- Stripe webhook: log only error.message instead of full error objects
to avoid exposing stack traces in aggregated logs
- Admin products POST: return only first Zod error message instead of
the full error array which reveals internal schema structure
- .env.example: replace weak default INITIAL_ADMIN_PASSWORD and
AUTH_SECRET with instructive placeholders requiring manual generation
- docker-compose.yml: parameterize POSTGRES_USER, POSTGRES_PASSWORD,
POSTGRES_DB and DATABASE_URL via environment variables with local fallbacks
Add VALID_TRANSITIONS map and validate each status change before updating
the database. Prevents skipping payment (e.g. PENDING→FULFILLED) or
reopening closed orders.
- Add LoginAttempt model to Prisma schema with migration
- Create rate-limit.ts utility (10 attempts / 15 min window, DB-backed)
- Apply rate limiting to login endpoint (replaces in-memory Map)
- Apply rate limiting to change-password endpoint (previously unprotected)
- Rate limit state survives server restarts and works across multiple instances
- Add GET /api/auth/me endpoint returning current user from httpOnly cookie
- Add UserContext + useUser() hook that fetches from /api/auth/me on mount
- Wrap root layout with UserProvider
- Remove all localStorage.setItem/getItem('user') calls from login, register,
navbar, account pages, change-password, and checkout
- mustChangePassword redirect now reads from refreshed server session
- Add validateImageMagicBytes() to storage.ts reading first 12 bytes
to verify JPEG/PNG/WebP/ICO signatures regardless of declared MIME type
- Remove image/svg+xml from favicon upload whitelist (SVG can embed scripts)
- Apply magic bytes check in product image and favicon upload endpoints
Sezione dedicata alle porte con distinzione tra porte pubbliche (80,
443), interne Docker (3000, 5432, 1025) e solo sviluppo (8025).
Include comandi UFW pronti per Ubuntu/Debian.
Aggiunta documentazione campo per campo per tutte le sezioni: Product
Types, Categorie, Admin Users, Impostazioni (generale, footer, favicon).
Corretto Base Price da centesimi a euro dopo la fix del form.
Lo slug viene calcolato automaticamente dal nome senza che l'utente
debba compilarlo — il campo è rimosso dal form ma continua ad essere
inviato nel payload e visibile nella tabella.
Il campo prezzo del form admin ora accetta valori in unità (es. 19.99)
invece di centesimi (1999). La conversione *100 avviene al submit,
il DB e Stripe continuano a ricevere centesimi.
- docker-compose.yml: sostituisce pgdata/uploads/caddy_data/caddy_config con bind mount su ./data/
- app/public/.gitkeep: crea cartella richiesta dal Dockerfile durante il build
- scripts/backup.sh: backup automatico di DB (pg_dump) e uploads con rotazione 30 giorni
- docs/BACKUP.md: guida completa backup, ripristino e setup cron
- .gitignore: aggiorna con data/ e backups/
- Admin settings page now has sections for general settings, footer, and favicon
- Footer component reads footer_copyright and footer_links from DB
- New API route POST /api/admin/upload/favicon saves uploaded image and updates favicon_url in DB
- Textarea support added for footer_links JSON field
- Add icon.png as default favicon (cropped to remove transparent padding)
- Fix layout.tsx to use icon.png as fallback when favicon_url is not set in DB
- Move ADMIN_GUIDE.md to docs/ folder
- Add docs/CUSTOMIZATION.md with guide on how to customize icon, title, footer
- Add new section summarising the 4 differences between local dev and
production: domain/HTTPS, env vars, server requirements, backups
- Update production Caddyfile example to include /uploads/* static
file handler (required for image serving)
Covers all admin sections with step-by-step instructions:
login, dashboard, products (detailed field reference including image
upload with aspect ratio guidance), product types, categories,
orders, customers, reviews, admin users, settings, and recommended
onboarding flow.
- Add storage.ts utility (saveImage, deleteImageFile) for local disk operations
- Add POST /api/admin/products/[id]/images: validates MIME type and 5MB limit, saves file, creates MediaAsset record
- Add DELETE /api/admin/products/[id]/images?imageId=: removes file and DB record
- Add Images section to product edit form (hidden for new products until saved)
- Display images in square aspect-ratio grid matching storefront display
- Support multi-file upload; hover to reveal delete button
- Add named Docker volume `uploads` mounted at /app/public/uploads in app container
- Share same volume with Caddy at /srv/uploads for direct static file serving
- Add Caddy `handle /uploads/*` block so images bypass Next.js (standalone mode does not serve runtime public files)
- Create uploads directory with correct nextjs:nodejs ownership in Dockerfile
- Add mkdir safeguard in entrypoint.sh
davide