This document lists code and features that were added during development/debugging that might be candidates for cleanup or removal in the future.
## Debug/Development Code
### 1. Verbose Logging in Production
**Location:** Multiple files
**Status:** Consider reducing in production
- `lib/auth.ts` - Session callback logging (lines 78-103, 105-113)
- Logs full session details on every session creation
- Could be reduced to warnings only or removed in production
- `app/photos/page.tsx` - Page render logging (lines 12-33)
- Logs auth() calls and session details
- Useful for debugging but verbose for production
- `app/api/debug/session/route.ts` - Entire debug endpoint
- Created for debugging session issues
- Consider removing or protecting with admin-only access
- Or move to development-only route
### 2. Activity Logging
**Location:** `lib/activity-log.ts`, `proxy.ts`, API routes
**Status:** Keep but consider optimization
- Activity logging is useful for monitoring
- Consider:
- Moving to structured logging (JSON format)
- Adding log rotation/retention policies
- Option to disable in production if not needed
- Rate limiting logs to prevent spam
### 3. Upload Verification Logging
**Location:** `app/api/photos/upload/route.ts`
**Status:** Keep but reduce verbosity
- Lines 89-91: Directory creation/existence logging
- Lines 101: File save verification logging
- Useful for debugging but could be reduced to errors only
### 4. Middleware Debug Logging
**Location:** `proxy.ts`
**Status:** Keep but consider reducing
- Lines 22-37: Activity logging for all requests
- Useful for monitoring but generates many logs
- Consider: log only important events or add log level filtering
## Unused/Redundant Code
### 5. Legacy Upload Route
**Location:** `app/api/photos/route.ts`
**Status:** Consider deprecating
- Legacy URL-based upload endpoint
- New uploads use `/api/photos/upload`
- Consider:
- Marking as deprecated
- Removing if not used
- Or consolidating with upload route
### 6. Multiple Upload Routes
**Location:** `app/api/photos/upload/route.ts` and `app/api/photos/upload-multiple/route.ts`
**Status:** Keep but document usage
- Two separate upload endpoints
- Consider if both are needed or can be consolidated
### 7. Proxy.ts Cookie Name Variable
**Location:** `proxy.ts` line 15
**Status:** Minor cleanup
- `cookieName` variable defined but could use constant
- Consider moving to shared constant or env var
## Configuration Cleanup
### 8. Next.js Config
**Location:** `next.config.ts`
**Status:** Review
- Image optimization settings (line 19: `unoptimized: false`)
- Consider if all remote patterns are needed
- Review Turbopack configuration if not using
## Documentation Cleanup
### 10. ARCHITECTURE.md References
**Location:** `ARCHITECTURE.md` line 156
**Status:** Update
- Still references `middleware.ts` in some places
- Should reference `proxy.ts` instead
- Update all middleware references
## Testing/Debugging Utilities
### 11. Watch Activity Script
**Location:** `watch-activity.sh` (if created)
**Status:** Keep or document
- Useful utility for monitoring
- Consider adding to README or removing if not needed
## Recommendations
### High Priority (Consider Removing)
1. `app/api/debug/session/route.ts` - Debug endpoint (protect or remove)
2. Verbose logging in `app/photos/page.tsx` - Reduce to errors only
3. Update ARCHITECTURE.md middleware references
### Medium Priority (Optimize)
1. Activity logging - Add log levels or filtering
2. Upload logging - Reduce verbosity
3. Session callback logging - Reduce in production
### Low Priority (Keep)
1. Activity logging utility - Useful for monitoring
2. Multiple upload routes - Document usage
3. Watch activity script - Useful utility
## Notes
- **Consider** adding environment-based log levels (DEBUG, INFO, WARN, ERROR)
- **Consider** moving debug endpoints behind admin authentication
- **Consider** adding log rotation/retention for production
---
Do all these in stages. create new tests and test and docuemtn as u go.
add DEBUG, INFO, WARN, ERROR flags and only show when asked for. create new branch.
- Enhanced the proxy function to log user activity for both authenticated and unauthenticated requests, capturing details such as IP address, user agent, and referer.
- Introduced a new utility for logging activities, allowing for structured tracking of user actions across various routes.
- Updated photo upload and guess submission routes to log relevant user activity, improving visibility into user interactions.
- Added a script to watch user activity logs in real-time for easier monitoring.
- Modified the proxy function to allow access to the "/uploads" route alongside existing public routes.
- Enhanced PhotoImage and PhotoThumbnail components to handle local uploads by treating them similarly to external URLs.
- Updated comments to clarify the changes made regarding uploads and public folder handling.
- Explicitly specified the cookie name for token retrieval to align with NextAuth configuration.
- Improved debug logging to include cookie presence checks and detailed cookie information for better troubleshooting.
- Updated comments for clarity on the changes made to token handling and logging.
- Updated the function name from middleware to proxy to better reflect its purpose in handling requests.
- Ensured consistency in naming conventions across the codebase.
- Deleted the old middleware file and integrated its functionality into the proxy function for streamlined authentication and role-based access control.
- Updated debug logging to enhance visibility into token presence and user details during the authentication process.
- Adjusted middleware configuration to match all request paths while excluding static files and specific assets.
- Implemented a new middleware to handle authentication checks and enforce role-based access for protected routes.
- Added debug logging to track token presence and user details for improved troubleshooting.
- Configured middleware to match all request paths except for static files and specific assets.
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
