- Added platform detection logic `currentPlatform()` in `PlatformType.js.kt`.
- Introduced platform-based behavior for LandingScreen, Dashboard, and Login flow.
- Replaced Row with FlowRow in PingScreen to improve button layout.
- Updated Meldestelle Dashboard with platform-specific headers and authentication checks.
- Adjusted AppHeader to accept `isAuthenticated` and `username` parameters.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Updated `keycloak/meldestelle-realm.json` to replace dynamic secrets with static values for local testing.
- Incremented service worker cache version to `v4` and added bypass rules for API requests and app bundles to prevent outdated data.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
- Enabled `directAccessGrants` for `frontend-client` in `meldestelle-realm.json` to support ROPC login flow.
- Strengthened admin credentials in realm configuration to meet password policy requirements.
- Upgraded Keycloak to `26.5.5` with updated Docker healthcheck logic:
- Replaced `curl` with bash `/dev/tcp` for compatibility with `ubi9-micro` image.
- Switched health endpoint from `/ready` to `/live` for single-node use.
- Adjusted healthcheck timings (`start_period`, `timeout`, `interval`) for smoother startup.
- Removed deprecated v1 hostname parameter `KC_HOSTNAME_STRICT_HTTPS`.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Documented the completed Keycloak hardening steps, including PKCE S256 support, CORS security improvements, strengthened password policy, and logout redirect URI configurations. Verified and updated the `meldestelle-realm.json` and roadmap to reflect these changes.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Improved `PlatformConfig` API base URL resolution with enhanced logging and fallback logic. Revised database initialization with version checks, schema migration, and error handling. Updated Keycloak configuration to enable `Direct Access Grants` and refine CORS/redirect settings. Adjusted Webpack proxy settings for correct API routing.
- Added `sqlite.worker.js` for custom SQLite Web Worker setup compatible with SQLDelight.
- Enhanced Webpack configuration in `sqlite-config.js` for SQLite-related assets and dynamic path resolution.
- Updated Koin `apiClient` setup to dynamically inject Authorization headers using the `HttpSend` plugin.
- Fixed Keycloak realm configuration to include new local URLs (`http://localhost:8080`).
- Removed redundant Web Worker copy tasks from Gradle and adjusted Kotlin code for streamlined worker creation.
Updated Dockerfiles to fix frontend path references after refactoring. Refactored `networkModule` to replace the `Auth` plugin with manual auth header injection for enhanced logout support. Adjusted Keycloak realm configuration to set default credentials as non-temporary. Improved error handling in `AuthApiClient` with detailed response messages.
Umfangreiches Refactoring der Projektkonfiguration zur klaren Trennung von Build-, Runtime- und Applikations-Logik.
Änderungen im Detail:
- Struktur: Neuorganisation des `config/` Verzeichnisses in logische Bereiche:
- `config/docker`: Reine Infrastruktur-Configs (Postgres, Redis, Nginx, Monitoring).
- `config/quality`: Statische Code-Analyse (Detekt, Lint).
- `config/app`: Gemeinsame Spring-Boot-Konfigurationen.
- Docker Compose:
- Einführung von Profilen (`infra`, `backend`, `ops`, `gui`, `tools`) für gezieltes Starten von Teilbereichen.
- Anpassung aller Volume-Pfade auf die neue Struktur.
- Spring Boot Config:
- Zentralisierung gemeinsamer Einstellungen (Datasource, Redis, JPA) in `config/app/base-application.yml`.
- Parametrisierung der Hosts für nahtlosen Wechsel zwischen Docker und Localhost.
- Bereinigung der service-spezifischen `application.yaml` Dateien (z.B. Ping-Service).
- Cleanup: Entfernen redundanter "Ghost-Files" (`versions.toml`, `central.toml`, `config/.env`), um eine echte Single Source of Truth (SSoT) zu gewährleisten.
