- Updated `proxy.ts` to explicitly define cookie names based on the request protocol, improving clarity in cookie management.
- Refactored `auth.ts` to always throw an error for missing `NEXTAUTH_SECRET` at runtime, ensuring critical configuration is validated consistently.
- Updated `proxy.ts` to simplify cookie name handling in `getToken`, allowing automatic detection of secure cookie prefixes.
- Refactored `auth.ts` to implement a lazy check for `NEXTAUTH_SECRET`, ensuring validation only occurs when necessary and preventing build-time errors.
- Enhanced the proxy function to log user activity for both authenticated and unauthenticated requests, capturing details such as IP address, user agent, and referer.
- Introduced a new utility for logging activities, allowing for structured tracking of user actions across various routes.
- Updated photo upload and guess submission routes to log relevant user activity, improving visibility into user interactions.
- Added a script to watch user activity logs in real-time for easier monitoring.
- Modified the proxy function to allow access to the "/uploads" route alongside existing public routes.
- Enhanced PhotoImage and PhotoThumbnail components to handle local uploads by treating them similarly to external URLs.
- Updated comments to clarify the changes made regarding uploads and public folder handling.
- Explicitly specified the cookie name for token retrieval to align with NextAuth configuration.
- Improved debug logging to include cookie presence checks and detailed cookie information for better troubleshooting.
- Updated comments for clarity on the changes made to token handling and logging.
- Updated the function name from middleware to proxy to better reflect its purpose in handling requests.
- Ensured consistency in naming conventions across the codebase.
- Deleted the old middleware file and integrated its functionality into the proxy function for streamlined authentication and role-based access control.
- Updated debug logging to enhance visibility into token presence and user details during the authentication process.
- Adjusted middleware configuration to match all request paths while excluding static files and specific assets.
- Implemented a new middleware to handle authentication checks and enforce role-based access for protected routes.
- Added debug logging to track token presence and user details for improved troubleshooting.
- Configured middleware to match all request paths except for static files and specific assets.
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
