substitution of real company data.
Remove static drawer title/text from Layout.vue and refine global styles: use a color-mix-based ::selection tied to --color-primary-300 for a subtler highlight, and suppress the duplicate inner focus outline on Vuetify inputs so the field frame remains the primary focus indicator. Also update codexInfo.md to document these CSS adjustments.
Refactor Layout.vue to implement a redesigned, responsive shell: new branding (SVG icon, title & subtitle), computed sidebar/footer routes, route-aware page title & description, improved footer visibility, and a mobile-friendly navigation drawer. Theme handling now uses a data-theme attribute, persistent storage, accessible labels and toggle controls. Added new image assets (icon.svg, icon.png, 404NotFound.png), global.css and documentation files (style.md, codexInfo.md), updated related plugins/routes/components, and removed the old logo.png. Also updated the favicon.
Add a Vuetify-powered application shell (Layout.vue) replacing the previous App.vue, including app bar, navigation drawer, theme toggle, footer and localStorage persistence for theme/drawer. Introduce a routesLayout plugin with a Visibility enum and centralized LayoutRoute definitions; add route components (Home, Impressum, Login, 404NotFound) and update the router to build routes from the new layout definitions. Register Vuetify in main.ts and add dependencies (vuetify, @fontsource/roboto, @mdi/font) in package.json; update tsconfig.app.json to include .ts files. Package-lock.json updated accordingly.
Jonas