v1.1.0: keyboard shortcuts (CH), onboarding tour, admin projects tab, remember-me login, Luftbild CH removed, hose settings in admin, credit link, font Barlow, map auto-save viewport, rate-limit 10/5min

src/app/api/admin/projects/route.ts

@@ -0,0 +1,39 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { getSession } from '@/lib/auth'
+import { prisma } from '@/lib/db'
+
+export async function GET(request: NextRequest) {
+  try {
+    const user = await getSession()
+    if (!user || user.role !== 'SERVER_ADMIN') {
+      return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
+    }
+
+    const { searchParams } = new URL(request.url)
+    const tenantId = searchParams.get('tenantId')
+
+    const where: any = {}
+    if (tenantId) where.tenantId = tenantId
+
+    const projects = await (prisma as any).project.findMany({
+      where,
+      orderBy: { updatedAt: 'desc' },
+      include: {
+        owner: {
+          select: { id: true, name: true, email: true },
+        },
+        tenant: {
+          select: { id: true, name: true },
+        },
+        _count: {
+          select: { features: true },
+        },
+      },
+    })
+
+    return NextResponse.json({ projects })
+  } catch (error) {
+    console.error('Error fetching admin projects:', error)
+    return NextResponse.json({ error: 'Serverfehler' }, { status: 500 })
+  }
+}

src/app/api/auth/login/route.ts

@@ -22,11 +22,16 @@ export async function POST(request: NextRequest) {
     }
 
     const { email, password } = validated.data
+    const rememberMe = body.rememberMe === true
     const result = await login(email, password)
 
     if (!result.success || !result.user) {
+      const remaining = rl.remaining
+      const warningText = remaining <= 3 && remaining > 0
+        ? ` (Noch ${remaining} Versuch${remaining === 1 ? '' : 'e'})`
+        : ''
       return NextResponse.json(
-        { error: result.error || 'Login fehlgeschlagen' },
+        { error: (result.error || 'Login fehlgeschlagen') + warningText, remaining },
         { status: 401 }
       )
     }
@@ -39,13 +44,13 @@ export async function POST(request: NextRequest) {
       })
     } catch {}
 
-    const token = await createToken(result.user)
+    const token = await createToken(result.user, rememberMe)
     
     ;(await cookies()).set('auth-token', token, {
       httpOnly: true,
       secure: process.env.NODE_ENV === 'production',
       sameSite: 'lax',
-      maxAge: 60 * 60 * 24, // 24 hours
+      maxAge: rememberMe ? 60 * 60 * 24 * 30 : 60 * 60 * 24, // 30 days or 24 hours
       path: '/',
     })
 

src/app/api/projects/[id]/features/route.ts

@@ -113,7 +113,19 @@ export async function PUT(
     }
 
     const body = await request.json()
-    const { features } = body as { features: Array<{ id?: string; type: string; geometry: object; properties?: object }> }
+    const { features, mapCenter, mapZoom } = body as {
+      features: Array<{ id?: string; type: string; geometry: object; properties?: object }>
+      mapCenter?: { lng: number; lat: number }
+      mapZoom?: number
+    }
+
+    // Persist map viewport alongside features (if provided)
+    if (mapCenter && mapZoom !== undefined) {
+      await (prisma as any).project.update({
+        where: { id },
+        data: { mapCenter, mapZoom },
+      })
+    }
 
     await (prisma as any).feature.deleteMany({
       where: { projectId: id },