This document lists code and features that were added during development/debugging that might be candidates for cleanup or removal in the future.
## Debug/Development Code
### 1. Verbose Logging in Production
**Location:** Multiple files
**Status:** Consider reducing in production
- `lib/auth.ts` - Session callback logging (lines 78-103, 105-113)
- Logs full session details on every session creation
- Could be reduced to warnings only or removed in production
- `app/photos/page.tsx` - Page render logging (lines 12-33)
- Logs auth() calls and session details
- Useful for debugging but verbose for production
- `app/api/debug/session/route.ts` - Entire debug endpoint
- Created for debugging session issues
- Consider removing or protecting with admin-only access
- Or move to development-only route
### 2. Activity Logging
**Location:** `lib/activity-log.ts`, `proxy.ts`, API routes
**Status:** Keep but consider optimization
- Activity logging is useful for monitoring
- Consider:
- Moving to structured logging (JSON format)
- Adding log rotation/retention policies
- Option to disable in production if not needed
- Rate limiting logs to prevent spam
### 3. Upload Verification Logging
**Location:** `app/api/photos/upload/route.ts`
**Status:** Keep but reduce verbosity
- Lines 89-91: Directory creation/existence logging
- Lines 101: File save verification logging
- Useful for debugging but could be reduced to errors only
### 4. Middleware Debug Logging
**Location:** `proxy.ts`
**Status:** Keep but consider reducing
- Lines 22-37: Activity logging for all requests
- Useful for monitoring but generates many logs
- Consider: log only important events or add log level filtering
## Unused/Redundant Code
### 5. Legacy Upload Route
**Location:** `app/api/photos/route.ts`
**Status:** Consider deprecating
- Legacy URL-based upload endpoint
- New uploads use `/api/photos/upload`
- Consider:
- Marking as deprecated
- Removing if not used
- Or consolidating with upload route
### 6. Multiple Upload Routes
**Location:** `app/api/photos/upload/route.ts` and `app/api/photos/upload-multiple/route.ts`
**Status:** Keep but document usage
- Two separate upload endpoints
- Consider if both are needed or can be consolidated
### 7. Proxy.ts Cookie Name Variable
**Location:** `proxy.ts` line 15
**Status:** Minor cleanup
- `cookieName` variable defined but could use constant
- Consider moving to shared constant or env var
## Configuration Cleanup
### 8. Next.js Config
**Location:** `next.config.ts`
**Status:** Review
- Image optimization settings (line 19: `unoptimized: false`)
- Consider if all remote patterns are needed
- Review Turbopack configuration if not using
## Documentation Cleanup
### 10. ARCHITECTURE.md References
**Location:** `ARCHITECTURE.md` line 156
**Status:** Update
- Still references `middleware.ts` in some places
- Should reference `proxy.ts` instead
- Update all middleware references
## Testing/Debugging Utilities
### 11. Watch Activity Script
**Location:** `watch-activity.sh` (if created)
**Status:** Keep or document
- Useful utility for monitoring
- Consider adding to README or removing if not needed
## Recommendations
### High Priority (Consider Removing)
1. `app/api/debug/session/route.ts` - Debug endpoint (protect or remove)
2. Verbose logging in `app/photos/page.tsx` - Reduce to errors only
3. Update ARCHITECTURE.md middleware references
### Medium Priority (Optimize)
1. Activity logging - Add log levels or filtering
2. Upload logging - Reduce verbosity
3. Session callback logging - Reduce in production
### Low Priority (Keep)
1. Activity logging utility - Useful for monitoring
2. Multiple upload routes - Document usage
3. Watch activity script - Useful utility
## Notes
- **Consider** adding environment-based log levels (DEBUG, INFO, WARN, ERROR)
- **Consider** moving debug endpoints behind admin authentication
- **Consider** adding log rotation/retention for production
---
Do all these in stages. create new tests and test and docuemtn as u go.
add DEBUG, INFO, WARN, ERROR flags and only show when asked for. create new branch.
- Enhanced the proxy function to log user activity for both authenticated and unauthenticated requests, capturing details such as IP address, user agent, and referer.
- Introduced a new utility for logging activities, allowing for structured tracking of user actions across various routes.
- Updated photo upload and guess submission routes to log relevant user activity, improving visibility into user interactions.
- Added a script to watch user activity logs in real-time for easier monitoring.
- Enhanced the GET request handler to better manage session tokens from both request headers and Next.js cookie store.
- Added detailed error handling for authentication failures and improved logging for debugging purposes.
- Updated cookie management to provide clearer insights into session token presence and accessibility.
- Ensured secure cookie handling is enforced in production environments.
- Added a new API route for session management that retrieves session information and cookie data.
- Enhanced error handling to provide detailed error messages in case of failures.
- Updated login page to support callback URLs for redirection after successful login.
- Introduced debug logging for session creation and token validation in non-production environments.
- Remove Prisma namespace imports (not available in Prisma 7)
- Use type assertions with eslint-disable for Prisma type issues
- Fix console.error calls to avoid format string warnings
- Sanitize file extensions to address path traversal warnings
- Add comments explaining server-side filename generation safety
- Replace 'any' types with proper Prisma types
- Use PhotoUncheckedCreateInput for photo creation
- Use Prisma.PhotoWhereInput for where clauses
- Add proper type assertions for photo fields
- Fix Photo import error by using Prisma namespace
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
