Route coverage
This page is the manual coverage map for the web app. When a product route is added, the route must appear here and in the route coverage manifest so the drift test can fail before undocumented UI reaches users.
The intent is 1:1 coverage: every route in the app should have a manual entry, the manual should explain what the route does, and the important workflows should be illustrated with theme-aware screenshots that show only one variant at a time.
Public and account routes
Section titled “Public and account routes”| Route | Audience | What it covers |
|---|---|---|
/ | Public visitors | Product landing page with the main value proposition, feature overview, workflow story, testimonials, integrations teaser, pricing CTA, and footer links. |
/about | Public visitors | Product story, operating values, team context, and the path back into signup or the authenticated app. |
/pricing | Public visitors, owners | Plan comparison, monthly/annual toggle, plan limits, FAQ, and checkout entry points (documented in the plans reference page). |
/login | All users | Email/password sign-in, redirect preservation, forgot-password link, and session handoff into /app. |
/register | New users | Public account creation when enabled, name/email/password fields, minimum password rules, and post-registration app redirect. |
/forgot-password | All users | Password reset request flow that sends a one-use reset link to the account email. |
/reset-password | All users | Token-based password reset, invalid token handling, and new password submission. |
/accept-invitation/$invitationId | Invited users and clients | Organization or gallery invitation acceptance, invited account creation, email matching, access setup, and redirect after acceptance. |
Authenticated app routes
Section titled “Authenticated app routes”| Route | Audience | What it covers |
|---|---|---|
/app | Authenticated users | App shell with sidebar, header, organization role, brand context, language/theme controls, global help, and authentication guard. |
/app/ | Authenticated users | Role-aware dashboard with active work, operational metrics, deadlines, recent activity, and quick links. |
/app/notifications | Authenticated users | Review activity inbox for replies, status changes, client feedback, unread states, event counts, gallery links, and mark-as-read actions. |
/app/settings/notifications | Authenticated users | Personal in-app and email notification preferences for advanced review events. |
Client gallery routes
Section titled “Client gallery routes”| Route | Audience | What it covers |
|---|---|---|
/app/galleries | Clients and team users | Nested shell for shared gallery list and gallery detail pages. |
/app/galleries/ | Clients and team users | Shared gallery list, persisted grid/table preference, thumbnails, statuses, shoot dates, client names, and open-gallery actions. |
/app/galleries/$galleryId/ | Clients and reviewers | Proofing workspace with image browsing, lightbox, selections, comments, advanced review states, pinned comments, face filtering, and keyboard shortcuts. |
Admin gallery routes
Section titled “Admin gallery routes”| Route | Audience | What it covers |
|---|---|---|
/app/admin | Owners and admins | Permission gate for admin routes. Non-owner users are redirected to /app. |
/app/admin/galleries/ | Owners, admins | Gallery operations list with search, status filters, quick filters, grid/table view, usage alerts, bulk archive/status/delete actions, and plan-limit checks. |
/app/admin/galleries/new | Owners, admins | Gallery creation form for client, title, slug, description, status, proofing mode, selection limits, shoot dates, expiration, section rules, and review capabilities. |
/app/admin/galleries/$galleryId/ | Owners, admins | Administrative gallery workspace with image grid, selection/review status, batch actions, sharing, vendor panels, slideshow summaries, and advanced review controls. |
/app/admin/galleries/$galleryId/edit | Owners, admins | Gallery settings editor for metadata, client assignment, proofing rules, advanced review toggles, thumbnail, and sections. |
/app/admin/galleries/$galleryId/upload | Owners, admins | Preview upload workflow with uploader state, processing feedback, and gallery-aware upload context. |
/app/admin/galleries/$galleryId/delivery | Owners, admins | Final delivery workflow for uploading or generating delivery assets, publishing downloads, scheduling availability, and removing stale assets. |
/app/admin/tasks | Owners, admins | Background processing center for preview generation, face detection, clustering, and vendor share rendering, with active/done tabs, filters, auto-refresh, retry, pause/resume, cancel, and batch grouping. |
People, vendors, and slideshow routes
Section titled “People, vendors, and slideshow routes”| Route | Audience | What it covers |
|---|---|---|
/app/admin/users/ | Owners, admins | User administration with search, status filters, invitations, role assignment, invitation cancellation, edit links, and deletion. |
/app/admin/users/new | Owners, admins | Direct user creation form for internal account setup. |
/app/admin/users/$userId/edit | Owners, admins | Existing user profile and role editor. |
/app/admin/clients/ | Owners, admins | Client directory with search, contact details, notes, joined date, and edit actions. |
/app/admin/clients/new | Owners, admins | Compatibility redirect to the invitation-based user onboarding flow. |
/app/admin/clients/$clientId/edit | Owners, admins | Client profile editor for contact details, notes, and directory metadata. |
/app/admin/vendors/ | Owners, admins | Vendor directory with search, type/status/sort filters, vendor creation, referral URL capture, active flag, and leaderboard navigation. |
/app/admin/vendors/$vendorId | Owners, admins | Vendor profile and sharing audit page with share links, referral links, watermark status, expiry, renewal, revocation, and gallery-level access. |
/app/admin/vendors/leaderboard | Owners, admins | Thirty-day vendor engagement ranking with score, opens, image views, qualified referral clicks, and last activity. |
/vendor-share/$publicToken | External vendors | Public vendor share page with token validation, expiry handling, watermarked images, activity tracking, referral CTA, and infinite image loading. |
/r/$referralToken | External referrals | Referral redirect endpoint that records qualified vendor referral traffic and forwards visitors to the configured destination. |
/app/admin/slideshow/ | Owners, admins | Slideshow list with gallery title, live/out-of-sync/unavailable status, image count, update time, manage/open actions, and gallery links. |
/app/admin/slideshow/$slideshowId | Owners, admins | Slideshow management page with preview, public link, refresh/update/delete actions, duration and loop settings, and plan-gated controls. |
/slideshow/$publicToken | Clients, guests, public viewers | Public slideshow viewer with dark presentation mode, auto-advance, previous/next controls, progress, counter, end card, brand logo, and unavailable state. |
Settings and billing routes
Section titled “Settings and billing routes”| Route | Audience | What it covers |
|---|---|---|
/app/admin/settings/brand | Owners, admins | Brand profile settings for studio name, slug, primary color, website URL, and uploaded logo. |
/app/admin/settings/notifications | Owners, admins | Organization-level notification preferences for review-related activity and delivery channels. |
/app/admin/settings/reminder | Owners, admins | Automated reminders for unopened galleries, incomplete proofing, and deadlines, with email preview and timing controls. |
/app/admin/settings/integrations | Owners, admins | Integration and API key management for external systems and automation credentials. |
/app/admin/billing | Owners | Billing workspace with checkout/portal return states, plan cards, monthly/annual toggle, usage rings, storage limits, renewal status, and Polar actions. |
Internal and development routes
Section titled “Internal and development routes”| Route | Audience | What it covers |
|---|---|---|
/api/auth/$ | Internal endpoint | Better Auth catch-all endpoint for sign-in, sign-out, sessions, password reset, and auth-related server operations. |
/api/img/$ | Internal endpoint | Authenticated or signed image proxy with cache headers for previews, gallery images, and share images. |
/api/session/logout | Internal endpoint | POST endpoint that signs out the current session. |
/api/webhooks/polar | Billing integration endpoint | Polar webhook receiver used to synchronize subscription, checkout, and billing state. |
/api/debug/db | Development endpoint | Database connectivity diagnostic route for development or controlled troubleshooting. |
/dev/face-poc | Development only | Face-detection benchmark and proof of concept for comparing local face-api and Human worker backends. |