Double-submit cookie pattern: login sets bh-csrf-token cookie,
proxy.ts validates X-CSRF-Token header on POST/PUT/DELETE to /api/admin/*.
New adminFetch() helper in src/lib/csrf.ts auto-includes the header.
All admin pages migrated from fetch() to adminFetch().
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add groupId field to ScheduleClass for admin-defined group identity
- Add versioned DB migration system (replaces initTables) to prevent data loss
- Redesign GroupView: Trainer → Class Type → Group → Datetimes hierarchy
- Group datetimes by day, merge days with identical time sets
- Auto-assign groupIds to legacy schedule entries in admin
- Add mc_registrations CRUD to db.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Custom gold checkbox for 'Одинаковое время'
- Delete button moved to right with text label
- Save button on left
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Validate trainer, type, and time before saving
- Show overlap warnings for conflicting classes
- Reset end time when start time exceeds it
- Block setting end time earlier than start
- Remove day change hints from modal
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- "Одинаковое время" checkbox (default on) syncs time across all days
- Uncheck to set per-day times (e.g., Mon 12:00, Fri 18:00)
- Checkbox only appears when 2+ days selected
- Single day: just shows one time field, no checkbox
- Unified day selector for both new and edit modes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Group = trainer + type (time-independent)
- Edit modal shows per-day time fields (Mon 12:00, Fri 18:00)
- Calendar blocks colored by group, not class type
- Color picker for site dots moved to classes editor
- New class: single time + multi-day selector
- Edit class: per-day times, add/remove days from group
- Delete removes group from all days
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Auto-detect class groups (same trainer + type + time across days)
- Edit modal shows all group days pre-selected (e.g., ВТ/ПТ both lit)
- Toggle days to add/remove class from specific days
- Delete removes class from all days in the group
- New class modal lets you pick multiple days at once
- Visual hints: green +day / red −day for pending changes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add clickable color picker in schedule legend (16 distinct colors)
- Two-pass smart assignment: explicit colors first, then unused palette slots
- Hide already-used colors from the picker (both explicit and fallback)
- Colors saved to classes section and flow to public site schedule dots
- Expanded palette: rose, orange, amber, yellow, lime, emerald, teal, cyan,
sky, blue, indigo, violet, purple, fuchsia, pink, red
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace arrow buttons with mouse-based drag-and-drop in ArrayEditor
and team page. Dragged card follows cursor with floating clone, empty
placeholder shows at drop position. SectionEditor now auto-saves with
800ms debounce instead of manual save button.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Complete admin panel for content management:
- SQLite database with better-sqlite3, seed script from content.ts
- Simple password auth with HMAC-signed cookies (Edge + Node compatible)
- 9 section editors: meta, hero, about, team, classes, schedule, pricing, FAQ, contact
- Team CRUD with image upload and drag reorder
- Schedule editor with Google Calendar-style visual timeline (colored blocks, overlap detection, click-to-add)
- All public components refactored to accept data props from DB (with fallback to static content)
- Middleware protecting /admin/* and /api/admin/* routes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
