arthur/xtablo-source
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects 1 Releases Packages Wiki Activity Actions 5
1196 commits 4 branches 0 tags 23 MiB
Commit graph

7 commits

Author SHA1 Message Date
Arthur Belleville
59fd6b15b5
feat(08-04): show social sign-in controls on auth pages 2026-05-15 21:09:14 +02:00
Arthur Belleville
55fb32f1e1
chore(04-01): Sortable.js bootstrap and soft-danger button CSS 
- justfile: add sortable_version := "1.15.7" variable
- justfile: bootstrap downloads sortable.min.js from jsDelivr
- justfile: clean removes static/sortable.min.js
- button.css: add .ui-button-soft-danger-md rule with hover and focus-visible states
- static/sortable.min.js: downloaded at 1.15.7 (45 kB)
 2026-05-15 09:24:44 +02:00
Arthur Belleville
2c1b186fb7
feat(03-01): add ui-button-solid-danger-md and ui-button-soft-neutral-md CSS variants 
- Danger variant: #b91c1c bg, #991b1b hover, min-height 44px (WCAG 2.5.5)
- Neutral-soft variant: #f1f5f9 bg, #e2e8f0 hover, #334155 text, min-height 44px
- All pseudo-class selectors top-level (no CSS nesting per Phase 1 convention)
- static/tailwind.css updated via just generate (Pitfall 4: imported CSS passes through)
 2026-05-15 00:13:56 +02:00
Arthur Belleville
389e1bc8b4
feat(02-07): gorilla/csrf integration — mount middleware, wire all forms, env-driven key 
- auth.Mount(env, key) wraps csrf.Protect with locked D-14/D-24 options
- auth.LoadKeyFromEnv() reads SESSION_SECRET, hex-decodes, validates 32 bytes; fails fast on error
- ui.CSRFField(token) templ component renders hidden _csrf input
- Layout, LoginPage/Fragment, SignupPage/Fragment, Index all embed @ui.CSRFField(csrfToken)
- Handlers thread csrf.Token(r) into every page/fragment render call
- NewRouter mounts auth.Mount after ResolveSession, before all route groups (D-24)
- main.go calls auth.LoadKeyFromEnv(); logs.Fatalf on missing/invalid SESSION_SECRET
- SESSION_SECRET documented in .env.example with openssl rand -hex 32 instruction
- go.mod: gorilla/csrf v1.7.3 (direct); prior tests updated with getCSRFToken helper
- All Plan 04/05/06 tests updated to acquire and submit valid _csrf tokens
 2026-05-14 22:59:06 +02:00
Arthur Belleville
75cbd29d44 test(01-02): add ui package smoke tests 
- TestButton_DefaultSolidMD: asserts root class and label
- TestButton_PassesThroughAttrs: asserts hx-* attribute spread
- TestButton_ExplicitTypeSubmit: type override
- TestCard_RendersChildren: templ.WithChildren child injection
- TestBadge_{Info,Success}Variant + zero-value normalization
- TestButtonClass_String / TestBadgeClass_String: class contract
- TestNormalizers_ZeroValueDefaults: every Normalized* returns safe default
 2026-05-14 18:47:31 +02:00
Arthur Belleville
d056b33241 feat(01-02): add Button, Card, Badge templ components + CSS 
- button.templ: Button(ButtonProps) renders <button type=...> with class
  from ui.ButtonClass(); Attrs spread for hx-* pass-through
- button.css: .ui-button base + .ui-button-solid-default-md variant
  with non-nested :hover and :focus-visible (Codex concern #7)
- card.templ: Card(attrs) accepts children via templ child syntax
- card.css: slate-50 panel, slate-200 border
- badge.templ: Badge(BadgeProps) renders <span class=...>
- badge.css: info / success / danger variants (warning deferred)
 2026-05-14 18:46:42 +02:00
Arthur Belleville
1ff8e681da feat(01-02): add ui package enums, helpers, base CSS 
- tokens.go: semantic token constants
- variants.go: Size/ButtonVariant/ButtonTone/BadgeVariant enums + Normalized*
- helpers.go: mergeAttrs for templ.Attributes
- base.css: resets, :focus-visible ring (no nesting)
 2026-05-14 18:45:15 +02:00