- Add public /api/settings endpoint (force-dynamic, no auth) exposing
site_name, site_description, footer_copyright, footer_links
- Navbar, login, register pages fetch site_name via useEffect
- Homepage hero and footer read site_name and site_description from DB
- Fix admin settings form silently ignoring API errors on save
- Add GET /api/auth/me endpoint returning current user from httpOnly cookie
- Add UserContext + useUser() hook that fetches from /api/auth/me on mount
- Wrap root layout with UserProvider
- Remove all localStorage.setItem/getItem('user') calls from login, register,
navbar, account pages, change-password, and checkout
- mustChangePassword redirect now reads from refreshed server session
- Admin settings page now has sections for general settings, footer, and favicon
- Footer component reads footer_copyright and footer_links from DB
- New API route POST /api/admin/upload/favicon saves uploaded image and updates favicon_url in DB
- Textarea support added for footer_links JSON field
davide