Rebuild as InnungsApp project: replace stadtwerke analysis with full documentation

- PRD: vollständige Produktspezifikation (5 Module, Scope, Akzeptanzkriterien)
- ARCHITECTURE: Tech Stack, Ordnerstruktur, Multi-Tenancy, Push, Kosten
- DATABASE_SCHEMA: Vollständiges SQL-Schema mit RLS Policies und Views
- USER_STORIES: 40+ Stories nach Rolle (Admin, Mitglied, Azubi, Obermeister)
- PERSONAS: 5 detaillierte Nutzerprofile mit Alltag, Zitaten und Erwartungen
- BUSINESS_MODEL: Preistabellen, Unit Economics, Revenue-Projektionen, Distribution
- ROADMAP: 6 Phasen, Sprint-Planung, Meilensteine und KPIs
- COMPETITIVE_ANALYSIS: Wettbewerbsmatrix, USPs, Preispositionierung
- API_DESIGN: Supabase Query Patterns, Edge Functions, Realtime Subscriptions
- ONBOARDING_FLOWS: 7 User Flows von Setup bis Fehlerfall
- GTM_STRATEGY: 3-Phasen-Vertrieb, Outreach-Sequenz, Einwandbehandlung
- AZUBI_MODULE: Video-Feed, 1-Click-Apply, Chat, Berichtsheft, Quiz
- DSGVO_KONZEPT: Rechtsgrundlagen, TOMs, AVV, Minderjährige, Incident Response
- FEATURES_BACKLOG: 72 Features nach MoSCoW + Technische Schulden

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Timo Knuth
2026-02-18 19:03:37 +01:00
parent fc68285cf1
commit fca42db4d2
116 changed files with 9329 additions and 6479 deletions

View File

@@ -0,0 +1,4 @@
import { auth } from '@/lib/auth'
import { toNextJsHandler } from 'better-auth/next-js'
export const { POST, GET } = toNextJsHandler(auth)

View File

@@ -0,0 +1,23 @@
import { fetchRequestHandler } from '@trpc/server/adapters/fetch'
import { appRouter } from '@/server/routers'
import { createContext } from '@/server/context'
import { type NextRequest } from 'next/server'
const handler = (req: NextRequest) =>
fetchRequestHandler({
endpoint: '/api/trpc',
req,
router: appRouter,
createContext: () => createContext({ req, resHeaders: new Headers(), info: {} as never }),
onError:
process.env.NODE_ENV === 'development'
? ({ path, error }) => {
console.error(
`[tRPC] Error on ${path ?? '<no-path>'}:`,
error
)
}
: undefined,
})
export { handler as GET, handler as POST }

View File

@@ -0,0 +1,54 @@
import { NextRequest, NextResponse } from 'next/server'
import { writeFile, mkdir } from 'fs/promises'
import path from 'path'
import { randomUUID } from 'crypto'
import { auth } from '@/lib/auth'
const UPLOAD_DIR = process.env.UPLOAD_DIR ?? './uploads'
const MAX_SIZE_BYTES = Number(process.env.UPLOAD_MAX_SIZE_MB ?? 10) * 1024 * 1024
export async function POST(req: NextRequest) {
// Auth check
const session = await auth.api.getSession({ headers: req.headers })
if (!session?.user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const formData = await req.formData()
const file = formData.get('file') as File | null
if (!file) {
return NextResponse.json({ error: 'No file provided' }, { status: 400 })
}
if (file.size > MAX_SIZE_BYTES) {
return NextResponse.json({ error: 'File too large' }, { status: 413 })
}
// Only allow safe file types
const allowedTypes = [
'application/pdf',
'image/png',
'image/jpeg',
'image/webp',
'image/gif',
]
if (!allowedTypes.includes(file.type)) {
return NextResponse.json({ error: 'File type not allowed' }, { status: 415 })
}
const ext = path.extname(file.name)
const fileName = `${randomUUID()}${ext}`
const uploadPath = path.join(process.cwd(), UPLOAD_DIR)
await mkdir(uploadPath, { recursive: true })
const buffer = Buffer.from(await file.arrayBuffer())
await writeFile(path.join(uploadPath, fileName), buffer)
return NextResponse.json({
storagePath: fileName,
name: file.name,
sizeBytes: file.size,
url: `/uploads/${fileName}`,
})
}

View File

@@ -0,0 +1,41 @@
import { NextRequest, NextResponse } from 'next/server'
import { readFile } from 'fs/promises'
import path from 'path'
const UPLOAD_DIR = process.env.UPLOAD_DIR ?? './uploads'
export async function GET(
req: NextRequest,
{ params }: { params: { path: string[] } }
) {
try {
const filePath = path.join(process.cwd(), UPLOAD_DIR, ...params.path)
// Security: prevent path traversal
const resolved = path.resolve(filePath)
const uploadDir = path.resolve(path.join(process.cwd(), UPLOAD_DIR))
if (!resolved.startsWith(uploadDir)) {
return new NextResponse('Forbidden', { status: 403 })
}
const file = await readFile(resolved)
const ext = path.extname(resolved).toLowerCase()
const mimeTypes: Record<string, string> = {
'.pdf': 'application/pdf',
'.png': 'image/png',
'.jpg': 'image/jpeg',
'.jpeg': 'image/jpeg',
'.gif': 'image/gif',
'.webp': 'image/webp',
}
return new NextResponse(file, {
headers: {
'Content-Type': mimeTypes[ext] ?? 'application/octet-stream',
'Cache-Control': 'public, max-age=86400',
},
})
} catch {
return new NextResponse('Not Found', { status: 404 })
}
}