astro-tractstack 2.3.2 → 2.3.4

package/templates/src/layouts/Layout.astro

@@ -303,6 +303,27 @@ const enableBunny = import.meta.env.PUBLIC_ENABLE_BUNNY === 'true';
     <script is:inline is:persist>
       let navProgressInterval = null;
       let navSafetyTimeout = null;
+      const IN_SITE_FROM_KEY = 'tractstack:inSiteFrom';
+      let isInSiteNavigationTrackingBound = false;
+
+      const navEntry = performance.getEntriesByType('navigation')[0];
+      if (navEntry?.type === 'navigate' && history.length <= 1) {
+        sessionStorage.removeItem(IN_SITE_FROM_KEY);
+      }
+
+      function setupInSiteNavigationTracking() {
+        if (isInSiteNavigationTrackingBound) {
+          return;
+        }
+
+        document.addEventListener('astro:before-preparation', () => {
+          sessionStorage.setItem(
+            IN_SITE_FROM_KEY,
+            location.pathname + location.search + location.hash
+          );
+        });
+        isInSiteNavigationTrackingBound = true;
+      }
 
       function startNavLoadingAnimation() {
         const loadingIndicator = document.getElementById('loading-indicator');
@@ -402,8 +423,13 @@ const enableBunny = import.meta.env.PUBLIC_ENABLE_BUNNY === 'true';
 
       if (document.readyState === 'loading') {
         document.addEventListener('DOMContentLoaded', setupNavigationLoading);
+        document.addEventListener(
+          'DOMContentLoaded',
+          setupInSiteNavigationTracking
+        );
       } else {
         setupNavigationLoading();
+        setupInSiteNavigationTracking();
       }
 
       document.addEventListener('astro:page-load', setupNavigationLoading);

package/templates/src/pages/api/auth/logout.ts

@@ -1,6 +1,9 @@
 import type { APIRoute } from '@/types/astro';
 
-export const POST: APIRoute = async ({ cookies, url }) => {
+export const POST: APIRoute = async ({ cookies, url, locals }) => {
+  const tenantId =
+    locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+
   try {
     const isLocalhost =
       url.hostname === 'localhost' || url.hostname === '127.0.0.1';
@@ -15,6 +18,36 @@ export const POST: APIRoute = async ({ cookies, url }) => {
     cookies.delete('admin_auth', cookieOptions);
     cookies.delete('editor_auth', cookieOptions);
 
+    const responseHeaders = new Headers({
+      'Content-Type': 'application/json',
+    });
+
+    const backendUrl =
+      import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 10000);
+
+    try {
+      const backendResponse = await fetch(`${backendUrl}/api/v1/auth/logout`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'X-Tenant-ID': tenantId,
+        },
+        signal: controller.signal,
+      });
+
+      clearTimeout(timeoutId);
+
+      for (const setCookie of backendResponse.headers.getSetCookie()) {
+        responseHeaders.append('Set-Cookie', setCookie);
+      }
+    } catch (fetchError) {
+      clearTimeout(timeoutId);
+      console.error('Logout backend request failed:', fetchError);
+    }
+
     return new Response(
       JSON.stringify({
         success: true,
@@ -22,7 +55,7 @@ export const POST: APIRoute = async ({ cookies, url }) => {
       }),
       {
         status: 200,
-        headers: { 'Content-Type': 'application/json' },
+        headers: responseHeaders,
       }
     );
   } catch (error) {

package/templates/src/pages/api/google/oauth/callback.ts

@@ -0,0 +1,50 @@
+import type { APIRoute } from '@/types/astro';
+
+export const GET: APIRoute = async ({ request, locals, url }) => {
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+  const tenantId =
+    locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+
+  const forwardedProto =
+    request.headers.get('x-forwarded-proto') || url.protocol.replace(':', '');
+  const forwardedHost = request.headers.get('x-forwarded-host') || url.host;
+
+  const response = await fetch(
+    `${GO_BACKEND}/api/v1/google/oauth/callback${url.search}`,
+    {
+      method: 'GET',
+      redirect: 'manual',
+      headers: {
+        'X-Tenant-ID': tenantId,
+        'X-Forwarded-Proto': forwardedProto,
+        'X-Forwarded-Host': forwardedHost,
+        ...(request.headers.get('Authorization') && {
+          Authorization: request.headers.get('Authorization')!,
+        }),
+        ...(request.headers.get('Cookie') && {
+          Cookie: request.headers.get('Cookie')!,
+        }),
+      },
+    }
+  );
+
+  const location = response.headers.get('location');
+  if (location) {
+    const frontendOrigin = `${forwardedProto}://${forwardedHost}`;
+    const redirectUrl = new URL(location, frontendOrigin).toString();
+    return Response.redirect(
+      redirectUrl,
+      response.status >= 300 && response.status < 400 ? response.status : 302
+    );
+  }
+
+  const body = await response.text();
+  return new Response(body, {
+    status: response.status,
+    headers: {
+      'Content-Type':
+        response.headers.get('Content-Type') || 'application/json',
+    },
+  });
+};

package/templates/src/pages/api/google/oauth/disconnect.ts

@@ -0,0 +1,32 @@
+import type { APIRoute } from '@/types/astro';
+
+export const POST: APIRoute = async ({ request, locals, url }) => {
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+  const tenantId =
+    locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+  const forwardedProto =
+    request.headers.get('x-forwarded-proto') || url.protocol.replace(':', '');
+  const forwardedHost = request.headers.get('x-forwarded-host') || url.host;
+
+  const response = await fetch(`${GO_BACKEND}/api/v1/google/oauth/disconnect`, {
+    method: 'POST',
+    headers: {
+      'X-Tenant-ID': tenantId,
+      'X-Forwarded-Proto': forwardedProto,
+      'X-Forwarded-Host': forwardedHost,
+      ...(request.headers.get('Authorization') && {
+        Authorization: request.headers.get('Authorization')!,
+      }),
+      ...(request.headers.get('Cookie') && {
+        Cookie: request.headers.get('Cookie')!,
+      }),
+    },
+  });
+
+  const data = await response.text();
+  return new Response(data, {
+    status: response.status,
+    headers: { 'Content-Type': 'application/json' },
+  });
+};

package/templates/src/pages/api/google/oauth/start.ts

@@ -0,0 +1,32 @@
+import type { APIRoute } from '@/types/astro';
+
+export const GET: APIRoute = async ({ request, locals, url }) => {
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+  const tenantId =
+    locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+  const forwardedProto =
+    request.headers.get('x-forwarded-proto') || url.protocol.replace(':', '');
+  const forwardedHost = request.headers.get('x-forwarded-host') || url.host;
+
+  const response = await fetch(`${GO_BACKEND}/api/v1/google/oauth/start`, {
+    method: 'GET',
+    headers: {
+      'X-Tenant-ID': tenantId,
+      'X-Forwarded-Proto': forwardedProto,
+      'X-Forwarded-Host': forwardedHost,
+      ...(request.headers.get('Authorization') && {
+        Authorization: request.headers.get('Authorization')!,
+      }),
+      ...(request.headers.get('Cookie') && {
+        Cookie: request.headers.get('Cookie')!,
+      }),
+    },
+  });
+
+  const data = await response.text();
+  return new Response(data, {
+    status: response.status,
+    headers: { 'Content-Type': 'application/json' },
+  });
+};

package/templates/src/pages/api/google/oauth/status.ts

@@ -0,0 +1,32 @@
+import type { APIRoute } from '@/types/astro';
+
+export const GET: APIRoute = async ({ request, locals, url }) => {
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+  const tenantId =
+    locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+  const forwardedProto =
+    request.headers.get('x-forwarded-proto') || url.protocol.replace(':', '');
+  const forwardedHost = request.headers.get('x-forwarded-host') || url.host;
+
+  const response = await fetch(`${GO_BACKEND}/api/v1/google/oauth/status`, {
+    method: 'GET',
+    headers: {
+      'X-Tenant-ID': tenantId,
+      'X-Forwarded-Proto': forwardedProto,
+      'X-Forwarded-Host': forwardedHost,
+      ...(request.headers.get('Authorization') && {
+        Authorization: request.headers.get('Authorization')!,
+      }),
+      ...(request.headers.get('Cookie') && {
+        Cookie: request.headers.get('Cookie')!,
+      }),
+    },
+  });
+
+  const data = await response.text();
+  return new Response(data, {
+    status: response.status,
+    headers: { 'Content-Type': 'application/json' },
+  });
+};

package/templates/src/pages/api/sales/list.ts

@@ -0,0 +1,66 @@
+import type { APIRoute } from '@/types/astro';
+import { getAdminToken } from '@/utils/auth';
+
+export const GET: APIRoute = async (context) => {
+  const { request, locals } = context;
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+
+  try {
+    const url = new URL(request.url);
+    const searchParams = url.searchParams;
+
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 10000);
+    const tenantId =
+      locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+    const token = getAdminToken(context);
+
+    try {
+      const response = await fetch(
+        `${GO_BACKEND}/api/v1/sales/list?${searchParams.toString()}`,
+        {
+          method: 'GET',
+          headers: {
+            'Content-Type': 'application/json',
+            'X-Tenant-ID': tenantId,
+            ...(token && { Authorization: `Bearer ${token}` }),
+            ...(request.headers.get('Authorization') && {
+              Authorization: request.headers.get('Authorization')!,
+            }),
+          },
+          signal: controller.signal,
+        }
+      );
+
+      clearTimeout(timeoutId);
+      const data = await response.json();
+
+      return new Response(JSON.stringify(data), {
+        status: response.status,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    } catch (fetchError) {
+      clearTimeout(timeoutId);
+      if (fetchError instanceof Error && fetchError.name === 'AbortError') {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: 'Sales list lookup timeout',
+          }),
+          { status: 408, headers: { 'Content-Type': 'application/json' } }
+        );
+      }
+      throw fetchError;
+    }
+  } catch (error) {
+    console.error('Sales list API proxy error:', error);
+    return new Response(
+      JSON.stringify({
+        success: false,
+        error: 'Failed to connect to backend service',
+      }),
+      { status: 500, headers: { 'Content-Type': 'application/json' } }
+    );
+  }
+};

package/templates/src/pages/api/sales/metrics.ts

@@ -0,0 +1,60 @@
+import type { APIRoute } from '@/types/astro';
+import { getAdminToken } from '@/utils/auth';
+
+export const GET: APIRoute = async (context) => {
+  const { request, locals } = context;
+  const GO_BACKEND =
+    import.meta.env.PUBLIC_GO_BACKEND || 'http://localhost:8080';
+
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 10000);
+    const tenantId =
+      locals.tenant?.id || import.meta.env.PUBLIC_TENANTID || 'default';
+    const token = getAdminToken(context);
+
+    try {
+      const response = await fetch(`${GO_BACKEND}/api/v1/sales/metrics`, {
+        method: 'GET',
+        headers: {
+          'Content-Type': 'application/json',
+          'X-Tenant-ID': tenantId,
+          ...(token && { Authorization: `Bearer ${token}` }),
+          ...(request.headers.get('Authorization') && {
+            Authorization: request.headers.get('Authorization')!,
+          }),
+        },
+        signal: controller.signal,
+      });
+
+      clearTimeout(timeoutId);
+      const data = await response.json();
+
+      return new Response(JSON.stringify(data), {
+        status: response.status,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    } catch (fetchError) {
+      clearTimeout(timeoutId);
+      if (fetchError instanceof Error && fetchError.name === 'AbortError') {
+        return new Response(
+          JSON.stringify({
+            success: false,
+            error: 'Sales metrics lookup timeout',
+          }),
+          { status: 408, headers: { 'Content-Type': 'application/json' } }
+        );
+      }
+      throw fetchError;
+    }
+  } catch (error) {
+    console.error('Sales metrics API proxy error:', error);
+    return new Response(
+      JSON.stringify({
+        success: false,
+        error: 'Failed to connect to backend service',
+      }),
+      { status: 500, headers: { 'Content-Type': 'application/json' } }
+    );
+  }
+};

package/templates/src/pages/context/[...contextSlug].astro

@@ -1,9 +1,7 @@
 ---
 import Layout from '@/layouts/Layout.astro';
-import CodeHook from '@/custom/CodeHook.astro';
 import { getBrandConfig } from '@/utils/api/brandConfig';
 import { handleFailedResponse } from '@/utils/backend';
-import { getFullContentMap } from '@/stores/analytics';
 import { preHealthCheck } from '@/utils/backend';
 
 const tenantId =
@@ -58,8 +56,6 @@ try {
 
 const paneId = contextPaneData.id;
 const paneTitle = contextPaneData.title || 'Context';
-const codeHookTarget = contextPaneData.codeHookTarget || null;
-const resourcesPayload = storyData.resourcesPayload || {};
 
 // Get rendered fragment for the context pane
 let fragmentData = '';
@@ -93,8 +89,6 @@ try {
   );
 }
 
-// Get supporting data
-const fullContentMap = await getFullContentMap(tenantId);
 const brandConfig = await getBrandConfig(tenantId);
 
 if (!brandConfig.SITE_INIT) {
@@ -122,18 +116,7 @@ if (!brandConfig.SITE_INIT) {
       hx-trigger="refresh"
       hx-swap="innerHTML scroll:none"
     >
-      {
-        codeHookTarget ? (
-          <CodeHook
-            target={codeHookTarget}
-            paneId={paneId}
-            resourcesPayload={resourcesPayload}
-            fullContentMap={fullContentMap}
-          />
-        ) : (
-          <Fragment set:html={fragmentData} />
-        )
-      }
+      <Fragment set:html={fragmentData} />
     </div>
 
     <div class="py-12 text-center text-2xl md:text-3xl">
@@ -148,20 +131,56 @@ if (!brandConfig.SITE_INIT) {
 </Layout>
 
 <script>
-  document.addEventListener('DOMContentLoaded', function () {
+  const IN_SITE_FROM_KEY = 'tractstack:inSiteFrom';
+
+  function getInSiteFrom() {
+    const rawFromPath = sessionStorage.getItem(IN_SITE_FROM_KEY);
+    if (!rawFromPath) {
+      return null;
+    }
+
+    try {
+      const fromUrl = new URL(rawFromPath, window.location.origin);
+      if (fromUrl.origin !== window.location.origin) {
+        return null;
+      }
+
+      const fromPath = fromUrl.pathname + fromUrl.search + fromUrl.hash;
+      const currentPath =
+        window.location.pathname +
+        window.location.search +
+        window.location.hash;
+
+      if (fromPath === currentPath) {
+        return null;
+      }
+
+      return fromPath;
+    } catch {
+      return null;
+    }
+  }
+
+  function setupContextCloseButton() {
     const closeBtn = document.getElementById('context-close-btn');
 
-    if (closeBtn) {
-      closeBtn.addEventListener('click', function () {
-        // Check if we have history to go back to
-        if (window.history.length > 1 && document.referrer) {
-          // Go back to previous page
-          window.history.back();
-        } else {
-          // Fallback to home page
-          window.location.href = '/';
-        }
-      });
+    if (!closeBtn) {
+      return;
     }
-  });
+
+    const fromPath = getInSiteFrom();
+    closeBtn.textContent = fromPath ? 'Close' : 'Home';
+
+    closeBtn.onclick = function () {
+      if (fromPath) {
+        window.location.assign(fromPath);
+        return;
+      }
+
+      window.location.assign('/');
+    };
+  }
+
+  setupContextCloseButton();
+  document.addEventListener('astro:page-load', setupContextCloseButton);
 </script>

package/templates/src/pages/privacy.astro

@@ -0,0 +1,84 @@
+---
+const effectiveDate = '2026-05-03';
+---
+
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Privacy Policy</title>
+  </head>
+  <body>
+    <main
+      style="margin: 0 auto; max-width: 48rem; padding: 2rem 1rem; font-family: Inter, Arial, sans-serif; line-height: 1.6;"
+    >
+      <h1>Privacy Policy</h1>
+      <p><strong>Effective date:</strong> {effectiveDate}</p>
+      <p>
+        This site is built with TractStack and is designed to minimize personal
+        data collection while supporting operational analytics.
+      </p>
+
+      <h2>What We Collect</h2>
+      <ul>
+        <li>
+          Pseudonymous usage and activity events for site operation and content
+          performance.
+        </li>
+        <li>
+          Session identifiers used for continuity, including session, visit, and
+          fingerprint IDs.
+        </li>
+        <li>
+          Optional profile/contact details only when you explicitly provide
+          them.
+        </li>
+      </ul>
+
+      <h2>How We Use Data</h2>
+      <ul>
+        <li>To operate site behavior, booking flows, and communications.</li>
+        <li>To measure page and interaction performance.</li>
+        <li>
+          To provide profile-based personalization when a profile is created.
+        </li>
+      </ul>
+
+      <h2>Consent and Controls</h2>
+      <ul>
+        <li>
+          Consent controls profile memory and preference retention in your
+          browser.
+        </li>
+        <li>
+          Operational session and interaction tracking may occur even when full
+          profile consent is not enabled.
+        </li>
+        <li>
+          You can revoke consent from the profile/session controls on this site;
+          this clears browser-stored session/profile data for this browser.
+        </li>
+      </ul>
+
+      <h2>Retention</h2>
+      <p>
+        Revoking consent clears local browser storage for session/profile data,
+        but previously recorded server-side operational logs and analytics
+        events may still exist according to site retention policy.
+      </p>
+
+      <h2>Consent Signal</h2>
+      <p>
+        The consent signal sent during session handshake can be present, denied,
+        or unknown depending on client state.
+      </p>
+
+      <h2>Contact</h2>
+      <p>
+        For privacy questions, contact the site owner using the contact details
+        provided on this website.
+      </p>
+    </main>
+  </body>
+</html>

package/templates/src/pages/storykeep/advanced.astro

@@ -64,7 +64,10 @@ try {
         role={role}
         initializing={initializing}
       />
-      <StoryKeepDashboard_Advanced client:only="react" />
+      <StoryKeepDashboard_Advanced
+        client:only="react"
+        brandConfig={brandConfig}
+      />
     </div>
   </main>
 </Layout>

package/templates/src/pages/terms.astro

@@ -0,0 +1,47 @@
+---
+const effectiveDate = '2026-05-03';
+---
+
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Terms of Service</title>
+  </head>
+  <body>
+    <main
+      style="margin: 0 auto; max-width: 48rem; padding: 2rem 1rem; font-family: Inter, Arial, sans-serif; line-height: 1.6;"
+    >
+      <h1>Terms of Service</h1>
+      <p><strong>Effective date:</strong> {effectiveDate}</p>
+
+      <h2>Acceptance of Terms</h2>
+      <p>By using this website and its services, you agree to these terms.</p>
+
+      <h2>Use of Service</h2>
+      <p>
+        You agree not to misuse the website, attempt unauthorized access, or
+        interfere with normal operation.
+      </p>
+
+      <h2>Bookings and Communications</h2>
+      <p>
+        If this site offers booking services, confirmations and related
+        communications are provided as operational notifications.
+      </p>
+
+      <h2>Disclaimer</h2>
+      <p>
+        Services are provided on an “as is” basis, without warranties except as
+        required by law.
+      </p>
+
+      <h2>Contact</h2>
+      <p>
+        For terms questions, contact the site owner using details provided on
+        this website.
+      </p>
+    </main>
+  </body>
+</html>

package/templates/src/stores/nodes.ts

@@ -1876,6 +1876,14 @@ export class NodesContext {
     if (ownerNode && 'slug' in ownerNode && typeof ownerNode.slug === `string`)
       duplicatedPane.slug = ownerNode.slug;
 
+    this.deleteChildren(ownerId);
+
+    if (pane.htmlAst) {
+      duplicatedPane.htmlAst = pane.htmlAst;
+    } else {
+      delete duplicatedPane.htmlAst;
+    }
+
     // Track all nodes that need to be added
     // Call the new helper to process markdown, gridLayout, and bgPane
     const allNodes: BaseNode[] = this._processPaneTemplate(

package/templates/src/stores/shopify.ts

@@ -227,6 +227,10 @@ export const transactionTraceId = persistentAtom<string>(
   'tractstack_shopify_trace_id',
   ''
 );
+export const preferredAppointmentMode = persistentAtom<'IN_PERSON' | 'REMOTE'>(
+  'tractstack_shopify_appointment_mode',
+  'IN_PERSON'
+);
 
 export interface CustomerDetails {
   name: string;
@@ -262,6 +266,7 @@ export function clearCommerceState() {
     leadId: '',
   });
   transactionTraceId.set('');
+  preferredAppointmentMode.set('IN_PERSON');
   cartState.set(CART_STATES.READY);
 }