- **Design System Hub:** Introduce `/dev` as a central hub for interactive design system showcases (components, layouts, spacing, etc.). Includes live demos, highlights, and documentation links.
- **Forms Demo:** Add `/dev/forms` for reactive forms with `react-hook-form` and `Zod`. Demonstrate validation patterns, error handling, loading states, and accessibility best practices.
- **Features:** Showcase reusable `Example`, `ExampleSection`, and `BeforeAfter` components for better UI demonstration and code previews.
- **Component Creation Guide:** Document best practices for creating reusable, accessible components using CVA patterns. Includes guidance on when to compose vs create, decision trees, templates, prop design, testing checklists, and real-world examples.
- **Design System README:** Introduce an organized structure for the design system documentation with quick navigation, learning paths, and reference links to key topics. Includes paths for quick starts, layouts, components, forms, and AI setup.
- **Authenticated Navigation:** Test header, footer, settings navigation, user menu interactions, and settings tabs for authenticated users. Validate logout and active tab highlighting.
- **Theme Toggle:** Add tests for theme persistence and switching on both public and private pages. Verify localStorage integration and DOM updates across scenarios.
- **ThemeToggle:** Introduce comprehensive tests to validate button functionality, dropdown options, and active theme indicators.
- **ThemeProvider:** Add tests for theme management, localStorage persistence, system preferences, and DOM updates.
- **Header & Footer:** Verify header rendering, user menu functionality, and footer content consistency.
- **AuthInitializer:** Ensure authentication state is correctly loaded from storage on mount.
- Introduce `ComponentShowcase` to display all design system components (buttons, cards, alerts, etc.) for development and testing purposes.
- Create a dedicated `/dev/components` route for accessing the showcase.
- Ensure reuse of existing `shadcn/ui` components with appropriate styling.
- Update `PasswordResetConfirmForm` to use `bg-muted` for the password strength indicator background.
- Refactor `text-*` and `bg-*` classes to use semantic color tokens such as `foreground`, `muted-foreground`, `card`, and `accent`.
- Adjust `Header`, `Footer`, and settings pages to align with the OKLCH-based design system.
- Ensure visual consistency and accessibility for both light and dark themes.
- **Header:** Integrate `ThemeToggle` component into the user menu area.
- **Theme Provider:** Introduce `ThemeProvider` context for managing and persisting theme preferences.
- **New Components:** Add `ThemeToggle` for switching themes and `ThemeProvider` to handle state and system preferences.
- Ensure responsive updates and localStorage persistence for user-selected themes.
- Introduce FastNext Design System based on `shadcn/ui` and `Tailwind CSS 4`.
- Detail semantic color tokens using the OKLCH color space for better accessibility.
- Define typography, spacing, shadows, and border radius standards.
- Provide component usage guidelines for consistent and accessible design.
- Outline responsive design, performance, and accessibility best practices.
- Add dark mode implementation strategy and tooling references.
- Include a version history for change tracking and future updates.
- **Tailwind Config:** Clear custom config path and update base color to `zinc`.
- **Design System:** Replace existing CSS with OKLCH color model for improved accessibility and uniformity.
- **Typography & Themes:** Use Geist fonts, define light/dark themes with enhanced semantic variables.
- **Global Styles:** Add consistent border colors, smooth transitions, and reusable variables for Tailwind integration.
Introduce tabbed navigation for the settings page, including Profile, Password, Sessions, and Preferences sections. Add placeholders for each section with metadata and routes. Redirect `/settings` to `/settings/profile`. Integrate `AuthGuard` for settings and authenticated layouts while incorporating reusable `Header` and `Footer` components.
Updated the `Token` schema to include `user` data and `expires_in` field. Adjusted backend `auth_service.py` to populate these fields while generating tokens. Replaced `getCurrentUserInfo` with `getCurrentUserProfile` in the frontend and disabled ESLint for generated files to suppress warnings.
- Replaced `waitForTimeout` with `Promise.all` for navigation events to improve reliability.
- Updated URL assertions to support regex patterns for handling query parameters.
- Adjusted worker count in `playwright.config.ts` for improved performance in local environments.
- Increased `waitForTimeout` to 1500ms in registration and password reset tests to account for slower rendering in Firefox.
- Simplified password reset validation error checks by relying on URL assertions instead of specific locators.
- Improved test reliability and cross-browser compatibility across authentication flows.
- Improved validation checks with element ID and class-specific locators for better accuracy and resilience.
- Removed outdated form behaviors (e.g., "Remember me" and test-only shortcuts) for updated flows.
- Refactored test cases to reflect backend changes, and standardized password validation and error messages.
- Updated selector usage to leverage `getByRole` for improved accessibility testing.
- Reorganized and optimized test timeouts and interactivity delays for faster execution.
- Added comprehensive Playwright tests for login, registration, password reset, and authentication guard flows to ensure UI and functional correctness.
- Introduced configuration file `playwright.config.ts` with support for multiple browsers and enhanced debugging settings.
- Verified validation errors, success paths, input state changes, and navigation behavior across authentication components.
- Extracted password reset logic into `PasswordResetConfirmContent` wrapped in `Suspense` for cleaner and more modular component structure.
- Updated ESLint config to ignore generated files and added rules for stricter code quality (`eslint-comments`, `@typescript-eslint` adjustments).
- Automated insertion of `eslint-disable` in auto-generated TypeScript files through `generate-api-client.sh`.
- Replaced unsafe `any` type casts with safer `Record<string, unknown>` type assertions for TypeScript compliance.
- Added `lint:tests` script for pre-commit test coverage checks.
- Improved `useAuth` hooks and related type guards for better runtime safety and maintainability.
- Introduced comprehensive tests for `RegisterForm`, `PasswordResetRequestForm`, and `PasswordResetConfirmForm` covering successful submissions, validation errors, and API error handling.
- Refactored forms to handle unexpected errors gracefully and improve test coverage for edge cases.
- Updated `crypto` and `storage` modules with robust error handling for storage issues and encryption key management.
- Removed unused `axios-mock-adapter` dependency for cleaner dependency management.
- Migrated `useAuth` hooks to use functions from auto-generated API client for improved maintainability and OpenAPI compliance.
- Replaced manual API calls with SDK functions (`login`, `register`, `logout`, etc.) and added error type guards for runtime safety (`isTokenWithUser`, `isSuccessResponse`).
- Enhanced hooks with better error logging, optional success callbacks, and stricter type annotations.
- Refactored `Logout` and `LogoutAll` mutations to handle missing tokens gracefully and clear local state on server failure.
- Added tests for API type guards and updated functionality of hooks to validate proper behaviors.
- Removed legacy `client-config.ts` to align with new API client utilization.
- Improved inline documentation for hooks with detailed descriptions and usage guidance.
- Deleted `authStore` in favor of updated state management and authentication handling.
- Updated `IMPLEMENTATION_PLAN.md` with revised checklist and Phase 2 completion details.
- Implemented comprehensive tests for `useAuth` hooks (`useIsAuthenticated`, `useCurrentUser`, and `useIsAdmin`) with mock states and coverage for edge cases.
- Added tests for `AuthGuard` to validate route protection, admin access control, loading states, and use of fallback components.
- Updated `.gitignore` to exclude `coverage.json`.
- Introduced `isAPIErrorArray` type guard to improve error handling in authentication forms, replacing type assertions for better runtime safety.
- Refactored error handling logic across `RegisterForm`, `LoginForm`, `PasswordResetRequestForm`, and `PasswordResetConfirmForm` for unexpected error fallbacks.
- Updated `next.config.ts` and `.eslintrc.json` to exclude generated API client files from linting and align configuration with latest project structure.
- Added comprehensive documentation on Phase 2 completion in `IMPLEMENTATION_PLAN.md`.
- Added `useEffect` for proper timeout cleanup in `PasswordResetConfirmForm` to prevent memory leaks during unmount.
- Enhanced form accessibility by adding `aria-required` attributes to all required fields for better screen reader compatibility.
- Updated `IMPLEMENTATION_PLAN.md` to reflect completion of Password Reset Flow and associated quality metrics.
- Implemented `PasswordResetRequestForm` and `PasswordResetConfirmForm` components with email and password validation, strength indicators, and error handling.
- Added dedicated pages for requesting and confirming password resets, integrated with React Query hooks and Next.js API routes.
- Included tests for validation rules, UI states, and token handling to ensure proper functionality and coverage.
- Updated ESLint and configuration files for new components and pages.
- Enhanced `IMPLEMENTATION_PLAN.md` with updated task details and documentation for password reset workflows.
- Integrated OpenAPI-generated TypeScript SDK (`sdk.gen.ts`, `types.gen.ts`, `client.gen.ts`) for API interactions.
- Refactored `authStore` tests to include storage mock reset logic with default implementations.
- Deleted legacy `config` module and replaced its usage with the new runtime-validated `app.config`.
- Removed old custom Axios `apiClient` with outdated token refresh logic.
- Cleaned up redundant crypto-related mocks in storage tests and replaced them with real encryption/decryption during testing.
- Updated Jest coverage exclusions to reflect the new file structure and generated client usage.
- Introduced Web Crypto API polyfills (`@peculiar/webcrypto`) for Node.js to enable SSR-safe cryptography utilities.
- Added Jest setup file for global mocks (e.g., `localStorage`, `sessionStorage`, and `TextEncoder/Decoder`).
- Enhanced token validation behavior in `storage` tests to reject incomplete tokens.
- Replaced runtime configuration validation with clamping using `parseIntSafe` constraints for improved reliability.
- Updated `package.json` and `package-lock.json` to include new dependencies (`@peculiar/webcrypto` and related libraries).
- Removed outdated `crypto` tests; added dedicated and structured tests for `authStore`, `storage`, and `app.config`.
- Enhanced test coverage for user and token validation, secure persistence, state management, and configuration parsing.
- Consolidated encryption and storage error handling with thorough validation to ensure SSR-safety and resilience.
- Improved runtime validations for tokens and configuration with stricter type checks and fallback mechanisms.
- Added robust validation for `user` object fields to ensure non-empty strings.
- Improved `calculateExpiry` with value range checks and warnings for invalid `expiresIn`.
- Incorporated try-catch in `initializeAuth` to log errors and prevent app crashes during auth initialization.
- Introduced SSR guards for browser APIs in `crypto` and `storage` modules.
- Enhanced resilience with improved error handling for encryption key management, token storage, and retrieval.
- Added validation for token structure and fallback mechanisms for corrupted data.
- Refactored localStorage handling with explicit availability checks for improved robustness.
- Centralized and refactored configuration management (`config`) with runtime validation for environment variables.
- Introduced utilities for secure token storage, including AES-GCM encryption and fallback handling.
- Enhanced `authStore` state management with token validation, secure persistence, and initialization from storage.
- Modularized authentication utilities and updated export structure for better maintainability.
- Improved error handling, input validation, and added detailed comments for enhanced clarity.
- Created `generate-api-client.sh` for OpenAPI-based TypeScript client generation.
- Added `src/lib/api` with Axios-based API client, error handling utilities, and placeholder for generated types.
- Implemented Zustand-based `authStore` for user authentication and token management.
- Integrated reusable UI components (e.g., `Dialog`, `Select`, `Textarea`, `Sheet`, `Separator`, `Checkbox`) using Radix UI and utility functions.
- Established groundwork for client-server integration, state management, and modular UI development.
- Upgraded project dependencies and development tools.
- Added various libraries including `@hookform/resolvers`, `@radix-ui/react-*`, `axios`, `react-hook-form`, and others.
- Enhanced dev dependencies with testing libraries like `@testing-library/*`, `jest`, and configurations for API codegen.
- Created `frontend-requirements.md` outlining detailed specifications for a production-ready Next.js + FastAPI template.
- Documented technology stack, architecture, state management, authentication flows, API integration, UI components, and developer guidelines.
- Provided a complete directory layout, coding conventions, and error handling practices.
- Aimed to establish a solid foundation for modern, scalable, and maintainable web application development.
Updated project name references in configuration, scripts, and code. This includes changes to database URLs, Docker commands, environment variables, and displayed API titles. Ensures consistency with the new project name "App".
Implemented a full-stack template combining Next.js (frontend), FastAPI (backend), and PostgreSQL. Included Docker configurations for development and production, environment file templates, Makefile commands, and initial setup for database migrations and builds. The stack is production-ready and supports hot-reloading for local development.
