- Implemented the complete first-run experience:

Account creation and guarded onboarding flow.
Current-cash starting balance with automatic rollover enabled.
Dynamic bill generation, shared/custom categories, recurring targets, 
and optional same-day onboarding transactions.
Optional dormant reserve and additional categories.
Mailgun email or authenticator-app 2FA configuration.
Responsive dark/light UI with no overflow at 390px.
Fixed administrator session-ID creation bug.
Core implementation: [OnboardingService.php (line 
59)](/Users/tyemeclifford/Documents/GH/budget/app/OnboardingService.php:59), 
[onboarding.php (line 
19)](/Users/tyemeclifford/Documents/GH/budget/views/onboarding.php:19), 
and [index.php (line 
143)](/Users/tyemeclifford/Documents/GH/budget/public/index.php:143).
Verification passed: financial self-test, onboarding integration test, 
full browser walkthrough, mobile layout, routing guards, and zero 
browser console errors. Live email delivery requires actual Mailgun 
credentials and was not sent during testing.
This commit is contained in:
Ty Clifford
2026-06-15 14:51:44 -04:00
parent 51ee4ecb5a
commit 6686388834
15 changed files with 1159 additions and 32 deletions
+3 -1
View File
@@ -1,7 +1,9 @@
<div class="auth-card">
<p class="eyebrow">Second step</p>
<h2>Authentication code</h2>
<p class="muted">Enter the current six-digit code from your authenticator.</p>
<p class="muted"><?= $twoFactorMethod === 'email'
? 'Enter the six-digit code sent to the administrator email. It expires in 10 minutes.'
: 'Enter the current six-digit code from your authenticator.' ?></p>
<form method="post" class="stack-form">
<?= csrf_field() ?>
<input type="hidden" name="action" value="verify_2fa">