- Updated `proxy.ts` to explicitly define cookie names based on the request protocol, improving clarity in cookie management.
- Refactored `auth.ts` to always throw an error for missing `NEXTAUTH_SECRET` at runtime, ensuring critical configuration is validated consistently.
- Updated `proxy.ts` to simplify cookie name handling in `getToken`, allowing automatic detection of secure cookie prefixes.
- Refactored `auth.ts` to implement a lazy check for `NEXTAUTH_SECRET`, ensuring validation only occurs when necessary and preventing build-time errors.
- Removed unnecessary comments and code related to secure cookie management in `auth.ts`, as Auth.js now correctly handles cookies.
- Streamlined the authentication route in `route.ts` by directly exporting handlers without additional wrappers.
- Introduced `rebuild.sh` script for streamlined application rebuild and server management in both production and development modes.
- Created `REBUILD.md` documentation for quick start instructions and detailed steps for rebuilding the application.
- Added `HelpModal` component to provide users with in-app guidance on how to play the MirrorMatch game, including features, tips, and keyboard shortcuts.
- Updated `layout.tsx` to include the `HelpModal` for user accessibility.
- Adjusted authentication handling in `auth.ts` to ensure proper cookie management based on environment settings.
- Removed unnecessary check for session.user existence, ensuring it is always populated with token data.
- Updated comments to clarify session return behavior when token validation fails, allowing NextAuth to manage invalid tokens.
- Introduced console logs to track the authentication call and its results, including session presence and user details.
- Enhanced error logging to capture and display authentication errors for improved debugging.
- Added additional details to the JWT callback logging, including token ID, email, name, and role for improved debugging and context during authentication.
- Enhanced visibility into token state when no user is present, aiding in troubleshooting authentication issues.
- Added detailed logging for session information in the PhotosPage component to aid in debugging.
- Included console logs for session presence and user details, as well as a log for redirection to the login page when no session is found.
- Updated session callback in auth.ts to include additional session details for improved context during authentication.
- Updated session callback to include user role in the logging output for better context during session creation.
- Improved logging for missing or invalid tokens by adding token ID and email to the warning message.
- Removed conditional logging for non-production environments to ensure consistent logging across all environments.
- Enhanced the GET request handler to better manage session tokens from both request headers and Next.js cookie store.
- Added detailed error handling for authentication failures and improved logging for debugging purposes.
- Updated cookie management to provide clearer insights into session token presence and accessibility.
- Ensured secure cookie handling is enforced in production environments.
- Added a new API route for session management that retrieves session information and cookie data.
- Enhanced error handling to provide detailed error messages in case of failures.
- Updated login page to support callback URLs for redirection after successful login.
- Introduced debug logging for session creation and token validation in non-production environments.
- Added email and name to the token during the sign-in process for improved user context.
- Updated session callback to ensure session.user is populated with token data, including id, email, name, and role, while maintaining existing session data.
- Added a warning for non-production environments when the token is missing or invalid.
- Added validation for NEXTAUTH_SECRET to ensure it is set before authentication.
- Wrapped the authorization logic in a try-catch block to handle potential errors gracefully and log them for debugging.
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
