refactor(frontend): replace React Router BFF with Wouter SPA

Remove React Router 7 SSR/BFF architecture (server-side loaders,
actions, sessions, remix-auth) and replace with a client-side SPA
using Wouter for routing and cookie-based JWT auth.

- Replace reactRouter() Vite plugin with @vitejs/plugin-react
- Add index.html + app/main.tsx as SPA entry points
- Add Wouter routing with auth guards (ProtectedRoute/PublicOnlyRoute)
- Add client-side auth (app/auth.ts) and useAuth hook
- Migrate all route files to app/pages/ with client-side data fetching
- Update NavigateLink and GolfPlayAppGaming to use Wouter Link
- Remove .server/, routes/, root.tsx, react-router.config.ts
- Clean up tsconfig.json (remove .react-router references)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

3 files changed, 0 insertions, 190 deletions

diff --git a/frontend/app/.server/auth.ts b/frontend/app/.server/auth.ts
deleted file mode 100644
index 3e24638..0000000
--- a/frontend/app/.server/auth.ts
+++ /dev/null
@@ -1,96 +0,0 @@
-import { type JwtPayload, jwtDecode } from "jwt-decode";
-import { redirect } from "react-router";
-import { Authenticator } from "remix-auth";
-import { FormStrategy } from "remix-auth-form";
-import { apiLogin } from "../api/client";
-import { components } from "../api/schema";
-import { createUnstructuredCookie } from "./cookie";
-import { cookieOptions, sessionStorage } from "./session";
-
-const authenticator = new Authenticator<string>();
-
-authenticator.use(
-	new FormStrategy(async ({ form }) => {
-		const username = String(form.get("username"));
-		const password = String(form.get("password"));
-		return (await apiLogin(username, password)).token;
-	}),
-	"default",
-);
-
-export type User = components["schemas"]["User"];
-
-// This cookie is used to directly store the JWT for the API server.
-// Remix's createCookie() returns "structured" cookies, which cannot be reused directly by non-Remix servers.
-const tokenCookie = createUnstructuredCookie("albatross_token", cookieOptions);
-
-/**
- * @throws Error on failure
- */
-export async function login(request: Request): Promise<never> {
-	const jwt = await authenticator.authenticate("default", request);
-
-	const session = await sessionStorage.getSession(
-		request.headers.get("cookie"),
-	);
-	session.set("user", jwt);
-
-	throw redirect("/dashboard", {
-		headers: [
-			["Set-Cookie", await sessionStorage.commitSession(session)],
-			["Set-Cookie", await tokenCookie.serialize(jwt)],
-		],
-	});
-}
-
-export async function logout(request: Request): Promise<never> {
-	const session = await sessionStorage.getSession(
-		request.headers.get("cookie"),
-	);
-	throw redirect("/", {
-		headers: [
-			["Set-Cookie", await sessionStorage.destroySession(session)],
-			[
-				"Set-Cookie",
-				await tokenCookie.serialize("", { maxAge: 0, expires: new Date(0) }),
-			],
-		],
-	});
-}
-
-async function getCurrentValidSession(
-	request: Request,
-): Promise<{ user: User; token: string } | null> {
-	const session = await sessionStorage.getSession(
-		request.headers.get("cookie"),
-	);
-	const token = session.get("user");
-	if (!token) {
-		return null;
-	}
-	const user = jwtDecode<User & JwtPayload>(token);
-	const exp = user.exp;
-	if (exp != null && new Date((exp - 3600) * 1000) < new Date()) {
-		// If the token will expire in less than an hour, refresh it.
-		return null;
-	}
-	return { user, token };
-}
-
-export async function ensureUserLoggedIn(
-	request: Request,
-): Promise<{ user: User; token: string }> {
-	const session = await getCurrentValidSession(request);
-	if (!session) {
-		throw redirect("/login");
-	}
-	return session;
-}
-
-export async function ensureUserNotLoggedIn(request: Request): Promise<null> {
-	const session = await getCurrentValidSession(request);
-	if (session) {
-		throw redirect("/dashboard");
-	}
-	return null;
-}
diff --git a/frontend/app/.server/cookie.ts b/frontend/app/.server/cookie.ts
deleted file mode 100644
index c8365eb..0000000
--- a/frontend/app/.server/cookie.ts
+++ /dev/null
@@ -1,44 +0,0 @@
-import { parse as parseCookie, serialize as serializeCookie } from "cookie";
-import { Cookie, CookieOptions } from "react-router";
-
-// Remix's createCookie() returns "structured" cookies, which are cookies that hold a JSON-encoded object.
-// This is not suitable for interoperation with other systems that expect a simple string value.
-// This function creates an "unstructured" cookie, a simple plain text.
-export function createUnstructuredCookie(
-	name: string,
-	cookieOptions?: CookieOptions,
-): Cookie {
-	const { secrets = [], ...options } = {
-		path: "/",
-		sameSite: "lax" as const,
-		...cookieOptions,
-	};
-
-	return {
-		get name() {
-			return name;
-		},
-		get isSigned() {
-			return secrets.length > 0;
-		},
-		get expires() {
-			return typeof options.maxAge !== "undefined"
-				? new Date(Date.now() + options.maxAge * 1000)
-				: options.expires;
-		},
-		async parse(cookieHeader, parseOptions) {
-			if (!cookieHeader) return null;
-			const cookies = parseCookie(cookieHeader, {
-				...options,
-				...parseOptions,
-			});
-			return name in cookies ? cookies[name] : null;
-		},
-		async serialize(value, serializeOptions) {
-			return serializeCookie(name, value, {
-				...options,
-				...serializeOptions,
-			});
-		},
-	};
-}
diff --git a/frontend/app/.server/session.ts b/frontend/app/.server/session.ts
deleted file mode 100644
index 0edcc35..0000000
--- a/frontend/app/.server/session.ts
+++ /dev/null
@@ -1,50 +0,0 @@
-import { createCookieSessionStorage } from "react-router";
-
-export const cookieOptions = {
-	sameSite: "lax" as const,
-	path: "/",
-	httpOnly: true,
-	secure: process.env.NODE_ENV === "production",
-	secrets: [process.env.ALBATROSS_COOKIE_SECRET ?? "local"],
-};
-
-const innerSessionStorage = createCookieSessionStorage({
-	cookie: {
-		name: "albatross_session",
-		...cookieOptions,
-	},
-});
-type InnerSessionStorage = typeof innerSessionStorage;
-
-// This class is used to recover from invalid sessions.
-// It may occur if the session had been created before the authentication library was updated.
-class RecoverableSessionStorage {
-	innerStorage: InnerSessionStorage;
-
-	constructor(innerStorage: InnerSessionStorage) {
-		this.innerStorage = innerStorage;
-	}
-
-	// If the session is invalid, return a new session.
-	// It may occur if the session had been created before the authentication library was updated.
-	getSession(...args: Parameters<InnerSessionStorage["getSession"]>) {
-		try {
-			return this.innerStorage.getSession(...args);
-		} catch (e) {
-			void e;
-			return this.innerStorage.getSession();
-		}
-	}
-
-	commitSession(...args: Parameters<InnerSessionStorage["commitSession"]>) {
-		return this.innerStorage.commitSession(...args);
-	}
-
-	destroySession(...args: Parameters<InnerSessionStorage["destroySession"]>) {
-		return this.innerStorage.destroySession(...args);
-	}
-}
-
-export const sessionStorage = new RecoverableSessionStorage(
-	innerSessionStorage,
-);