docs: reflect Phase 19.1/19.2 landing (CMS nav drawer + auth-state DefaultLayout)

This commit is contained in:
daniel-c-harvey
2026-06-19 22:04:02 -04:00
parent 949bccfb8e
commit 0b8593950b
2 changed files with 3 additions and 3 deletions
+2 -2
View File
@@ -402,13 +402,13 @@ the `/` home splash). So path 2 is **one router edit**, not a host integration.
`UserAdmin`+) alongside the existing CMS destinations (Catalogue / Releases / Upload); surface **both**
admin account paths (path 1 `SuperRegister` + path 3 via the Registrations link); do **not** surface the
redundant bare `NewUser` (OQ2 resolved). Scope: `CmsLayout.razor`. **No service, API, data, or
AuthBlocks-source change.**
AuthBlocks-source change.** **Landed:** 2026-06-19 on dev.
- **19.2 — Public-route layout (public-route track; parallel to 19.1). DECIDED: G0-a.** Make
`Routes.razor`'s `DefaultLayout` auth-state-driven (mirroring SkipperHaven, spec §2c D1): cascade
`Task<AuthenticationState>`, resolve `_currentLayout = authed ? CmsLayout : CmsHomeLayout`, bind
`DefaultLayout="@_currentLayout"`. This renders `/account/register` (path 2) **and** `/account/login` in
the lean `CmsHomeLayout` for unauthenticated visitors. Scope: `Routes.razor` only. **No new layout (both
exist), no package, no service, no AuthBlocks-source change.**
exist), no package, no service, no AuthBlocks-source change.** **Landed:** 2026-06-19 on dev.
- **19.3 — End-to-end verification (after 19.1 + 19.2).** Exercise provision-now (path 1), **invite-email
send (path 3) incl. that the invite link `{ReturnHost}` points at the CMS origin**, list/deactivate
users, permissions against a running DeepDrftAPI; confirm cross-host token + CORS, and **the full