- Enhanced the proxy function to log user activity for both authenticated and unauthenticated requests, capturing details such as IP address, user agent, and referer.
- Introduced a new utility for logging activities, allowing for structured tracking of user actions across various routes.
- Updated photo upload and guess submission routes to log relevant user activity, improving visibility into user interactions.
- Added a script to watch user activity logs in real-time for easier monitoring.
- Introduced a lazy initialization function for the Prisma client to optimize resource usage by only initializing when first accessed.
- Enhanced error handling for parsing Prisma Postgres connection strings, providing clearer error messages and logging for debugging.
- Updated the export to use a Proxy for lazy loading, improving performance and maintaining the existing interface.
- Removed unnecessary check for session.user existence, ensuring it is always populated with token data.
- Updated comments to clarify session return behavior when token validation fails, allowing NextAuth to manage invalid tokens.
- Introduced console logs to track the authentication call and its results, including session presence and user details.
- Enhanced error logging to capture and display authentication errors for improved debugging.
- Added additional details to the JWT callback logging, including token ID, email, name, and role for improved debugging and context during authentication.
- Enhanced visibility into token state when no user is present, aiding in troubleshooting authentication issues.
- Added detailed logging for session information in the PhotosPage component to aid in debugging.
- Included console logs for session presence and user details, as well as a log for redirection to the login page when no session is found.
- Updated session callback in auth.ts to include additional session details for improved context during authentication.
- Updated session callback to include user role in the logging output for better context during session creation.
- Improved logging for missing or invalid tokens by adding token ID and email to the warning message.
- Removed conditional logging for non-production environments to ensure consistent logging across all environments.
- Enhanced the GET request handler to better manage session tokens from both request headers and Next.js cookie store.
- Added detailed error handling for authentication failures and improved logging for debugging purposes.
- Updated cookie management to provide clearer insights into session token presence and accessibility.
- Ensured secure cookie handling is enforced in production environments.
- Added a new API route for session management that retrieves session information and cookie data.
- Enhanced error handling to provide detailed error messages in case of failures.
- Updated login page to support callback URLs for redirection after successful login.
- Introduced debug logging for session creation and token validation in non-production environments.
- Added email and name to the token during the sign-in process for improved user context.
- Updated session callback to ensure session.user is populated with token data, including id, email, name, and role, while maintaining existing session data.
- Added a warning for non-production environments when the token is missing or invalid.
- Added validation for NEXTAUTH_SECRET to ensure it is set before authentication.
- Wrapped the authorization logic in a try-catch block to handle potential errors gracefully and log them for debugging.
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
