- Fix uploaded images showing as 404: /uploads/ was not excluded from the
auth middleware matcher, so browsers were blocked from loading images.
Added uploads to the matcher exclusion alongside images.
- Ensure uploads directory exists at startup (mkdir -p in entrypoint +
recursive mkdir in the upload POST handler).
- Add DELETE /api/upload?url=... endpoint for admins to delete any image.
- Simplify gallery to a single unified view (no stock/uploads filter tabs).
Each image tile shows a red × delete button on hover with confirmation.
Upload Image button also available inside the gallery modal.
- Add Docker named volume for /app/public/uploads so uploaded images
persist across container restarts.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Full rewrite of the legacy PHP/MySQL app using Next.js 14, PostgreSQL,
Prisma, NextAuth, Tailwind CSS, and WebSocket-based live chat/grid updates.
Deployed via Docker Compose with a custom Node.js server for WebSocket support.
Fix chat display names by passing userId from the NextAuth session over
WebSocket instead of attempting to read the HttpOnly session cookie (which
is inaccessible to JavaScript). Server now looks up the user's first name
from the database using the userId.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Philip