loadCacheFromDB used store.getAll() which returns raw values, not
key-value pairs. The item.key check always failed, so memoryCache
was empty after every page reload. Auth0 SDK state stored before
redirect was lost on mobile Safari (no bfcache).
Also fixed set()/remove() to await IDB persistence so Auth0 state
is fully written before loginWithRedirect() navigates away.
Added 10s timeout on callback loading state as safety net.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
URL-to-screen sync on mount and screen-to-URL sync via replaceState
enable direct URL navigation, page refresh, and bookmarks on mobile.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create shared getVehicleLabel/getVehicleSubtitle in core/utils with
VehicleLike interface. Replace all direct year/make/model concatenation
across 17 consumer files to prevent null values in vehicle names.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace polling-based auth detection with event-based subscription
- Remove unnecessary 100ms delay on desktop (keep 50ms for mobile)
- Unify dashboard data fetching to prevent duplicate API calls
- Use Promise.all for parallel maintenance schedule fetching
Reduces dashboard load time from ~1.5s to <500ms.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend:
- Add login event logging to getUserStatus() controller method
- Create POST /auth/track-logout endpoint for logout tracking
Frontend:
- Create useLogout hook that wraps Auth0 logout with audit tracking
- Update all logout locations to use the new hook (SettingsPage,
Layout, MobileSettingsScreen, useDeletion)
Login events are logged when the frontend calls /auth/user-status after
Auth0 callback. Logout events are logged via fire-and-forget call to
/auth/track-logout before Auth0 logout.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add audit_logs table with categories, severities, and indexes
- Create AuditLogService and AuditLogRepository
- Add REST API endpoints for viewing and exporting logs
- Wire audit logging into auth, vehicles, admin, and backup features
- Add desktop AdminLogsPage with filters and CSV export
- Add mobile AdminLogsMobileScreen with card layout
- Implement 90-day retention cleanup job
- Remove old AuditLogPanel from AdminCatalogPage
Security fixes:
- Escape LIKE special characters to prevent pattern injection
- Limit CSV export to 5000 records to prevent memory exhaustion
- Add truncation warning headers for large exports
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Vehicle now navigates to Vehicles screen and opens add form
- Add Maintenance mobile screen with records/schedules tabs
- Add 'Maintenance' to MobileScreen type
- Wire up onViewMaintenance callback to navigate to Maintenance screen
refs #2🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Dashboard to desktop sidebar navigation (first item)
- Add /garage/dashboard route for desktop
- Change default redirect from /garage/vehicles to /garage/dashboard
- Change mobile default screen from Vehicles to Dashboard
- Create DashboardPage wrapper for desktop route
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Changed Auth0 callback URL from hardcoded production domain to
window.location.origin, enabling login flow on staging.motovaultpro.com.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The promise-based waitForAuthInit() approach wasn't reliably triggering
React state updates when setAuthInitialized(true) was called. Replace with
a polling mechanism that actively checks isAuthInitialized() every 50ms
with exponential backoff, ensuring state updates trigger properly.
This fixes the hanging "Initializing session..." issue where the auth gate
remained stuck waiting indefinitely.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Enable console logging in vite.config.ts:
- Set drop_console to false
- Disabled pure_funcs stripping for console.log
- Changed esbuild to only drop debugger, keep console
- Add debug logging to auth-gate.ts:
- Log setAuthInitialized calls
- Add debug logging to useSavedStations.ts:
- Log hook invocations
- Log query function execution and results
- Added retry configuration
- Add debug logging to StationsPage.tsx:
- Log component renders
- Log useSavedStations result state
These logs will show us what's happening with auth initialization and
query state transitions that are causing the React DOM removeChild error.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add useIsAuthInitialized hook to auth-gate for reactive auth state
- Returns true once auth token is acquired and ready
- Waits for waitForAuthInit() promise to resolve
- Update useSavedStations hook to wait for auth before fetching
- Add 'enabled: isAuthInitialized' to useQuery config
- Prevents 401 errors from requests made before token is ready
- Fixes race condition where hook fires before interceptor is set up
The stations page was blank because useSavedStations() made an API call
with refetchOnMount:true before the auth token interceptor was added,
causing a 401 response that made the component unmount/remount, creating
a React DOM error in the error boundary.
Now the hook waits for isAuthInitialized to be true before making the
initial API call, ensuring the token interceptor is ready.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
