Two bugs in the sign-in UI's TOTP MFA enrollment flow:
1. Auth app displayed the PC hostname and "Platform Owner" instead of
"Cameleer" and the user's email. The sign-in UI was rendering Logto's
pre-generated QR code which uses the ENDPOINT hostname as issuer.
Now generates our own otpauth:// URI with proper branding, rendered
client-side via qrcode.react.
2. TOTP code verification returned 400 "Invalid TOTP code". The
verifyTotpSetup() call was missing the required verificationId
parameter — Logto's Experience API needs it to locate the pending
secret during enrollment.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Sidebar, sign-in page, and favicons all use the single SVG
- Postinstall copies SVG for SaaS HTML favicon (gitignored)
- Sign-in favicon committed (baked into Logto Docker image)
- Remove old PNG favicon references
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace Logto's default sign-in page with a custom React SPA that
matches the cameleer3-server login page using @cameleer/design-system.
- New Vite+React app at ui/sign-in/ with Experience API integration
- 4-step auth flow: init → verify password → identify → submit
- Design-system components: Card, Input, Button, FormField, Alert
- Same witty random subtitles as cameleer3-server LoginPage
- Dockerfile: add sign-in-frontend build stage, copy dist to image
- docker-compose: CUSTOM_UI_PATH on Logto, shared signinui volume
- SaaS entrypoint copies sign-in dist to shared volume on startup
- Add .gitattributes for LF line endings
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
