Backend:
- Add hostGate middleware for host-based API protection
- Extend rate limiter with publicUploadLimiter (20/hour)
- Add source_host and source_type to audit logs
- Database migration for audit log source tracking
- Unit tests for hostGate middleware (10/20 passing)
Frontend:
- Add hostDetection utility for runtime host detection
- Implement React code splitting with lazy loading
- Update App.js with ProtectedRoute component
- Customize 404 page for public vs internal hosts
- Update env-config.js for host configuration
Docker:
- Add environment variables to prod/dev docker-compose
- Configure ENABLE_HOST_RESTRICTION flags
- Set PUBLIC_HOST and INTERNAL_HOST variables
Infrastructure:
- Prepared for nginx-proxy-manager setup
- Trust proxy configuration (TRUST_PROXY_HOPS=1)
Note: Some unit tests still need adjustment for ENV handling
- replace bearer auth with session+CSRF flow and add admin user directory
- update frontend moderation flow, force password change gate, and new CLI
- refresh changelog/docs/feature plan + ensure swagger dev experience
- Add prominent migration guide reference in README.dev.md API section
- Remove backend/TESTING.md (info now in README.dev.md)
- Remove backend/test-openapi-paths.js (replaced by automated tests)
🧪 Testing Infrastructure (45 tests, 100% passing)
- Implemented Jest + Supertest framework for automated testing
- Unit tests: 5 tests for auth middleware (100% coverage)
- Integration tests: 40 tests covering admin, consent, migration, upload APIs
- Test execution time: ~10 seconds for full suite
- Coverage: 26% statements, 15% branches (realistic start)
- In-memory SQLite database for isolated testing
- Singleton server pattern for fast test execution
- Automatic cleanup and teardown
🔒 Admin API Authentication
- Bearer token authentication for all admin endpoints
- requireAdminAuth middleware with ADMIN_API_KEY validation
- Protected routes: /api/admin/*, /api/system/migration/migrate|rollback
- Complete authentication guide in AUTHENTICATION.md
- HTTP 403 for missing/invalid tokens, 500 if not configured
- Ready for production with token rotation support
📋 API Route Documentation
- Single Source of Truth: backend/src/routes/routeMappings.js
- Comprehensive route overview in backend/src/routes/README.md
- Express routing order documented (specific before generic)
- Frontend integration guide with authentication examples
- OpenAPI auto-generation integrated
🐛 Bug Fixes
- Fixed SQLite connection not properly awaited (caused test hangs)
- Fixed upload validation checking req.files.file before req.files
- Fixed Express route order (consent before admin router)
- Fixed test environment using /tmp for uploads (permission issues)
📚 Documentation Updates
- Updated README.md with testing and authentication features
- Updated README.dev.md with testing section and API development guide
- Updated CHANGELOG.md with complete feature documentation
- Updated FEATURE_PLAN-autogen-openapi.md (status: 100% complete)
- Added frontend/MIGRATION-GUIDE.md for frontend team
🚀 Frontend Impact
Frontend needs to add Bearer token to all /api/admin/* calls.
See frontend/MIGRATION-GUIDE.md for detailed instructions.
Test Status: ✅ 45/45 passing (100%)
Backend: ✅ Production ready
Frontend: ⚠️ Migration required (see MIGRATION-GUIDE.md)
- Created new modular components:
* ConsentManager: Manages workshop + social media consents with individual save
* GroupMetadataEditor: Manages group metadata (title, description, name, year) with save
* ImageDescriptionManager: Manages image descriptions with batch save
* DeleteGroupButton: Standalone group deletion component
- Refactored ManagementPortalPage to use modular components:
* Each component in Paper box with heading inside (not outside)
* HTML buttons with CSS classes (btn btn-success, btn btn-secondary)
* Inline feedback with Material-UI Alert instead of SweetAlert2 popups
* Icons: 💾 save, ↩ discard, 🗑️ delete
* Individual save/discard functionality per component
- Enhanced ConsentCheckboxes component:
* Added children prop for flexible composition
* Conditional heading for manage mode inside Paper box
- Fixed DescriptionInput:
* Removed duplicate heading (now only in parent component)
- React state management improvements:
* Deep copy pattern for nested objects/arrays
* Sorted array comparison for order-insensitive change detection
* Set-based comparison for detecting removed items
* Initialization guard to prevent useEffect overwrites
- Bug fixes:
* Fixed image reordering using existing /api/groups/:groupId/reorder route
* Fixed edit mode toggle with unsaved changes warning
* Fixed consent state updates with proper object references
* Fixed uploadImageBatch signature to use object destructuring
* Removed unnecessary /api/manage/:token/reorder route from backend
Next: Apply same modular pattern to MultiUploadPage and ModerationGroupImagesPage
- Task 17: Management-Link im Upload-Erfolg angezeigt mit Copy-Button
- Widerruf-Dialoge überarbeitet: Klarstellung zu Scope & Kontakt für Social Media Posts
- Rate-Limiter für Dev-Umgebung erhöht (100/h statt 10/h)
- Mailto-Link Verhalten noch nicht final getestet (Browser vs. Mail-Client)
ACHTUNG: Noch nicht vollständig getestet! Mailto-Funktionalität muss in verschiedenen Browsern validiert werden.
Issue 6: ModerationGroupsPage - Filter "Alle Gruppen" not working
- Problem: Backend filtered groups with display_in_workshop=1 even when no filter selected
- Solution: Removed filter condition in else block - now shows ALL groups when filter='all'
- File: backend/src/routes/groups.js
- Test: GET /moderation/groups now returns 73 groups (all groups)
Issue 7: Export button "Consent-Daten exportieren" not working
- Problem: Routes had wrong path prefix (/admin/* instead of /api/admin/*)
- Solution: Added /api prefix to consent admin routes for consistency
- Files: backend/src/routes/consent.js
* GET /api/admin/groups/by-consent (was /admin/groups/by-consent)
* GET /api/admin/consents/export (was /admin/consents/export)
- Test: curl http://localhost:5001/api/admin/consents/export?format=csv works
- Export now includes dynamic Social Media platform columns (facebook, instagram, tiktok)
Test Results:
✅ Filter "Alle Gruppen": 73 groups
✅ Filter "Nur Werkstatt": 1 group
✅ Filter "Facebook": 0 groups
✅ Export CSV with platform columns: facebook,instagram,tiktok
✅ Test upload with Social Media consents saved correctly
✅ Export shows consented platforms per group
Files Changed:
- backend/src/routes/groups.js (filter logic fixed)
- backend/src/routes/consent.js (API paths corrected)
Audit-Logging System:
- Migration 007: management_audit_log table with indexes
- Tracks all management portal actions
- IP address, user-agent, request data logging
- Token masking (only first 8 chars stored)
- Success/failure tracking with error messages
ManagementAuditLogRepository:
- logAction() - Log management actions
- getRecentLogs() - Get last N logs
- getLogsByGroupId() - Get logs for specific group
- getFailedActionsByIP() - Security monitoring
- getStatistics() - Overview statistics
- cleanupOldLogs() - Maintenance (90 days retention)
Audit-Log Middleware:
- Adds res.auditLog() helper function
- Auto-captures IP, User-Agent
- Integrated into all management routes
- Non-blocking (errors don't fail main operation)
Admin API Endpoints:
- GET /api/admin/management-audit?limit=N
- GET /api/admin/management-audit/stats
- GET /api/admin/management-audit/group/:groupId
Tested:
✅ Migration executed successfully
✅ Audit logs written on token validation
✅ Admin API returns logs with stats
✅ Token masking working
✅ Statistics accurate
Rate-Limiting:
- IP-based: 10 requests per hour per IP
- Applies to all /api/manage/* routes
- Returns 429 Too Many Requests when limit exceeded
- Automatic cleanup of expired records (>1h old)
Brute-Force Protection:
- Tracks failed token validation attempts
- After 20 failed attempts: IP banned for 24 hours
- Returns 403 Forbidden for banned IPs
- Integrated into GET /api/manage/:token route
Technical Implementation:
- Created backend/src/middlewares/rateLimiter.js
- In-memory storage with Map() for rate limit tracking
- Separate Map() for brute-force detection
- Middleware applied to all management routes
- Token validation failures increment brute-force counter
Tested:
✅ Rate limit blocks after 10 requests
✅ 429 status code returned correctly
✅ Middleware integration working
✅ IP-based tracking functional
Fixed Task 8 (Delete Group API):
- Changed deletionLogRepository.logDeletion() to createDeletionEntry()
- Use correct parameters matching DeletionLogRepository schema
- Deletion now works: group, images, files, consents all removed
- deletion_log entry created with proper data
Tested:
✅ Group deletion with valid token
✅ 404 for invalid/missing tokens
✅ Files deleted (original + preview)
✅ DB records deleted via CASCADE
✅ Deletion log entry created
All 8 Backend Management API tasks complete!
Backend Management API implementation for self-service user portal:
✅ Task 2: Token Generation (already implemented in Phase 1)
- UUID v4 generated at upload
- Stored in groups.management_token
- Returned in upload response
✅ Task 3: Token Validation API
- GET /api/manage/:token
- Validates token and loads complete group data
- Returns group with images, consents, metadata
- 404 for invalid/missing tokens
✅ Task 4: Consent Revocation API
- PUT /api/manage/:token/consents
- Revoke/restore workshop consent
- Revoke/restore social media platform consents
- Sets revoked=1, revoked_timestamp
- Full error handling and validation
✅ Task 5: Metadata Edit API
- PUT /api/manage/:token/metadata
- Update title, description, name
- Supports partial updates
- Automatically sets approved=0 (returns to moderation)
✅ Task 6: Add Images API
- POST /api/manage/:token/images
- Upload new images to existing group
- Calculates correct upload_order
- Sets approved=0 on changes
- Max 50 images per group validation
- Preview generation support
✅ Task 7: Delete Image API
- DELETE /api/manage/:token/images/:imageId
- Deletes original and preview files
- Removes DB entry
- Sets approved=0 if group was approved
- Prevents deletion of last image
⏳ Task 8: Delete Group API (in progress)
- DELETE /api/manage/:token route created
- Integration with existing GroupRepository.deleteGroup
- Needs testing
Technical Changes:
- Created backend/src/routes/management.js
- Added getGroupByManagementToken() to GroupRepository
- Registered /api/manage routes in index.js
- Installed uuid package for token generation
- All routes use token validation helper
- Docker-only development workflow
Tested Features:
- Token validation with real uploads
- Workshop consent revoke/restore
- Social media consent management
- Metadata updates (full and partial)
- Image upload with multipart/form-data
- Image deletion with file cleanup
- Error handling and edge cases
✅ Phase 1 Complete (Nov 9-10, 2025):
- GDPR-compliant consent management fully implemented
- Mandatory workshop display consent + optional social media consents
- Consent badges, filtering, and CSV/JSON export in moderation panel
- Automatic migration system fixed (inline comments handling)
- GDPR compliance validated: 72 production groups with display_in_workshop = 0
- All features tested and production-ready
Documentation Updates:
- FEATURE_PLAN-social-media.md: All Phase 1 tasks marked complete
- README.md: Added consent system to features, updated database schema, new API endpoints
- README.dev.md: Complete developer guide with debugging, testing, and troubleshooting
Technical Achievements:
- 12 commits over 2 days (faster than 4-5 day estimate)
- Zero GDPR violations (retroactive consent fix validated)
- Zero breaking changes to existing functionality
Ready for Code Review and Production Deployment
- Fixed SQL statement parsing to remove both line and inline comments
- Prevents incomplete SQL statements from inline comments
- Migration 005 and 006 now apply correctly via automatic migration system
- Tested with production data: All 72 groups have display_in_workshop = 0 (GDPR compliant)
Problem: Moderation filter returned 0 groups because:
1. groupFormatter.formatGroupDetail() didn't include display_in_workshop field
2. Platform filters incorrectly required workshop consent
Solution:
- Add display_in_workshop and consent_timestamp to formatGroupDetail()
- Remove workshop requirement from platform filters
- Add default filter to show only groups with workshop consent
- Fix workshop-only filter to check for consented social media
Filter logic:
- 'Alle Gruppen': Only groups WITH workshop consent
- 'Nur Werkstatt': Groups with workshop BUT WITHOUT social media
- Platform filters: Groups with that platform consent (independent of workshop)
Problem: Filtered groups were missing preview images because
getGroupsByConsentStatus() only returned group metadata without images.
Solution: Load all groups with getAllGroupsWithModerationInfo() first
(includes images), add consent data, then filter in-memory based on
query parameters. This ensures preview images are always included.
- Update consent.js routes to use /api prefix
- Add /api/social-media location to dev/prod nginx configs
- Fix route registration for proper API access
- Parse consent data from request body (workshopConsent, socialMediaConsents)
- Validate workshop consent is required (400 error if missing)
- Use createGroupWithConsent() instead of createGroup()
- Pass consent data to repository for database storage
- Maintains backward compatibility with existing upload flow
- GDPR-compliant: no upload without explicit workshop consent
- Create consent.js with comprehensive API endpoints:
- GET /api/social-media/platforms - list active platforms
- POST /api/groups/:groupId/consents - save/update group consents
- GET /api/groups/:groupId/consents - retrieve group consent data
- GET /api/admin/groups/by-consent - filter groups by consent status
- GET /api/admin/consents/export - export consent data (JSON/CSV formats)
- Register consent router in routes/index.js
- Full validation and error handling
- CSV export with dynamic platform columns
- Ready for frontend integration
- Create new SocialMediaRepository for platform and consent management
- getAllPlatforms(), getActivePlatforms()
- createPlatform(), updatePlatform(), togglePlatformStatus()
- saveConsents(), getConsentsForGroup(), getGroupIdsByConsentStatus()
- revokeConsent(), restoreConsent(), hasActiveConsent()
- Extend GroupRepository with consent management methods
- createGroupWithConsent() - create group with workshop & social media consents
- getGroupWithConsents() - retrieve group with all consent data
- updateConsents() - update consent preferences
- getGroupsByConsentStatus() - filter groups by consent status
- exportConsentData() - export for legal documentation
- generateManagementToken(), getGroupByManagementToken() (Phase 2)
- Both repositories work together seamlessly via transactions
- Add POST /api/admin/cleanup/trigger for manual cleanup
- Add GET /api/admin/cleanup/preview for dry-run testing
- Create test-cleanup.sh (bash) for easy testing
- Create test-cleanup.js (node) as alternative test tool
- Enable backdating groups for testing purposes
Features:
- Add image description field (max 200 chars) for individual images
- Replace 'Sort' button with 'Edit' button in image gallery cards
- Enable edit mode with text fields for each image in moderation
- Display descriptions in slideshow and public views
- Integrate description saving with main save button
Frontend changes:
- ImageGalleryCard: Add edit mode UI with textarea and character counter
- ModerationGroupImagesPage: Integrate description editing into main save flow
- Fix keyboard event propagation in textarea (spacebar issue)
- Remove separate 'Save Descriptions' button
- Add ESLint fixes for useCallback dependencies
Backend changes:
- Fix route order: batch-description route must come before :imageId route
- Ensure batch description update API works correctly
Build optimizations:
- Add .dockerignore to exclude development data (182MB reduction)
- Fix Dockerfile: Remove non-existent frontend/conf directory
- Reduce backend image size from 437MB to 247MB
Fixes:
- Fix route matching issue with batch-description endpoint
- Prevent keyboard events from triggering drag-and-drop
- Clean up unused functions and ESLint warnings
- Fixed missing 'path' import in batchUpload.js
- Fixed GroupRepository import (singleton vs class)
- Added htpasswd file to development config
- Created new nginx.conf based on working production config
- Updated Dockerfile to copy htpasswd for development
Status:
✅ Upload functionality restored (both single and batch)
✅ Backend routing and error handling fixed
⚠️ nginx auth config needs troubleshooting (container not using new config)
- Neue Docker-Struktur: docker/{dev,prod}/ für klare Trennung
- Entfernt: docker-compose.override.yml (problematisch)
- Hinzugefügt: ./dev.sh und ./prod.sh Scripts für einfache Bedienung
- Container-spezifische Konfigurationen in docker/{dev,prod}/*/config/
- Aktualisierte READMEs für neue Struktur
- Backend-Daten in .gitignore hinzugefügt
- Bereinigt: Veraltete Dockerfiles und Konfigurationsdateien
Jetzt: Wartungsfreundlich, keine Verwirrung zwischen Umgebungen
🔧 Problem identified and fixed:
- nginx proxy was routing /api/groups to /groups (removing /api prefix)
- Backend route was registered under /api/groups instead of /groups
- Changed backend route registration from '/api/groups' to '/groups'
- Tested API endpoint: curl to /api/groups/qion_-lT1/reorder now works
- Removed debug console.log statements for cleaner production code
✅ Drag-and-drop reordering now functional in ModerationGroupImagesPage
✅ API requests properly routed through nginx proxy to backend
✅ Error 'Reihenfolge konnte nicht geändert werden' resolved
- Add imageUtils.js helper with getImageSrc() and getGroupPreviewSrc()
- Update ImageGalleryCard to use preview images for galleries
- Update ModerationGroupsPage to show preview images in modal
- Update ModerationGroupImagesPage to use preview images
- Update PublicGroupImagesPage to pass all image fields
- SlideshowPage continues using original images (full quality)
- Update nginx.dev.conf with /api/previews and /api/download routes
- Update start-dev.sh to generate correct nginx config
- Fix GroupRepository.getAllGroupsWithModerationInfo() to return full image data
- Remove obsolete version from docker-compose.override.yml
- Update TODO.md: mark frontend cleanup as completed
Performance: Gallery load times reduced by ~96% (100KB vs 3MB per image)
Task 4: Upload Routes Extended
- upload.js: Generate preview after single file upload
- batchUpload.js: Generate previews for all batch uploads
- Async preview generation (non-blocking response)
- Auto-update preview_path in database after generation
Task 5: Repository with preview_path
- GroupRepository: Include preview_path in INSERT
- getGroupById: Return previewPath in image objects
- groupFormatter: Add previewPath to formatGroupDetail()
- All queries now support preview_path column
Task 6: API Endpoints Extended
- Add PREVIEW_STATIC_DIRECTORY constant (/previews)
- Serve preview images via express.static
- All existing endpoints now return previewPath field
- Fallback to filePath if preview not available (frontend)
- Install sharp@0.33.5 for image processing
- Create ImagePreviewService with preview generation
- Support 800px max width, JPEG 85% quality
- Automatic directory creation on first use
- Include preview size reduction logging
- Add cleanup method for orphaned previews
- Update backend/Dockerfile: node:18 → node:24 (LTS)
- Node 24 provides longer support window and latest features
- Tested: Build successful (127s), container starts cleanly, all services working
Phase 1 refined: Backend now on Node 24 LTS with extended support timeline.
Major Frontend Refactoring:
- Replace ImagePreviewGallery with unified ImageGallery/ImageGalleryCard components
- Support 4 display modes: group, moderation, preview, single-image
- Add hidePreview prop to conditionally hide group preview images
- Unified grid layout with responsive 3/2/1 column design
- Remove 15+ legacy files and components
- Delete UploadedImagePage, SocialMedia components, old upload components
- Remove unused CSS files (GroupCard.css, Image.css/scss)
- Clean up /upload/:image_url route from App.js
- Fix image preview functionality in MultiUploadPage
- Convert File objects to blob URLs with URL.createObjectURL()
- Add proper memory cleanup with URL.revokeObjectURL()
- Improve page navigation and layout
- Fix GroupsOverviewPage to route to /groups/:groupId detail page
- Adjust PublicGroupImagesPage spacing and layout
- Fix ModerationGroupsPage duplicate stats section
CSS Refactoring:
- Rename GroupCard.css → ImageGallery.css with updated class names
- Maintain backward compatibility with legacy class names
- Fix grid stretching with fixed 3-column layout
Development Environment:
- Add docker-compose.override.yml for local development
- Create Dockerfile.dev with hot-reload support
- Add start-dev.sh and nginx.dev.conf
- Update README.dev.md with development setup instructions
Production Build:
- Fix frontend/Dockerfile multi-stage build (as → AS)
- Update prod.sh to explicitly use docker-compose.yml (ignore override)
- Resolve node:18-alpine image corruption issue
- Backend Dockerfile improvements for Node 14 compatibility
Documentation:
- Update TODO.md marking completed frontend tasks
- Clean up docs/images directory
- Update README.md with current project status
All changes tested and verified in both development and production environments.
- README aktualisiert, um die neuen Verzeichnisse zu reflektieren
- Konstanten für Verzeichnispfade in 'constants.js' hinzugefügt
- 'DatabaseManager.js' angepasst, um die neuen Datenbankverzeichnisse zu verwenden
- Routen für Batch-Upload, Download und Upload aktualisiert, um die neuen Pfade zu berücksichtigen
- 'MigrationService.js' hinzugefügt, um vorhandene Daten in die neuen Verzeichnisse zu migrieren
- Hilfsfunktionen in 'groupStorage.js' und 'initiate-resources.js' angepasst
- 'docker-compose.yml' und 'prod.sh' aktualisiert, um die neuen Verzeichnisse zu berücksichtigen
