Allows the image to be pushed to GitHub Container Registry and pulled
on deployment servers without needing the source code.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
/api/settings was missing from the middleware public routes allowlist,
causing unauthenticated (guest) requests to be blocked before reaching
the route handler. The error was silently caught, leaving settings null
and hiding the amount owed, payment methods, and payment instructions.
Logged-in users were unaffected as their session token passed middleware.
Also update CLAUDE.md to reflect the WebSocket userId-based auth change.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Full rewrite of the legacy PHP/MySQL app using Next.js 14, PostgreSQL,
Prisma, NextAuth, Tailwind CSS, and WebSocket-based live chat/grid updates.
Deployed via Docker Compose with a custom Node.js server for WebSocket support.
Fix chat display names by passing userId from the NextAuth session over
WebSocket instead of attempting to read the HttpOnly session cookie (which
is inaccessible to JavaScript). Server now looks up the user's first name
from the database using the userId.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Philip