feat: Sprint 4 complete — frontend MVP (admin dashboard + member portal)

Shadboard starter-kit (Next.js 15 + React 19 + shadcn/ui + Tailwind 4)

Sprint 4.a — Admin Dashboard:
- Auth: NextAuth.js v5, login page, middleware, token rotation
- Dashboard: KPI cards, Recharts stock chart, quick actions
- Members: TanStack Table (search/sort/paginate), add/edit forms
- Distributions: multi-step form, real-time quota check, history
- Stock: batch management, recall dialog, bar chart
- Reports: monthly/member-list/recall, PDF/CSV download, preview

Sprint 4.b — Member Portal:
- Separate route group with top-nav layout (mobile-first)
- Quota dashboard with radial SVG progress indicators
- Distribution history with month filter
- Profile/settings with password change

Cross-cutting:
- i18n: German (default) + English via next-intl
- Dark + light mode (next-themes, user-togglable)
- Playwright E2E tests (6/6 green)
- Docker multi-stage build (node:22-alpine)
- API proxy via Next.js rewrites

Tech: Next.js 15.2.8, React 19, Tailwind 4, NextAuth v5,
TanStack Table, Recharts, Zod, React Hook Form, Playwright

docs/sprint-5/cannamanage-sprint5-backlog.md

@@ -0,0 +1,93 @@
+# CannaManage — Sprint 5 Planning Backlog
+
+**Date:** 2026-06-12
+**Author:** Patrick Plate / Lumen (Planner)
+**Status:** Backlog (not yet planned)
+**Prerequisite:** Sprint 4 completion (Frontend MVP)
+
+---
+
+## Purpose
+
+This document captures features and improvements deferred from Sprint 4 during the persona review process. These items are the "known gaps" that prevent all 6 review personas from scoring ≥90%. They represent the natural next iteration after the frontend MVP is delivered.
+
+---
+
+## Deferred Items (from Sprint 4 Persona Review)
+
+### High Priority (multiple personas impacted)
+
+| # | Feature | Source Personas | Expected Impact |
+|---|---------|----------------|-----------------|
+| 1 | **Staff Management UI** — invite flow, permission editor, activity log | 🏢 Owner, 🛡️ Compliance | Owner +10%, Compliance +3% |
+| 2 | **Notification System** — email alerts for recalls, quota resets, new batches; WebSocket for real-time updates | 👤 Member, 🏢 Owner, 🎨 UX | Member +8%, Owner +5% |
+| 3 | **Inspector Read-Only Mode** — time-limited token for Behörde officials to browse audit logs without admin assistance | 🛡️ Compliance, 🏢 Owner | Compliance +8% |
+| 4 | **Club Settings UI** — email whitelist, prevention officer limit, club profile editing | 🏢 Owner | Owner +5% |
+
+### Medium Priority (UX polish + compliance hardening)
+
+| # | Feature | Source Personas | Expected Impact |
+|---|---------|----------------|-----------------|
+| 5 | **PWA Manifest + Service Worker** — home-screen installable, offline quota cache | 👤 Member, 🎨 UX | Member +5%, UX +3% |
+| 6 | **Micro-interactions & Page Transitions** — Framer Motion fade-in, form animations | 🎨 UX | UX +5% |
+| 7 | **Distribution Form Progress Stepper** — visual 3-step indicator (Select Member → Batch → Confirm) | 🎨 UX | UX +3% |
+| 8 | **Monthly Report Auto-Sealing** — auto-generate + SHA-256 hash at month-end, store sealed PDF | 🛡️ Compliance | Compliance +5% |
+| 9 | **Cryptographic Hash Chain** — SHA-256 linking distribution records for tamper-evidence | 🛡️ Compliance, 🔒 Security | Compliance +5% |
+
+### Lower Priority (nice-to-have)
+
+| # | Feature | Source Personas | Expected Impact |
+|---|---------|----------------|-----------------|
+| 10 | **Portal Visual Differentiation** — subtle accent color shift or branding to distinguish member portal from admin | 🎨 UX | UX +2% |
+| 11 | **Nonce-Based CSP** — eliminate `unsafe-inline`/`unsafe-eval` with Next.js middleware nonces | 🔒 Security | Security +3% |
+| 12 | **Date-Range Reports** — custom period report (Q1, ad-hoc date range) beyond month picker | 🏢 Owner | Owner +3% |
+| 13 | **2FA (TOTP)** — optional two-factor authentication for members and staff | 👤 Member, 🔒 Security | Security +3%, Member +3% |
+| 14 | **SWR/React Query** — client-side data cache for real-time updates without full page refresh | 💻 Developer | Developer +2% |
+
+---
+
+## Estimated Sprint 5 Scope
+
+Based on priority and effort, a reasonable Sprint 5 scope would be:
+
+**Sprint 5.a — Staff & Settings (~5 days)**
+- Staff management UI (list, invite, permission editor, activity log)
+- Club settings page (email whitelist, prevention officer limit)
+- Date-range report picker
+
+**Sprint 5.b — Notifications & PWA (~5 days)**
+- Email notification system (recall alerts, quota reset reminders)
+- WebSocket real-time quota updates
+- PWA manifest + service worker (offline quota cache)
+- Distribution form progress stepper
+- Page transitions (Framer Motion)
+
+---
+
+## Technical Prerequisites
+
+| Feature | Backend Changes Needed |
+|---------|----------------------|
+| Notifications | Email templates, event bus (Spring ApplicationEvents), WebSocket endpoint |
+| Inspector mode | New auth scope, time-limited read-only token endpoint |
+| Report sealing | Scheduled job (month-end), SHA-256 hash storage, sealed PDF S3/filesystem |
+| Hash chain | Migration: add `prev_hash` column to distributions table |
+| 2FA | TOTP library (e.g., `dev.samstevens.totp`), QR code endpoint, recovery codes |
+
+---
+
+## Open Questions (for Sprint 5 planning)
+
+- [ ] Should notifications use email only, or also in-app (bell icon) + push (web push API)?
+- [ ] Inspector mode: do we build a full separate UI, or just a token that grants read-only API access (inspector uses existing admin UI)?
+- [ ] PWA: offline-first for quota only, or cache entire portal for offline viewing?
+- [ ] 2FA: mandatory for staff, optional for members? Or optional for everyone?
+- [ ] Report sealing: store sealed PDFs in S3 or local filesystem?
+
+---
+
+## References
+
+- Sprint 4 Plan: `docs/sprint-4/cannamanage-sprint4-plan.md` (v3)
+- Sprint 4 Persona Review: `docs/sprint-4/cannamanage-sprint4-plan-persona-review.md` (Iteration 2)
+- Sprint 3 Plan: `docs/sprint-3/cannamanage-sprint3-plan.md`