- replace bearer auth with session+CSRF flow and add admin user directory
- update frontend moderation flow, force password change gate, and new CLI
- refresh changelog/docs/feature plan + ensure swagger dev experience
- Update consent.js routes to use /api prefix
- Add /api/social-media location to dev/prod nginx configs
- Fix route registration for proper API access
The /moderation page is already password-protected, so API routes
called from that page don't need additional authentication.
This fixes 'Unexpected token <' error in deletion log display.
- Create DeletionLogSection component
- Integrate deletion log at bottom of moderation page
- Remove standalone DeletionLogPage and route
- Remove admin nav link (log now in moderation)
- Keep /api/admin routes for backend API access
- Update nginx configs (remove /admin frontend route)
- Create DeletionLogPage with statistics cards and deletion history table
- Add admin navigation link to Navbar
- Configure nginx for /admin and /api/admin routes (dev+prod)
- Add password protection for admin routes
- Support toggle between last 10 and all deletions
- Created clean dev nginx.conf based on working prod version
- Adapted backend service names (backend-dev)
- Replaced static file serving with React Dev Server proxying
- Added htpasswd authentication for /moderation routes
Testing confirms:
✅ Homepage accessible (200 OK)
✅ Moderation page protected (401 Unauthorized)
✅ Moderation API protected (401 Unauthorized)
✅ Upload functionality working (single + batch)
- Fixed missing 'path' import in batchUpload.js
- Fixed GroupRepository import (singleton vs class)
- Added htpasswd file to development config
- Created new nginx.conf based on working production config
- Updated Dockerfile to copy htpasswd for development
Status:
✅ Upload functionality restored (both single and batch)
✅ Backend routing and error handling fixed
⚠️ nginx auth config needs troubleshooting (container not using new config)
- Fixed nginx proxy configuration for API endpoints
- Added proper proxy headers and max body size for uploads
- Added /api/groups endpoint routing
- Corrected proxy_pass paths to route properly to backend
- API endpoints now accessible via nginx proxy
Fixes: Image upload routing issue in development environment
- Neue Docker-Struktur: docker/{dev,prod}/ für klare Trennung
- Entfernt: docker-compose.override.yml (problematisch)
- Hinzugefügt: ./dev.sh und ./prod.sh Scripts für einfache Bedienung
- Container-spezifische Konfigurationen in docker/{dev,prod}/*/config/
- Aktualisierte READMEs für neue Struktur
- Backend-Daten in .gitignore hinzugefügt
- Bereinigt: Veraltete Dockerfiles und Konfigurationsdateien
Jetzt: Wartungsfreundlich, keine Verwirrung zwischen Umgebungen
