web-app-launcher/plans/phase-2-enhanced-features/CONTEXT.md

Feature Context: Phase 2 — Enhanced Features

Current State

Phase 1 (OAuth/Authentik Integration) and Phase 2 (DnD) are complete. Installed openid-client v6.8.2. OAuth login flow uses PKCE and issues local JWT tokens. Login page conditionally shows OAuth button and/or local form based on authMode SystemSettings. Admin settings page has a working "Test Connection" button for OAuth configuration.

Temporary Workarounds

• None yet

Cross-Phase Dependencies

• Phase 1 (OAuth) is independent — touches auth system only
• Phase 2 (DnD) is independent — touches board editor UI only
• Phase 3 (Widgets) depends on existing widget system from MVP
• Phase 4 (Access Control) depends on existing permission system from MVP
• Phase 5 (Integration) depends on all prior phases

Implementation Notes

• Big Bang strategy: intermediate phases may not build. Phase 6 is the convergence phase.
• OAuth uses openid-client (already installed in MVP dependencies)
• DnD uses svelte-dnd-action (installed in Phase 2)
• New widget types extend the existing Widget model's type and config JSON fields

Phase 2 (DnD) — Completed

• Installed svelte-dnd-action package
• Created DraggableBoard.svelte, DraggableSection.svelte, DraggableWidget.svelte component hierarchy
• Board edit page now uses DnD for section and widget reordering (including cross-section widget moves)
• Added PUT /api/boards/[id]/reorder and PUT /api/boards/[id]/sections/[sid]/reorder endpoints
• Extended boardService.ts with reorderSections(), reorderWidgets(), moveWidget() using Prisma transactions
• Visual drag handles (grip dots) and dashed drop zone indicators added via Tailwind
• Edit page actions (add/delete section/widget) use invalidateAll() for data refresh; DnD uses optimistic fetch