docs: Moved finisched FeatureRequest, Update README.md

CHANGELOG.md

@@ -44,7 +44,7 @@
 - Improve release script with tag-based commit detection
 
 
-## [Unreleased] - Branch: feature/public-internal-hosts
+## Public/Internal Host Separation (November 25, 2025)
 
 ### 🌐 Public/Internal Host Separation (November 25, 2025)
 
@@ -143,7 +143,7 @@
 
 ---
 
-## [Unreleased] - Branch: feature/security
+## feature/security
 
 ### 🔐 Session-Based Admin Authentication & Multi-Admin Support (November 23, 2025)
 
@@ -165,7 +165,7 @@
 
 ---
 
-## [Unreleased] - Branch: feature/SocialMedia
+## feature/SocialMedia
 
 ### 🧪 Comprehensive Test Suite & Admin API Security (November 16, 2025)
 
@@ -414,7 +414,7 @@
 
 ---
 
-## [Unreleased] - Branch: feature/PreloadImage
+## Preload Image
 
 ### 🚀 Slideshow Optimization (November 2025)
 
@@ -451,7 +451,7 @@
 
 ---
 
-## [Unreleased] - Branch: feature/DeleteUnprovedGroups
+## Delete Unproved Groups
 
 ### ✨ Automatic Cleanup Feature (November 2025)
 
@@ -518,7 +518,7 @@
 
 ---
 
-## [Unreleased] - Branch: feature/ImageDescription
+## Image Description
 
 ### ✨ Image Descriptions Feature (November 2025)
 
@@ -592,7 +592,7 @@
 
 ---
 
-## [Unreleased] - Branch: upgrade/deps-react-node-20251028
+## Upgrade Deps: React & Node (October 2025)
 
 ### 🎯 Major Framework Upgrades (October 2025)
 

README.md

@@ -21,106 +21,7 @@ A self-hosted image uploader with multi-image upload capabilities and automatic
 ## What's New
 This project extends the original [Image-Uploader by vallezw](https://github.com/vallezw/Image-Uploader) with enhanced multi-upload and slideshow capabilities.
 
-### 🆕 Latest Features (November 2025)
-
-- **📱 Telegram Bot Notifications** (Nov 30):
-  - Real-time notifications for all critical events
-  - 4 notification types: Upload, Consent Changes, Group Deletion, Daily Warnings
-  - Upload notifications with name, year, title, image count, and consent status
-  - Consent change tracking (workshop display + social media platforms)
-  - Group deletion confirmations with uploader and statistics
-  - Daily deletion warnings (09:00) for groups pending auto-cleanup (24h notice)
-  - Cron-scheduled automation via node-cron
-  - Admin endpoint for manual trigger: `POST /api/admin/telegram/warning`
-  - Optional feature via `TELEGRAM_ENABLED` environment variable
-  - Complete setup guide in `scripts/README.telegram.md`
-
-- **🌐 Public/Internal Host Separation** (Nov 25):
-  - Subdomain-based feature separation for production deployment
-  - Public host (`deinprojekt.hobbyhimmel.de`): Upload + UUID Management only
-  - Internal host (`deinprojekt.lan.hobbyhimmel.de`): Full admin access
-  - Frontend code splitting with React.lazy() for optimized bundle size
-  - Backend API protection via hostGate middleware
-  - Rate limiting: 20 uploads/hour on public host
-  - Audit log tracking with source host information
-  - Complete local testing support via /etc/hosts entries
-  - Zero configuration overhead for single-host deployments
-
-- **🧪 Comprehensive Test Suite** (Nov 16):
-  - 45 automated tests covering all API endpoints (100% passing)
-  - Jest + Supertest integration testing framework
-  - Unit tests for authentication middleware
-  - API tests for admin, consent, migration, and upload endpoints
-  - In-memory SQLite database for isolated testing
-  - Coverage: 26% statements, 15% branches (realistic starting point)
-  - Test execution time: ~10 seconds for full suite
-  - CI/CD ready with proper teardown and cleanup
-
-- **🔒 Admin Session Authentication** (Nov 16):
-  - Server-managed HTTP sessions for all admin/system endpoints
-  - CSRF protection on every mutating request via `X-CSRF-Token`
-  - Secure `ADMIN_SESSION_SECRET` configuration keeps cookies tamper-proof
-  - Protected routes: `/api/admin/*`, `/api/system/migration/migrate`, `/api/system/migration/rollback`
-  - Session-aware moderation UI with login + first-admin setup wizard
-  - Complete authentication documentation in `AUTHENTICATION.md`
-
-- **📋 API Route Documentation** (Nov 16):
-  - Single Source of Truth: `backend/src/routes/routeMappings.js`
-  - Comprehensive route overview in `backend/src/routes/README.md`
-  - Critical Express routing order documented (specific before generic)
-  - Frontend-ready route reference with authentication requirements
-  - OpenAPI specification auto-generation integrated
-
-- **🔐 Social Media Consent Management** (Phase 1 Complete - Nov 9-10):
-  - GDPR-compliant consent system for image usage
-  - Mandatory workshop display consent (no upload without approval)
-  - Optional per-platform consents (Facebook, Instagram, TikTok)
-  - Consent badges and filtering in moderation panel
-  - CSV/JSON export for legal documentation
-  - Group ID tracking for consent withdrawal requests
-- **🔑 Self-Service Management Portal** (Phase 2 Complete - Nov 11-15):
-  - Secure UUID-based management tokens for user self-service
-  - Frontend portal at `/manage/:token` for consent management
-  - Revoke/restore consents for workshop and social media
-  - Edit metadata (title, description) after upload
-  - Add/delete images after upload (with moderation re-approval)
-  - Complete group deletion with audit trail
-  - IP-based rate limiting (10 requests/hour)
-  - Brute-force protection (20 failed attempts → 24h ban)
-  - Management audit log for security tracking
-- **🎨 Modular UI Architecture** (Nov 15):
-  - Reusable components: ConsentManager, GroupMetadataEditor, ImageDescriptionManager
-  - Multi-mode support: upload/edit/moderate modes for maximum reusability
-  - Code reduction: 62% in ModerationGroupImagesPage (281→107 lines)
-  - Consistent design: HTML buttons, Paper boxes, Material-UI Alerts
-  - Individual save/discard per component section
-  - Zero code duplication between pages
-- **<EFBFBD> Slideshow Optimization**: Intelligent image preloading eliminates loading delays and duplicate images
-- **📅 Chronological Display**: Slideshows now play in chronological order (year → upload date)
-- **Automatic Cleanup**: Unapproved groups are automatically deleted after 7 days
-- **Deletion Log**: Complete audit trail with statistics (groups, images, storage freed)
-- **Countdown Display**: Visual indicator showing days until automatic deletion
-- **Approval Feedback**: SweetAlert2 notifications for moderation actions
-- **Manual Cleanup Trigger**: Admin API endpoints for testing and manual cleanup
-- **Image Descriptions**: Add optional descriptions to individual images (max 200 characters)
-- **Edit Mode**: Edit descriptions for uploaded images in upload preview and moderation interface
-- **Slideshow Display**: Image descriptions shown as overlays during slideshow presentation
-- **Public Display**: Descriptions visible in public group views and galleries
-
-### Previous Features (October 2025)
-- **Drag-and-Drop Image Reordering**: Admins can now reorder images using intuitive drag-and-drop
-- **Touch-Friendly Interface**: Mobile-optimized controls with always-visible drag handles  
-- **Slideshow Integration**: Custom image order automatically applies to slideshow mode
-- **Optimistic UI Updates**: Immediate visual feedback with error recovery
-- **Comprehensive Admin Panel**: Dedicated moderation interface for content curation
-
-### Core Features
-- Multi-image batch upload with progress tracking
-- Automatic slideshow presentation mode
-- Image grouping with descriptions and metadata
-- Random slideshow rotation with custom ordering support
-- Keyboard navigation support (Slideshow: Space/Arrow keys, Escape to exit)
-- Mobile-responsive design with touch-first interactions
+See the [CHANGELOG](CHANGELOG.md) for a detailed list of improvements and new features.
 
 ## Quick Start