phperkaigi-2026-albatross - phperkaigi-2026-albatross

Age	Commit message (Collapse)	Author
2026-03-06	style: switch from tab to space indentation in frontend and worker/php	nsfisis
	Update biome.json indentStyle from "tab" to "space" and reformat all files in both workspaces. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-06	feat(frontend): remove standalone submissions page	nsfisis
	Submission history is now shown inline on the play screen, making the dedicated /golf/:gameId/submissions page redundant.
2026-02-28	feat(frontend): change brand color for PHPerKaigi 2026	nsfisis

2026-02-27	feat(deploy): re-enable update-submodule workflow	nsfisis

2026-02-20	feat: allow viewing/spectating games without login	Claude
	Make watch, ranking, game list, and tournament endpoints accessible without authentication. Unauthenticated users can browse games and spectate from the index page, while play/submit/preview still require login. https://claude.ai/code/session_019j9tNcnLsLz15e1qtbmeqe
2026-02-20	feat(frontend): add problem preview page for pre-game viewing	nsfisis
	Allow participants to view problem descriptions and sample code before a game starts. Dashboard shows a preview link only for games that haven't started yet. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-20	feat: add user submission history page	nsfisis
	Allow users to view their own past submissions (code, size, status, timestamp) for each game. Adds API endpoint, backend handler, SQL query, and frontend page with expandable code display. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13	feat(auth): store JWT in HTTP-only cookie instead of JS-accessible cookie	nsfisis
	Prevent XSS-based token theft by making the JWT inaccessible to JavaScript. The backend now sets/clears the cookie via Set-Cookie headers, and the frontend retrieves user info from /api/me instead of decoding the JWT directly. - Add JWTCookieMiddleware to parse cookie and inject claims into context - Add /me and /logout endpoints to OpenAPI spec and handlers - Update PostLogin to return user object + Set-Cookie header - Replace Authorization header auth with cookie-based auth throughout - Rewrite frontend auth to use /api/me instead of jwt-decode - Remove jwt-decode dependency - Configure CORS with credentials for local dev Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13	refactor(frontend): replace React Router BFF with Wouter SPA	nsfisis
	Remove React Router 7 SSR/BFF architecture (server-side loaders, actions, sessions, remix-auth) and replace with a client-side SPA using Wouter for routing and cookie-based JWT auth. - Replace reactRouter() Vite plugin with @vitejs/plugin-react - Add index.html + app/main.tsx as SPA entry points - Add Wouter routing with auth guards (ProtectedRoute/PublicOnlyRoute) - Add client-side auth (app/auth.ts) and useAuth hook - Migrate all route files to app/pages/ with client-side data fetching - Update NavigateLink and GolfPlayAppGaming to use Wouter Link - Remove .server/, routes/, root.tsx, react-router.config.ts - Clean up tsconfig.json (remove .react-router references) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>