changed ports

published v2
2025-11-23 20:12:41 +01:00 · 2025-11-23 20:11:36 +01:00
45 changed files with 2759 additions and 7243 deletions
--- a/Docs/backend_API_docs/README.md
+++ b/Docs/backend_API_docs/README.md
@@ -1,88 +1,87 @@
-# Borrow System API Documentation
+# Backend API (V2) Documentation
-**Frontend:** https://insta.the1s.de  
+This document describes the current backend API routes and their real response shapes, based on the code in `backendV2`.
-**Backend base URL:** `https://backend.insta.the1s.de/api`
+
 ---
 ## Base URLs
 - Frontend: `https://insta.the1s.de`
 - Backend: `https://backend.insta.the1s.de`
 - Base path: `https://backend.insta.the1s.de/api`
 Service status: `https://status.the1s.de`
 ---
 ## Authentication
-All API endpoints require **either**:
+All **protected** endpoints require an API key as a path parameter `:key`.
-### 1. Bearer Token (JWT)
+Rules for `:key`:
-Send an `Authorization` header:
+- Exactly 8 characters
-
+- Digits only (`^[0-9]{8}$`)
 ```http
 Authorization: Bearer <JWT_TOKEN>
 ```
 - Used for user-based access.
 - Token must be valid and not expired.
 ### 2. API Key (for devices / machine-to-machine)
 Include an API key in the route as `:key` parameter:
 ```text
 /api/.../:key/...
 ```
 Example:
 ```http
-GET /api/items/ABC123
+GET /api/items/12345678
 ```
-Where `ABC123` is your API key.  
+On missing / invalid key:
-The API key is validated server-side.
+
 - Status: `401 Unauthorized`
 - Body (exact message depends on `authenticate` in `backendV2/services/authentication.js`)
 Auth-related modules:
 - `backendV2/services/authentication.js`
 - `backendV2/services/database.js`
 Route handlers:
 - `backendV2/routes/api/api.route.js`
 - `backendV2/routes/api/api.database.js`
 ---
-## Common Response Codes
+## Endpoints (Overview)
- `200 OK` – Request was successful.
+1. **Public**
- `401 Unauthorized` – Missing or malformed credentials.
+
- `403 Forbidden` – Credentials invalid or not allowed to access this resource.
+   - `GET /api/all-items` – List all items (no auth; from original docs)
- `404 Not Found` – Resource (e.g., loan) not found.
+
- `500 Internal Server Error` – Unexpected server error.
+2. **Items (authenticated)**
   - `GET /api/items/:key` – List all items
   - `POST /api/change-state/:key/:itemId/:state` – Toggle item safe state
 3. **Loans (authenticated)**
   - `GET /api/get-loan-by-code/:key/:loan_code` – Get loan by code
   - `POST /api/set-take-date/:key/:loan_code` – Set “take” date and mark items as out
   - `POST /api/set-return-date/:key/:loan_code` – Set “return” date and mark items as returned
 ---
-## Endpoints
+## 1) Items
-### 1. Get All Items
+### 1.1 Get all items
 **GET** `/api/items/:key`
-Returns a list of all items.
+Returns all items wrapped in a `data` property.
-#### Path Parameters
+- Handler: `getItemsFromDatabaseV2` in `api.database.js`
 - SQL: `SELECT * FROM items;`
- `:key` – API key (string)
+#### Example request
 #### Authentication
 - Either:
  - Valid `Authorization: Bearer <token>`
  - Or valid `:key` path parameter
 #### Request Example
 ```http
-GET /api/items/ABC123 HTTP/1.1
+GET https://backend.insta.the1s.de/api/items/12345678
 Host: backend.insta.the1s.de
 ```
-or
+#### Successful response
 ```http
 GET /api/items/dummyKey HTTP/1.1
 Host: backend.insta.the1s.de
 Authorization: Bearer <JWT_TOKEN>
 ```
 #### Successful Response (200)
 ```json
 {
@@ -91,9 +90,8 @@ Authorization: Bearer <JWT_TOKEN>
      "id": 1,
      "item_name": "DJI 1er Mikro",
      "can_borrow_role": 4,
-      "inSafe": 1,
+      "in_safe": 1,
-      "safe_nr": 3,
+      "safe_nr": "01",
      "door_key": "123",
      "entry_created_at": "2025-08-19T22:02:16.000Z",
      "entry_updated_at": "2025-08-19T22:02:16.000Z",
      "last_borrowed_person": "alice",
@@ -103,271 +101,245 @@ Authorization: Bearer <JWT_TOKEN>
 }
 ```
-#### Error Response (500)
+#### Error response
 ```json
-{
+{ "message": "Failed to fetch items" }
  "message": "Failed to fetch items"
 }
 ```
 #### Status codes
 - `200 OK` – success, `data` is an array (possibly empty)
 - `401 Unauthorized` – invalid / missing key
 - `500 Internal Server Error` – database error or `success: false` from DB layer
 ---
-### 2. Toggle Item Safe State
+### 2.2 Toggle item safe state
 Toggles `in_safe` between `0` and `1` for a given item.
 **Keep in mind that when you return a loan by code, the item states are automatically updated.**
 **POST** `/api/change-state/:key/:itemId`
-#### Path Parameters
+> You do not need this endpoint to set the states of the items when the items are taken out or returned. When you take or return a loan, the item states are set automatically by the loan endpoints. This endpoint is only for manually toggling the `inSafe` state of an item.
- `:key` – API key (string)
+Path parameters:
 - `:itemId` – Item ID (integer)
-#### Authentication
+- `:key` – API key (8 digits)
 - `:itemId` – numeric `id` of the item
- Either Bearer token or `:key` API key.
+Handler in `api.route.js` calls `changeInSafeStateV2(itemId)`, which executes:
-#### Request Example
+```sql
 UPDATE items SET in_safe = NOT in_safe WHERE id = ?
 ```
 #### Example request
 ```http
-POST /api/change-state/ABC123/42 HTTP/1.1
+POST https://backend.insta.the1s.de/api/change-state/12345678/42
 Host: backend.insta.the1s.de
 ```
-#### Successful Response (200)
+(Will toggle `in_safe` for item `42`.)
 #### Successful response (current implementation)
 ```json
 {
-  "data": {}
+  "data": null
 }
 ```
-_(Implementation currently only returns `{ success: true }`, so `data` may be empty.)_
+#### Error responses
-#### Error Response (500)
+Invalid `state` (anything other than `"0"` or `"1"`):
 ```json
-{
+{ "message": "Invalid state value" }
  "message": "Failed to update item state"
 }
 ```
 Failed update:
 ```json
 { "message": "Failed to update item state" }
 ```
 #### Status codes
 - `200 OK` – item state toggled
 - `400 Bad Request` – invalid `state` parameter
 - `401 Unauthorized` – invalid / missing key
 - `500 Internal Server Error` – database/update failure or `success: false` from DB layer
 ---
-### 3. Get Loan by Code
+## 3) Loans
-Fetch loan information by `loan_code`.
+### 3.1 Get loan by code
 **GET** `/api/get-loan-by-code/:key/:loan_code`
-#### Path Parameters
+Path parameters:
- `:key` – API key (string)
+- `:key` – API key
- `:loan_code` – Loan code (string)
+- `:loan_code` – 6-digit loan code (`^[0-9]{6}$` per DB constraint)
-#### Authentication
+Database layer (`getLoanByCodeV2`) currently selects:
- Either Bearer token or `:key` API key.
+```sql
-
+SELECT first_name, returned_date, take_date, lockers
-#### Request Example
+FROM loans
-
+WHERE loan_code = ?;
 ```http
 GET /api/get-loan-by-code/ABC123/12345 HTTP/1.1
 Host: backend.insta.the1s.de
 ```
-#### Successful Response (200)
+#### Example request
 ```http
 GET https://backend.insta.the1s.de/api/get-loan-by-code/12345678/646473
 ```
 #### Successful response
 ```json
 {
  "data": {
-    "username": "john",
+    "first_name": "Theis",
    "returned_date": null,
-    "take_date": "2025-01-01T10:00:00.000Z",
+    "take_date": "2025-08-25T13:23:00.000Z",
-    "lockers": "[1, 2, 3]"
+    "lockers": ["01", "03"]
  }
 }
 ```
-#### Error Response (404)
+#### Error response
 ```json
-{
+{ "message": "Loan not found" }
  "message": "Loan not found"
 }
 ```
 #### Status codes
 - `200 OK` – loan found
 - `401 Unauthorized` – invalid / missing key
 - `404 Not Found` – no matching loan for this `loan_code`
 ---
-### 4. Set Loan Return Date
+### 3.2 Set take date
 Sets `returned_date = NOW()` on a loan and updates related items:
 - `in_safe = 1`
 - `currently_borrowing = NULL`
 - `last_borrowed_person = username`
 **POST** `/api/set-return-date/:key/:loan_code`
 #### Path Parameters
 - `:key` – API key (string)
 - `:loan_code` – Loan code (string)
 #### Authentication
 - Either Bearer token or `:key` API key.
 #### Request Example
 ```http
 POST /api/set-return-date/ABC123/12345 HTTP/1.1
 Host: backend.insta.the1s.de
 ```
 #### Successful Response (200)
 ```json
 {
  "data": {}
 }
 ```
 #### Error Response (500)
 ```json
 {
  "message": "Failed to set return date"
 }
 ```
 ---
 ### 5. Set Loan Take Date
 Sets `take_date = NOW()` on a loan and updates related items:
 - `in_safe = 0`
 - `currently_borrowing = username`
 **POST** `/api/set-take-date/:key/:loan_code`
-#### Path Parameters
+Path parameters:
- `:key` – API key (string)
+- `:key` – API key
- `:loan_code` – Loan code (string)
+- `:loan_code` – loan code
-#### Authentication
+#### Example request
 - Either Bearer token or `:key` API key.
 #### Request Example
 ```http
-POST /api/set-take-date/ABC123/LOAN-12345 HTTP/1.1
+POST https://backend.insta.the1s.de/api/set-take-date/12345678/646473
 Host: backend.insta.the1s.de
 ```
-#### Successful Response (200)
+#### Successful response
 ```json
 {
-  "data": {}
+  "data": null
 }
 ```
-#### Error Response (500)
+#### Error response
 ```json
-{
+{ "message": "Failed to set take date" }
  "message": "Failed to set take date"
 }
 ```
 #### Status codes
 - `200 OK` – take date set and items marked as out
 - `401 Unauthorized` – invalid / missing key
 - `500 Internal Server Error` – invalid loan, missing items, or DB error / `success: false`
 ---
-### 6. Open Door by Door Key
+### 3.3 Set return date
-Looks up an item by its `door_key`, toggles `in_safe`, and returns safe information.
+**POST** `/api/set-return-date/:key/:loan_code`
-**GET** `/api/open-door/:key/:doorKey`
+Path parameters:
-#### Path Parameters
+- `:key` – API key
 - `:loan_code` – loan code
- `:key` – API key (string)
+#### Example request
 - `:doorKey` – Door key/token (string) used by hardware to identify the locker.
 #### Authentication
 - Either Bearer token or `:key` API key.
 #### Request Example
 ```http
-GET /api/open-door/ABC123/123 HTTP/1.1
+POST https://backend.insta.the1s.de/api/set-return-date/12345678/646473
 Host: backend.insta.the1s.de
 ```
-#### Successful Response (200)
+#### Successful response (current implementation)
 ```json
 {
  "data": null
 }
 ```
 #### Error response
 ```json
 { "message": "Failed to set return date" }
 ```
 #### Status codes
 - `200 OK` – return date set and items marked as returned
 - `401 Unauthorized` – invalid / missing key
 - `500 Internal Server Error` – invalid loan, missing items, or DB error / `success: false`
 ---
 ## Common Response Shapes
 **Success – list (authenticated items):**
 ```json
 {
  "data": [
    /* array of rows */
  ]
 }
 ```
 **Success – single loan:**
 ```json
 {
  "data": {
-    "safe_nr": 5,
+    /* selected loan fields */
    "id": 42
  }
 }
 ```
-#### Error Response (500)
+**Success – mutations (current code):**
 ```json
-{
+{ "data": null }
  "message": "Failed to open door"
 }
 ```
---
+**Errors:**
 ## Authentication Error Messages
 ### Missing credentials
 Status: `401`
 ```json
-{
+{ "message": "Failed to fetch items" }
-  "message": "Unauthorized"
+{ "message": "Failed to update item state" }
-}
+{ "message": "Invalid state value" }
 { "message": "Loan not found" }
 { "message": "Failed to set return date" }
 { "message": "Failed to set take date" }
 ```
-### Invalid JWT
+**HTTP Status Codes:**
-Status: `403`
+- `200 OK` – operation succeeded
-
+- `400 Bad Request` – invalid `state` parameter
-```json
+- `401 Unauthorized` – invalid/missing API key
-{
+- `404 Not Found` – loan not found
-  "message": "Present token invalid"
+- `500 Internal Server Error` – database / server failure or `success: false` from DB layer
 }
 ```
 ### Invalid API Key
 Status: `403`
 ```json
 {
  "message": "API Key invalid"
 }
 ```
 ---
 ## Notes
 - All responses are JSON.
 - Time fields like `take_date` and `returned_date` are in the format returned by MySQL (usually ISO-like strings).
 - `loaned_items_id` in the database is stored as a JSON array string (e.g. `"[1,2,3]"`) and is parsed internally; clients do not interact with this field directly via current endpoints.
--- a/FrontendV2/Dockerfile
+++ b/FrontendV2/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:22-alpine AS builder
+FROM node:18 as builder
 WORKDIR /app
--- a/FrontendV2/src/components/footer/Footer.tsx
+++ b/FrontendV2/src/components/footer/Footer.tsx
@@ -14,7 +14,7 @@ export const Footer = () => {
      left="0"
      right="0"
    >
-      Made with ❤️ by Theis Gaedigk - Class of 2019 at MCS-Bochum
+      Made with ❤️ by Theis Gaedigk - Year 2019 at MCS-Bochum
      <br />
      Frontend-Version: {info ? info["frontend-info"].version : "N/A"} |
      Backend-Version: {info ? info["backend-info"].version : "N/A"}
--- a/FrontendV2/vite.config.ts
+++ b/FrontendV2/vite.config.ts
@@ -1,16 +1,17 @@
 import { defineConfig } from "vite";
 import react from "@vitejs/plugin-react";
 import svgr from "vite-plugin-svgr";
 import tailwindcss from "@tailwindcss/vite";
 import tsconfigPaths from "vite-tsconfig-paths";
 export default defineConfig({
-  plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
+  plugins: [tailwindcss()],
  server: {
    host: "0.0.0.0",
-    port: 8001,
+    allowedHosts: ["insta.the1s.de"],
-    watch: {
+    port: 8101,
-      usePolling: true,
+    watch: { usePolling: true },
    hmr: {
      host: "insta.the1s.de",
      port: 8101,
      protocol: "wss",
    },
  },
 });
--- a/admin/src/components/AddItemForm.tsx
+++ b/admin/src/components/AddItemForm.tsx
@@ -29,8 +29,8 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
              <Input id="item_name" placeholder="z.B. Laptop" />
            </Field.Root>
            <Field.Root>
-              <Field.Label>Schließfachnummer</Field.Label>
+              <Field.Label>Schließfachnummer (immer zwei Zahlen)</Field.Label>
-              <Input id="safe_nr" placeholder="Nummer 1 - 6" />
+              <Input id="lockerNumber" placeholder="Nummer 01 - 06" />
            </Field.Root>
            <Field.Root>
              <Field.Label>Ausleih-Berechtigung (Rolle)</Field.Label>
@@ -57,15 +57,17 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
                (document.getElementById("can_borrow_role") as HTMLInputElement)
                  ?.value
              );
-              const safeNrValue = (
+              const lockerValue = (
-                document.getElementById("safe_nr") as HTMLInputElement
+                document.getElementById("lockerNumber") as HTMLInputElement
              )?.value.trim();
-              const safeNr = safeNrValue === "" ? null : safeNrValue;
+              const lockerNumber =
                lockerValue === "" ? null : Number(lockerValue);
              if (!name || Number.isNaN(role)) return;
              if (lockerNumber !== null && Number.isNaN(lockerNumber)) return;
-              const res = await createItem(name, role, safeNr);
+              const res = await createItem(name, role, lockerNumber);
              if (res.success) {
                alert(
                  "success",
--- a/admin/src/components/ItemTable.tsx
+++ b/admin/src/components/ItemTable.tsx
@@ -38,7 +38,6 @@ type Items = {
  can_borrow_role: string;
  in_safe: boolean;
  safe_nr: string;
  door_key: string;
  entry_created_at: string;
  entry_updated_at: string;
  last_borrowed_person: string | null;
@@ -69,13 +68,7 @@ const ItemTable: React.FC = () => {
  const handleLockerNumberChange = (id: number, value: string) => {
    setItems((prev) =>
-      prev.map((it) => (it.id === id ? { ...it, safe_nr: value } : it))
+      prev.map((it) => (it.id === id ? { ...it, lockerNumber: value } : it))
    );
  };
  const handleDoorKeyChange = (id: number, value: string) => {
    setItems((prev) =>
      prev.map((it) => (it.id === id ? { ...it, door_key: value } : it))
    );
  };
@@ -211,9 +204,6 @@ const ItemTable: React.FC = () => {
              <Table.ColumnHeader>
                <strong>Schließfachnummer</strong>
              </Table.ColumnHeader>
              <Table.ColumnHeader>
                <strong>Schlüssel</strong>
              </Table.ColumnHeader>
              <Table.ColumnHeader>
                <strong>Eintrag erstellt am</strong>
              </Table.ColumnHeader>
@@ -300,16 +290,6 @@ const ItemTable: React.FC = () => {
                    value={item.safe_nr}
                  />
                </Table.Cell>
                <Table.Cell>
                  <Input
                    size="sm"
                    w="max-content"
                    onChange={(e) =>
                      handleDoorKeyChange(item.id, e.target.value)
                    }
                    value={item.door_key}
                  />
                </Table.Cell>
                <Table.Cell>{formatDateTime(item.entry_created_at)}</Table.Cell>
                <Table.Cell>{formatDateTime(item.entry_updated_at)}</Table.Cell>
                <Table.Cell>{item.last_borrowed_person}</Table.Cell>
@@ -321,7 +301,6 @@ const ItemTable: React.FC = () => {
                        item.id,
                        item.item_name,
                        item.safe_nr,
                        item.door_key,
                        item.can_borrow_role
                      ).then((response) => {
                        if (response.success) {
--- a/admin/src/utils/userActions.ts
+++ b/admin/src/utils/userActions.ts
@@ -165,7 +165,7 @@ export const deleteItem = async (itemId: number) => {
 export const createItem = async (
  item_name: string,
  can_borrow_role: number,
-  lockerNumber: string | null
+  lockerNumber: number | null
 ) => {
  console.log(JSON.stringify({ item_name, can_borrow_role, lockerNumber }));
  try {
@@ -184,7 +184,7 @@ export const createItem = async (
      return {
        success: false,
        message:
-          "Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes und die Schließfachnummer dürfen nicht mehrmals vergeben werden.",
+          "Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes darf nicht mehrmals vergeben werden.",
      };
    }
    return { success: true };
@@ -198,9 +198,9 @@ export const handleEditItems = async (
  itemId: number,
  item_name: string,
  safe_nr: string | null,
  door_key: string | null,
  can_borrow_role: string
 ) => {
  const newSafeNr = Number(safe_nr || 0);
  try {
    const response = await fetch(
      `${API_BASE}/api/admin/item-data/edit-item/${itemId}`,
@@ -210,7 +210,7 @@ export const handleEditItems = async (
          "Content-Type": "application/json",
          Authorization: `Bearer ${Cookies.get("token")}`,
        },
-        body: JSON.stringify({ item_name, safe_nr, door_key, can_borrow_role }),
+        body: JSON.stringify({ item_name, newSafeNr, can_borrow_role }),
      }
    );
    if (!response.ok) {
--- a/admin/vite.config.ts
+++ b/admin/vite.config.ts
@@ -8,9 +8,13 @@ export default defineConfig({
  plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
  server: {
    host: "0.0.0.0",
-    port: 8003,
+    allowedHosts: ["admin.insta.the1s.de"],
-    watch: {
+    port: 8103,
-      usePolling: true,
+    watch: { usePolling: true },
    hmr: {
      host: "admin.insta.the1s.de",
      port: 8103,
      protocol: "wss",
    },
  },
 });
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -0,0 +1,12 @@
 FROM node:20-alpine
 ENV NODE_ENV=production
 WORKDIR /backend
 COPY package*.json ./
 RUN npm ci --omit=dev
 COPY . .
 EXPOSE 8002
 CMD ["npm", "start"]
--- a/backend/info.json
+++ b/backend/info.json
@@ -0,0 +1,8 @@
 {
    "backend-info": {
        "version": "v2.0 (dev)"
    },
    "frontend-info": {
        "version": "v2.0 (dev)"
    }
 }
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
--- a/backend/package.json
+++ b/backend/package.json
@@ -0,0 +1,22 @@
 {
  "name": "backend",
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "start": "node server.js"
  },
  "keywords": [],
  "author": "",
  "license": "ISC",
  "description": "",
  "dependencies": {
    "cors": "^2.8.5",
    "dotenv": "^17.2.1",
    "ejs": "^3.1.10",
    "express": "^5.1.0",
    "jose": "^6.0.12",
    "mysql2": "^3.14.3",
    "nodemailer": "^7.0.6"
  }
 }
--- a/backend/routes/api.js
+++ b/backend/routes/api.js
@@ -0,0 +1,599 @@
 import express from "express";
 import {
  loginFunc,
  getItemsFromDatabase,
  getLoansFromDatabase,
  getUserLoansFromDatabase,
  deleteLoanFromDatabase,
  getBorrowableItemsFromDatabase,
  createLoanInDatabase,
  onTake,
  loginAdmin,
  onReturn,
  getAllUsers,
  deleteUserID,
  handleEdit,
  createUser,
  getAllLoans,
  getAllItems,
  deleteItemID,
  createItem,
  changeUserPassword,
  changeUserPasswordFRONTEND,
  changeInSafeStateV2,
  updateItemByID,
  getAllApiKeys,
  createAPIentry,
  deleteAPKey,
  getLoanInfoWithID,
  SETdeleteLoanFromDatabase,
 } from "../services/database.js";
 import { authenticate, generateToken } from "../services/tokenService.js";
 const router = express.Router();
 import nodemailer from "nodemailer";
 import dotenv from "dotenv";
 dotenv.config();
 // Nice HTML + text templates for the loan email
 function buildLoanEmail({ user, items, startDate, endDate, createdDate }) {
  const brand = process.env.MAIL_BRAND_COLOR || "#0ea5e9";
  const itemsList =
    Array.isArray(items) && items.length
      ? `<ul style="margin:4px 0 0 18px; padding:0;">${items
          .map(
            (i) =>
              `<li style="margin:2px 0; color:#111827; line-height:1.3;">${i}</li>`
          )
          .join("")}</ul>`
      : "<span style='color:#111827;'>N/A</span>";
  return `<!doctype html>
 <html lang="de">
 <head>
  <meta charset="utf-8">
  <meta name="color-scheme" content="light">
  <meta name="supported-color-schemes" content="light">
  <meta name="x-apple-disable-message-reformatting">
  <meta name="viewport" content="width=device-width,initial-scale=1">
  <style>
    :root { color-scheme: light; supported-color-schemes: light; }
    body { margin:0; padding:0; }
    /* Mobile stacking */
    @media (max-width:480px) {
      .outer { width:100% !important; }
      .pad-sm { padding:16px !important; }
      .w-label { width:120px !important; }
    }
    /* Dark-mode override safety */
    @media (prefers-color-scheme: dark) {
      body, table, td, p, a, h1, h2, h3 { background:#ffffff !important; color:#111827 !important; }
      .brand-header { background:${brand} !important; color:#ffffff !important; }
      a { color:${brand} !important; }
    }
  </style>
 </head>
 <body bgcolor="#ffffff" style="background:#ffffff; font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,Arial,sans-serif; color:#111827; -webkit-text-size-adjust:100%;">
  <!-- Preheader (hidden) -->
  <div style="display:none; max-height:0; overflow:hidden; opacity:0; mso-hide:all;">
    Neue Ausleihe erstellt – Übersicht der Buchung.
  </div>
  <div role="article" aria-roledescription="email" lang="de" style="padding:24px; background:#f2f4f7;">
    <table role="presentation" cellpadding="0" cellspacing="0" width="100%" class="outer" style="max-width:600px; margin:0 auto; background:#ffffff; border:1px solid #e5e7eb; border-radius:14px; overflow:hidden;">
      <tr>
        <td class="brand-header" style="padding:22px 26px; background:${brand}; color:#ffffff;">
          <h1 style="margin:0; font-size:18px; line-height:1.35; font-weight:600;">Neue Ausleihe erstellt</h1>
        </td>
      </tr>
      <tr>
        <td class="pad-sm" style="padding:24px 26px; color:#111827;">
          <p style="margin:0 0 14px 0; line-height:1.4;">Es wurde eine neue Ausleihe angelegt. Hier sind die Details:</p>
          <table role="presentation" cellpadding="0" cellspacing="0" width="100%" style="border-collapse:collapse; font-size:14px; line-height:1.3; background:#fcfcfd; border:1px solid #e5e7eb; border-radius:10px; overflow:hidden;">
            <tbody>
              <tr>
                <td class="w-label" style="padding:10px 14px; color:#6b7280; width:170px; border-bottom:1px solid #ececec;">Benutzer</td>
                <td style="padding:10px 14px; font-weight:600; border-bottom:1px solid #ececec; color:#111827;">${
                  user || "N/A"
                }</td>
              </tr>
              <tr>
                <td style="padding:10px 14px; color:#6b7280; vertical-align:top; border-bottom:1px solid #ececec;">Ausgeliehene Gegenstände</td>
                <td style="padding:10px 14px; font-weight:600; border-bottom:1px solid #ececec; color:#111827;">${itemsList}</td>
              </tr>
              <tr>
                <td style="padding:10px 14px; color:#6b7280; border-bottom:1px solid #ececec;">Startdatum</td>
                <td style="padding:10px 14px; font-weight:600; border-bottom:1px solid #ececec; color:#111827;">${formatDateTime(
                  startDate
                )}</td>
              </tr>
              <tr>
                <td style="padding:10px 14px; color:#6b7280; border-bottom:1px solid #ececec;">Enddatum</td>
                <td style="padding:10px 14px; font-weight:600; border-bottom:1px solid #ececec; color:#111827;">${formatDateTime(
                  endDate
                )}</td>
              </tr>
              <tr>
                <td style="padding:10px 14px; color:#6b7280;">Erstellt am</td>
                <td style="padding:10px 14px; font-weight:600; color:#111827;">${formatDateTime(
                  createdDate
                )}</td>
              </tr>
            </tbody>
          </table>
          <p style="margin:22px 0 0 0; font-size:14px;">
            <a href="https://admin.insta.the1s.de/api" style="display:inline-block; background:${brand}; color:#ffffff; text-decoration:none; padding:10px 16px; border-radius:6px; font-weight:600; font-size:14px;" target="_blank" rel="noopener noreferrer">
              Übersicht öffnen
            </a>
          </p>
          <p style="margin:18px 0 0 0; font-size:12px; color:#6b7280; line-height:1.4;">
            Diese E-Mail wurde automatisch vom Ausleihsystem gesendet. Bitte nicht antworten.
          </p>
        </td>
      </tr>
    </table>
  </div>
 </body>
 </html>`;
 }
 function buildLoanEmailText({ user, items, startDate, endDate, createdDate }) {
  const itemsText =
    Array.isArray(items) && items.length ? items.join(", ") : "N/A";
  return [
    "Neue Ausleihe erstellt",
    "",
    `Benutzer: ${user || "N/A"}`,
    `Gegenstände: ${itemsText}`,
    `Start: ${formatDateTime(startDate)}`,
    `Ende: ${formatDateTime(endDate)}`,
    `Erstellt am: ${formatDateTime(createdDate)}`,
  ].join("\n");
 }
 function sendMailLoan(user, items, startDate, endDate, createdDate) {
  const transporter = nodemailer.createTransport({
    host: process.env.MAIL_HOST,
    port: process.env.MAIL_PORT,
    secure: true,
    auth: {
      user: process.env.MAIL_USER,
      pass: process.env.MAIL_PASSWORD,
    },
  });
  (async () => {
    const info = await transporter.sendMail({
      from: '"Ausleihsystem" <noreply@mcs-medien.de>',
      to: process.env.MAIL_SENDEES,
      subject: "Eine neue Ausleihe wurde erstellt!",
      text: buildLoanEmailText({
        user,
        items,
        startDate,
        endDate,
        createdDate,
      }),
      html: buildLoanEmail({ user, items, startDate, endDate, createdDate }),
    });
    console.log("Message sent:", info.messageId);
  })();
  console.log("sendMailLoan called");
 }
 const formatDateTime = (value) => {
  if (value == null) return "N/A";
  const toOut = (d) => {
    if (!(d instanceof Date) || isNaN(d.getTime())) return "N/A";
    const dd = String(d.getDate()).padStart(2, "0");
    const mm = String(d.getMonth() + 1).padStart(2, "0");
    const yyyy = d.getFullYear();
    const hh = String(d.getHours()).padStart(2, "0");
    const mi = String(d.getMinutes()).padStart(2, "0");
    return `${dd}.${mm}.${yyyy} ${hh}:${mi} Uhr`;
  };
  if (value instanceof Date) return toOut(value);
  if (typeof value === "number") return toOut(new Date(value));
  const s = String(value).trim();
  // Direct pattern: "YYYY-MM-DD[ T]HH:mm[:ss]"
  const m = s.match(/^(\d{4})-(\d{2})-(\d{2})[ T](\d{2}):(\d{2})(?::\d{2})?/);
  if (m) {
    const [, y, M, d, h, min] = m;
    return `${d}.${M}.${y} ${h}:${min} Uhr`;
  }
  // ISO or other parseable formats
  const dObj = new Date(s);
  if (!isNaN(dObj.getTime())) return toOut(dObj);
  return "N/A";
 };
 router.post("/login", async (req, res) => {
  const result = await loginFunc(req.body.username, req.body.password);
  if (result.success) {
    const token = await generateToken({
      username: result.data.username,
      role: result.data.role,
    });
    res.status(200).json({ message: "Login successful", token });
  } else {
    res.status(401).json({ message: "Invalid credentials" });
  }
 });
 router.get("/items", authenticate, async (req, res) => {
  const result = await getItemsFromDatabase(req.user.role);
  if (result.success) {
    res.status(200).json(result.data);
  } else {
    res.status(500).json({ message: "Failed to fetch items" });
  }
 });
 router.get("/loans", authenticate, async (req, res) => {
  const result = await getLoansFromDatabase();
  if (result.success) {
    res.status(200).json(result.data);
  } else {
    res.status(500).json({ message: "Failed to fetch loans" });
  }
 });
 router.get("/userLoans", authenticate, async (req, res) => {
  const result = await getUserLoansFromDatabase(req.user.username);
  if (result.success) {
    res.status(200).json(result.data);
  } else {
    res.status(500).json({ message: "Failed to fetch user loans" });
  }
 });
 router.delete("/deleteLoan/:id", authenticate, async (req, res) => {
  const loanId = req.params.id;
  const result = await deleteLoanFromDatabase(loanId);
  if (result.success) {
    res.status(200).json({ message: "Loan deleted successfully" });
  } else {
    res.status(500).json({ message: "Failed to delete loan" });
  }
 });
 router.delete("/SETdeleteLoan/:id", authenticate, async (req, res) => {
  const loanId = req.params.id;
  const result = await SETdeleteLoanFromDatabase(loanId);
  if (result.success) {
    res.status(200).json({ message: "Loan deleted successfully" });
  } else {
    res.status(500).json({ message: "Failed to delete loan" });
  }
 });
 router.post("/borrowableItems", authenticate, async (req, res) => {
  const { startDate, endDate } = req.body || {};
  if (!startDate || !endDate) {
    return res
      .status(400)
      .json({ message: "startDate and endDate are required" });
  }
  const result = await getBorrowableItemsFromDatabase(
    startDate,
    endDate,
    req.user.role
  );
  if (result.success) {
    // return the array directly for consistency with /items
    return res.status(200).json(result.data);
  } else {
    return res
      .status(500)
      .json({ message: "Failed to fetch borrowable items" });
  }
 });
 router.post("/takeLoan/:id", authenticate, async (req, res) => {
  const loanId = req.params.id;
  const result = await onTake(loanId);
  if (result.success) {
    res.status(200).json({ message: "Loan taken successfully" });
  } else {
    res.status(500).json({ message: "Failed to take loan" });
  }
 });
 router.post("/returnLoan/:id", authenticate, async (req, res) => {
  const loanId = req.params.id;
  const result = await onReturn(loanId);
  if (result.success) {
    res.status(200).json({ message: "Loan returned successfully" });
  } else {
    res.status(500).json({ message: "Failed to return loan" });
  }
 });
 router.post("/createLoan", authenticate, async (req, res) => {
  try {
    const { items, startDate, endDate } = req.body || {};
    if (!Array.isArray(items) || items.length === 0) {
      return res.status(400).json({ message: "Items array is required" });
    }
    // If dates are not provided, default to now .. +7 days
    const start =
      startDate ?? new Date().toISOString().slice(0, 19).replace("T", " ");
    const end =
      endDate ??
      new Date(Date.now() + 7 * 24 * 60 * 60 * 1000)
        .toISOString()
        .slice(0, 19)
        .replace("T", " ");
    // Coerce item IDs to numbers and filter invalids
    const itemIds = items
      .map((v) => Number(v))
      .filter((n) => Number.isFinite(n));
    if (itemIds.length === 0) {
      return res.status(400).json({ message: "No valid item IDs provided" });
    }
    const result = await createLoanInDatabase(
      req.user.username,
      start,
      end,
      itemIds
    );
    if (result.success) {
      const mailInfo = await getLoanInfoWithID(result.data.id);
      console.log(mailInfo);
      sendMailLoan(
        mailInfo.data.username,
        mailInfo.data.loaned_items_name,
        mailInfo.data.start_date,
        mailInfo.data.end_date,
        mailInfo.data.created_at
      );
      return res.status(201).json({
        message: "Loan created successfully",
        loanId: result.data.id,
        loanCode: result.data.loan_code,
      });
    }
    if (result.code === "CONFLICT") {
      return res
        .status(409)
        .json({ message: "Items not available in the selected period" });
    }
    if (result.code === "BAD_REQUEST") {
      return res.status(400).json({ message: result.message });
    }
    return res.status(500).json({ message: "Failed to create loan" });
  } catch (err) {
    console.error("createLoan error:", err);
    return res.status(500).json({ message: "Failed to create loan" });
  }
 });
 router.post("/changePassword", authenticate, async (req, res) => {
  const { oldPassword, newPassword } = req.body || {};
  const username = req.user.username;
  const result = await changeUserPasswordFRONTEND(
    username,
    oldPassword,
    newPassword
  );
  if (result.success) {
    res.status(200).json({ message: "Password changed successfully" });
  } else {
    res.status(500).json({ message: "Failed to change password" });
  }
 });
 // Admin panel functions
 router.post("/loginAdmin", async (req, res) => {
  const { username, password } = req.body || {};
  if (!username || !password) {
    return res
      .status(400)
      .json({ message: "Username and password are required" });
  }
  const result = await loginAdmin(username, password);
  if (result.success) {
    const token = await generateToken({
      username: result.data.username,
      role: result.data.role,
    });
    return res.status(200).json({
      message: "Login successful",
      first_name: result.data.first_name,
      token,
    });
  }
  return res.status(401).json({ message: "Invalid credentials" });
 });
 router.get("/allUsers", authenticate, async (req, res) => {
  const result = await getAllUsers();
  if (result.success) {
    return res.status(200).json(result.data);
  }
  return res.status(500).json({ message: "Failed to fetch users" });
 });
 router.delete("/deleteUser/:id", authenticate, async (req, res) => {
  const userId = req.params.id;
  const result = await deleteUserID(userId);
  if (result.success) {
    return res.status(200).json({ message: "User deleted successfully" });
  }
  return res.status(500).json({ message: "Failed to delete user" });
 });
 router.get("/verifyToken", authenticate, async (req, res) => {
  res.status(200).json({ message: "Token is valid", user: req.user });
 });
 router.post("/editUser/:id", authenticate, async (req, res) => {
  const userId = req.params.id;
  const { username, role } = req.body || {};
  const result = await handleEdit(userId, username, role);
  if (result.success) {
    return res.status(200).json({ message: "User edited successfully" });
  }
  return res.status(500).json({ message: "Failed to edit user" });
 });
 router.post("/createUser", authenticate, async (req, res) => {
  const { username, role, password } = req.body || {};
  const result = await createUser(username, role, password);
  if (result.success) {
    return res.status(201).json({ message: "User created successfully" });
  }
  return res.status(500).json({ message: "Failed to create user" });
 });
 router.get("/allLoans", authenticate, async (req, res) => {
  const result = await getAllLoans();
  if (result.success) {
    return res.status(200).json(result.data);
  }
  return res.status(500).json({ message: "Failed to fetch loans" });
 });
 router.get("/allItems", authenticate, async (req, res) => {
  const result = await getAllItems();
  if (result.success) {
    return res.status(200).json(result.data);
  }
  return res.status(500).json({ message: "Failed to fetch items" });
 });
 router.delete("/deleteItem/:id", authenticate, async (req, res) => {
  const itemId = req.params.id;
  const result = await deleteItemID(itemId);
  if (result.success) {
    return res.status(200).json({ message: "Item deleted successfully" });
  }
  return res.status(500).json({ message: "Failed to delete item" });
 });
 router.post("/createItem", authenticate, async (req, res) => {
  const { item_name, can_borrow_role } = req.body || {};
  const result = await createItem(item_name, can_borrow_role);
  if (result.success) {
    return res.status(201).json({ message: "Item created successfully" });
  }
  return res.status(500).json({ message: "Failed to create item" });
 });
 router.post("/changePWadmin", authenticate, async (req, res) => {
  const newPassword = req.body.newPassword;
  if (!newPassword) {
    return res.status(400).json({ message: "New password is required" });
  }
  const result = await changeUserPassword(req.body.username, newPassword);
  if (result.success) {
    return res.status(200).json({ message: "Password changed successfully" });
  }
  return res.status(500).json({ message: "Failed to change password" });
 });
 router.post("/updateItemByID", authenticate, async (req, res) => {
  const role = req.body.can_borrow_role;
  const itemId = req.body.itemId;
  const item_name = req.body.item_name;
  const result = await updateItemByID(itemId, item_name, role);
  if (result.success) {
    return res.status(200).json({ message: "Item updated successfully" });
  }
  return res.status(500).json({ message: "Failed to update item" });
 });
 router.put("/changeSafeState/:itemId", authenticate, async (req, res) => {
  const itemId = req.params.itemId;
  const result = await changeInSafeStateV2(itemId);
  if (result.success) {
    return res
      .status(200)
      .json({ message: "Item safe state updated successfully" });
  }
  return res.status(500).json({ message: "Failed to update item safe state" });
 });
 router.get("/apiKeys", authenticate, async (req, res) => {
  const result = await getAllApiKeys();
  if (result.success) {
    return res.status(200).json(result.data);
  }
  return res.status(500).json({ message: "Failed to fetch API keys" });
 });
 router.delete("/deleteAPKey/:id", authenticate, async (req, res) => {
  const apiKeyId = req.params.id;
  const result = await deleteAPKey(apiKeyId);
  if (result.success) {
    return res.status(200).json({ message: "API key deleted successfully" });
  }
  return res.status(500).json({ message: "Failed to delete API key" });
 });
 router.post("/createAPIentry", authenticate, async (req, res) => {
  const apiKey = req.body.apiKey;
  const user = req.body.user;
  if (!apiKey || !user) {
    return res.status(400).json({ message: "API key and user are required" });
  }
  // Ensure apiKey is a number
  const apiKeyNum = Number(apiKey);
  if (!Number.isFinite(apiKeyNum)) {
    return res.status(400).json({ message: "API key must be a number" });
  }
  const result = await createAPIentry(apiKeyNum, user);
  if (result.success) {
    return res.status(201).json({ message: "API key created successfully" });
  }
  if (result.code === "DUPLICATE") {
    return res.status(409).json({ message: "API key already exists" });
  }
  return res.status(500).json({ message: "Failed to create API key" });
 });
 router.get("/apiKeys/validate/:key", async (req, res) => {
  try {
    const rawKey = req.params.key;
    const result = await getAllApiKeys();
    if (!result.success || !Array.isArray(result.data)) {
      return res.status(500).json({ valid: false });
    }
    const isValid = result.data.some((entry) => {
      const val = String(
        entry?.key ?? entry?.apiKey ?? entry?.api_key ?? entry
      );
      return val === String(rawKey);
    });
    return res.status(200).json({ valid: isValid });
  } catch (err) {
    console.error("validate api key error:", err);
    return res.status(500).json({ valid: false });
  }
 });
 export default router;
--- a/backend/routes/apiV2.js
+++ b/backend/routes/apiV2.js
@@ -0,0 +1,133 @@
 import express from "express";
 import dotenv from "dotenv";
 import {
  getItemsFromDatabaseV2,
  changeInSafeStateV2,
  setTakeDateV2,
  setReturnDateV2,
  getLoanByCodeV2,
  getAllLoansV2,
  getAPIkey,
 } from "../services/database.js";
 dotenv.config();
 const router = express.Router();
 async function validateAPIKey(apiKey) {
  try {
    if (!apiKey) return false;
    const result = await getAPIkey();
    if (!result?.success || !Array.isArray(result.data)) return false;
    return result.data.some((row) => String(row.apiKey) === String(apiKey));
  } catch (err) {
    console.error("validateAPIKey error:", err);
    return false;
  }
 }
 // Add a guard that returns Access Denied instead of hanging
 const apiKeyGuard = async (req, res, next) => {
  try {
    const key = req.params.key;
    if (!key) {
      return res
        .status(401)
        .json({ message: "Access denied: missing API key" });
    }
    const ok = await validateAPIKey(key);
    if (!ok) {
      return res
        .status(401)
        .json({ message: "Access denied: invalid API key" });
    }
    next();
  } catch (e) {
    console.error("apiKeyGuard error:", e);
    res.status(500).json({ message: "Internal server error" });
  }
 };
 // Route for API to get ALL items from the database
 router.get("/items/:key", apiKeyGuard, async (req, res) => {
  const result = await getItemsFromDatabaseV2();
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to fetch items" });
  }
 });
 // Route for API to control the position of an item
 router.post(
  "/controlInSafe/:key/:itemId/:state",
  apiKeyGuard,
  async (req, res) => {
    const itemId = req.params.itemId;
    const state = req.params.state;
    if (state === "1" || state === "0") {
      const result = await changeInSafeStateV2(itemId, state);
      if (result.success) {
        res.status(200).json({ data: result.data });
      } else {
        res.status(500).json({ message: "Failed to update item state" });
      }
    } else {
      res.status(400).json({ message: "Invalid state value" });
    }
  }
 );
 // Route for API to get a loan by its code
 router.get("/getLoanByCode/:key/:loan_code", apiKeyGuard, async (req, res) => {
  const loan_code = req.params.loan_code;
  const result = await getLoanByCodeV2(loan_code);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(404).json({ message: "Loan not found" });
  }
 });
 // Route for API to set the return date by the loan code
 router.post("/setReturnDate/:key/:loan_code", apiKeyGuard, async (req, res) => {
  const loanCode = req.params.loan_code;
  const result = await setReturnDateV2(loanCode);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to set return date" });
  }
 });
 // Route for API to set the take away date by the loan code
 router.post("/setTakeDate/:key/:loan_code", apiKeyGuard, async (req, res) => {
  const loanCode = req.params.loan_code;
  const result = await setTakeDateV2(loanCode);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to set take date" });
  }
 });
 // Route for API to get ALL loans from the database without sensitive info (only for landingpage)
 router.get("/allLoans", async (req, res) => {
  const result = await getAllLoansV2();
  if (result.success) {
    return res.status(200).json(result.data);
  }
  return res.status(500).json({ message: "Failed to fetch loans" });
 });
 // Route for API to get ALL items from the database (only for landingpage)
 router.get("/allItems", async (req, res) => {
  const result = await getItemsFromDatabaseV2();
  if (result.success) {
    res.status(200).json(result.data);
  } else {
    res.status(500).json({ message: "Failed to fetch items" });
  }
 });
 export default router;
--- a/backend/server.js
+++ b/backend/server.js
@@ -0,0 +1,37 @@
 import express from "express";
 import cors from "cors";
 import env from "dotenv";
 import apiRouter from "./routes/api.js";
 import apiRouterV2 from "./routes/apiV2.js";
 env.config();
 const app = express();
 const port = 8002;
 import serverInfo from "./info.json" assert { type: "json" }
 app.use(cors());
 // Increase body size limits to support large CSV JSON payloads
 app.use(express.urlencoded({ extended: true, limit: "10mb" }));
 app.set("view engine", "ejs");
 app.use(express.json({ limit: "10mb" }));
 app.use("/api", apiRouter);
 app.use("/apiV2", apiRouterV2);
 app.get("/", (req, res) => {
  res.render("index.ejs");
 });
 app.get("/server-info", async (req, res) => {
  res.status(200).json(serverInfo);
 });
 app.listen(port, () => {
  console.log(`Server is running on port: ${port}`);
 });
 // error handling code
 app.use((err, req, res, next) => {
  // Log the error stack and send a generic error response
  console.error(err.stack);
  res.status(500).send("Something broke!");
 });
--- a/backend/services/database.js
+++ b/backend/services/database.js
@@ -0,0 +1,551 @@
 import mysql from "mysql2";
 import dotenv from "dotenv";
 dotenv.config();
 const pool = mysql
  .createPool({
    host: process.env.DB_HOST,
    user: process.env.DB_USER,
    password: process.env.DB_PASSWORD,
    database: process.env.DB_NAME,
  })
  .promise();
 export const loginFunc = async (username, password) => {
  const [result] = await pool.query(
    "SELECT * FROM users WHERE username = ? AND password = ?",
    [username, password]
  );
  if (result.length > 0) return { success: true, data: result[0] };
  return { success: false };
 };
 export const getItemsFromDatabaseV2 = async () => {
  const [rows] = await pool.query("SELECT * FROM items;");
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
 export const getLoanByCodeV2 = async (loan_code) => {
  const [result] = await pool.query(
    "SELECT * FROM loans WHERE loan_code = ?;",
    [loan_code]
  );
  if (result.length > 0) {
    return { success: true, data: result[0] };
  }
  return { success: false };
 };
 export const changeInSafeStateV2 = async (itemId) => {
  const [result] = await pool.query(
    "UPDATE items SET in = NOT inSafe WHERE id = ?",
    [itemId]
  );
  if (result.affectedRows > 0) {
    return { success: true };
  }
  return { success: false };
 };
 export const setReturnDateV2 = async (loanCode) => {
  const [items] = await pool.query(
    "SELECT loaned_items_id FROM loans WHERE loan_code = ?",
    [loanCode]
  );
  if (items.length === 0) return { success: false };
  const itemIds = Array.isArray(items[0].loaned_items_id)
    ? items[0].loaned_items_id
    : JSON.parse(items[0].loaned_items_id || "[]");
  const [setItemStates] = await pool.query(
    "UPDATE items SET inSafe = 1 WHERE id IN (?)",
    [itemIds]
  );
  const [result] = await pool.query(
    "UPDATE loans SET returned_date = NOW() WHERE loan_code = ?",
    [loanCode]
  );
  if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
    return { success: true };
  }
  return { success: false };
 };
 export const setTakeDateV2 = async (loanCode) => {
  const [items] = await pool.query(
    "SELECT loaned_items_id FROM loans WHERE loan_code = ?",
    [loanCode]
  );
  if (items.length === 0) return { success: false };
  const itemIds = Array.isArray(items[0].loaned_items_id)
    ? items[0].loaned_items_id
    : JSON.parse(items[0].loaned_items_id || "[]");
  const [setItemStates] = await pool.query(
    "UPDATE items SET inSafe = 0 WHERE id IN (?)",
    [itemIds]
  );
  const [result] = await pool.query(
    "UPDATE loans SET take_date = NOW() WHERE loan_code = ?",
    [loanCode]
  );
  if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
    return { success: true };
  }
  return { success: false };
 };
 export const getItemsFromDatabase = async (role) => {
  const sql =
    role == 0
      ? "SELECT * FROM items;"
      : "SELECT * FROM items WHERE can_borrow_role >= ?";
  const params = role == 0 ? [] : [role];
  const [rows] = await pool.query(sql, params);
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
 export const getLoansFromDatabase = async () => {
  const [rows] = await pool.query("SELECT * FROM loans;");
  return { success: true, data: rows.length > 0 ? rows : null };
 };
 export const getUserLoansFromDatabase = async (username) => {
  const [result] = await pool.query(
    "SELECT * FROM loans WHERE username = ? AND deleted = 0;",
    [username]
  );
  if (result.length > 0) {
    return { success: true, data: result };
  } else if (result.length == 0) {
    return { success: true, data: "No loans found for this user" };
  } else {
    return { success: false };
  }
 };
 export const deleteLoanFromDatabase = async (loanId) => {
  const [result] = await pool.query("DELETE FROM loans WHERE id = ?;", [
    loanId,
  ]);
  if (result.affectedRows > 0) {
    return { success: true };
  } else {
    return { success: false };
  }
 };
 export const SETdeleteLoanFromDatabase = async (loanId) => {
  const [result] = await pool.query(
    "UPDATE loans SET deleted = 1 WHERE id = ?;",
    [loanId]
  );
  if (result.affectedRows > 0) {
    return { success: true };
  } else {
    return { success: false };
  }
 };
 export const getBorrowableItemsFromDatabase = async (
  startDate,
  endDate,
  role = 0
 ) => {
  // Overlap if: loan.start < end AND effective_end > start
  // effective_end is returned_date if set, otherwise end_date
  const hasRoleFilter = Number(role) > 0;
  const sql = `
    SELECT i.*
    FROM items i
    WHERE ${hasRoleFilter ? "i.can_borrow_role >= ? AND " : ""}NOT EXISTS (
      SELECT 1
      FROM loans l
      JOIN JSON_TABLE(l.loaned_items_id, '$[*]' COLUMNS (item_id INT PATH '$')) jt
      WHERE jt.item_id = i.id
        AND l.deleted = 0
        AND l.start_date < ?
        AND COALESCE(l.returned_date, l.end_date) > ?
    );
  `;
  const params = hasRoleFilter
    ? [role, endDate, startDate]
    : [endDate, startDate];
  const [rows] = await pool.query(sql, params);
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
 export const getLoanInfoWithID = async (loanId) => {
  const [rows] = await pool.query("SELECT * FROM loans WHERE id = ?;", [
    loanId,
  ]);
  if (rows.length > 0) {
    return { success: true, data: rows[0] };
  }
  return { success: false };
 };
 export const createLoanInDatabase = async (
  username,
  startDate,
  endDate,
  itemIds
 ) => {
  if (!username)
    return { success: false, code: "BAD_REQUEST", message: "Missing username" };
  if (!Array.isArray(itemIds) || itemIds.length === 0)
    return {
      success: false,
      code: "BAD_REQUEST",
      message: "No items provided",
    };
  if (!startDate || !endDate)
    return { success: false, code: "BAD_REQUEST", message: "Missing dates" };
  const start = new Date(startDate);
  const end = new Date(endDate);
  if (
    !(start instanceof Date) ||
    isNaN(start.getTime()) ||
    !(end instanceof Date) ||
    isNaN(end.getTime()) ||
    start >= end
  ) {
    return {
      success: false,
      code: "BAD_REQUEST",
      message: "Invalid date range",
    };
  }
  const conn = await pool.getConnection();
  try {
    await conn.beginTransaction();
    // Ensure all items exist and collect names
    const [itemsRows] = await conn.query(
      "SELECT id, item_name FROM items WHERE id IN (?)",
      [itemIds]
    );
    if (!itemsRows || itemsRows.length !== itemIds.length) {
      await conn.rollback();
      return {
        success: false,
        code: "BAD_REQUEST",
        message: "One or more items not found",
      };
    }
    const itemNames = itemIds
      .map(
        (id) => itemsRows.find((r) => Number(r.id) === Number(id))?.item_name
      )
      .filter(Boolean);
    // Check availability (no overlap with existing loans)
    const [confRows] = await conn.query(
      `
      SELECT COUNT(*) AS conflicts
      FROM loans l
      JOIN JSON_TABLE(l.loaned_items_id, '$[*]' COLUMNS (item_id INT PATH '$')) jt
        ON TRUE
      WHERE jt.item_id IN (?)
        AND l.deleted = 0
        AND l.start_date < ?
        AND COALESCE(l.returned_date, l.end_date) > ?
      `,
      [itemIds, end, start]
    );
    if (confRows?.[0]?.conflicts > 0) {
      await conn.rollback();
      return {
        success: false,
        code: "CONFLICT",
        message: "One or more items are not available in the selected period",
      };
    }
    // Generate unique loan_code (retry a few times)
    let loanCode = null;
    for (let i = 0; i < 6; i++) {
      const candidate = Math.floor(100000 + Math.random() * 899999); // 6 digits
      const [exists] = await conn.query(
        "SELECT 1 FROM loans WHERE loan_code = ? LIMIT 1",
        [candidate]
      );
      if (exists.length === 0) {
        loanCode = candidate;
        break;
      }
    }
    if (!loanCode) {
      await conn.rollback();
      return {
        success: false,
        code: "SERVER_ERROR",
        message: "Failed to generate unique loan code",
      };
    }
    // Insert loan
    const [insertRes] = await conn.query(
      `
      INSERT INTO loans (username, loan_code, start_date, end_date, loaned_items_id, loaned_items_name)
      VALUES (?, ?, ?, ?, CAST(? AS JSON), CAST(? AS JSON))
      `,
      [
        username,
        loanCode,
        // Use DATETIME/TIMESTAMP friendly format
        new Date(start).toISOString().slice(0, 19).replace("T", " "),
        new Date(end).toISOString().slice(0, 19).replace("T", " "),
        JSON.stringify(itemIds.map((n) => Number(n))),
        JSON.stringify(itemNames),
      ]
    );
    await conn.commit();
    return {
      success: true,
      data: {
        id: insertRes.insertId,
        loan_code: loanCode,
        username,
        start_date: start,
        end_date: end,
        items: itemIds,
        item_names: itemNames,
      },
    };
  } catch (err) {
    await conn.rollback();
    console.error("createLoanInDatabase error:", err);
    return {
      success: false,
      code: "SERVER_ERROR",
      message: "Failed to create loan",
    };
  } finally {
    conn.release();
  }
 };
 // These functions are only temporary, and will be deleted when the full bin is set up.
 export const onTake = async (loanId) => {
  const [items] = await pool.query(
    "SELECT loaned_items_id FROM loans WHERE id = ?",
    [loanId]
  );
  if (items.length === 0) return { success: false };
  const itemIds = Array.isArray(items[0].loaned_items_id)
    ? items[0].loaned_items_id
    : JSON.parse(items[0].loaned_items_id || "[]");
  const [setItemStates] = await pool.query(
    "UPDATE items SET inSafe = 0 WHERE id IN (?)",
    [itemIds]
  );
  const [result] = await pool.query(
    "UPDATE loans SET take_date = NOW() WHERE id = ?",
    [loanId]
  );
  if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
    return { success: true };
  }
  return { success: false };
 };
 export const onReturn = async (loanId) => {
  const [items] = await pool.query(
    "SELECT loaned_items_id FROM loans WHERE id = ?",
    [loanId]
  );
  if (items.length === 0) return { success: false };
  const itemIds = Array.isArray(items[0].loaned_items_id)
    ? items[0].loaned_items_id
    : JSON.parse(items[0].loaned_items_id || "[]");
  const [setItemStates] = await pool.query(
    "UPDATE items SET inSafe = 1 WHERE id IN (?)",
    [itemIds]
  );
  const [result] = await pool.query(
    "UPDATE loans SET returned_date = NOW() WHERE id = ?",
    [loanId]
  );
  if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
    return { success: true };
  }
  return { success: false };
 };
 // Temporary functions end here.
 export const loginAdmin = async (username, password) => {
  const [result] = await pool.query(
    "SELECT * FROM admins WHERE username = ? AND password = ?",
    [username, password]
  );
  if (result.length > 0) return { success: true, data: result[0] };
  return { success: false };
 };
 export const getAllUsers = async () => {
  const [result] = await pool.query(
    "SELECT id, username, role, entry_created_at FROM users"
  );
  if (result.length > 0) return { success: true, data: result };
  return { success: false };
 };
 export const deleteUserID = async (userId) => {
  const [result] = await pool.query("DELETE FROM users WHERE id = ?", [userId]);
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const handleEdit = async (userId, username, role) => {
  const [result] = await pool.query(
    "UPDATE users SET username = ?, role = ? WHERE id = ?",
    [username, role, userId]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const createUser = async (username, role, password) => {
  const [result] = await pool.query(
    "INSERT INTO users (username, role, password) VALUES (?, ?, ?)",
    [username, role, password]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const getAllLoans = async () => {
  const [result] = await pool.query("SELECT * FROM loans");
  if (result.length > 0) return { success: true, data: result };
  return { success: false };
 };
 export const getAllItems = async () => {
  const [result] = await pool.query("SELECT * FROM items");
  if (result.length > 0) return { success: true, data: result };
  return { success: false };
 };
 export const deleteItemID = async (itemId) => {
  const [result] = await pool.query("DELETE FROM items WHERE id = ?", [itemId]);
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const createItem = async (item_name, can_borrow_role) => {
  const [result] = await pool.query(
    "INSERT INTO items (item_name, can_borrow_role) VALUES (?, ?)",
    [item_name, can_borrow_role]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const changeUserPassword = async (username, newPassword) => {
  const [result] = await pool.query(
    "UPDATE users SET password = ? WHERE username = ?",
    [newPassword, username]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const changeUserPasswordFRONTEND = async (
  username,
  oldPassword,
  newPassword
 ) => {
  const [result] = await pool.query(
    "UPDATE users SET password = ? WHERE username = ? AND password = ?",
    [newPassword, username, oldPassword]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const updateItemByID = async (itemId, item_name, can_borrow_role) => {
  const [result] = await pool.query(
    "UPDATE items SET item_name = ?, can_borrow_role = ? WHERE id = ?",
    [item_name, can_borrow_role, itemId]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const getAllLoansV2 = async () => {
  const [rows] = await pool.query(
    "SELECT id, username, start_date, end_date, loaned_items_name, returned_date, take_date FROM loans"
  );
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
 export const getAllApiKeys = async () => {
  const [rows] = await pool.query("SELECT * FROM apiKeys");
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
 export const createAPIentry = async (apiKey, user) => {
  const [result] = await pool.query(
    "INSERT INTO apiKeys (apiKey, user) VALUES (?, ?)",
    [apiKey, user]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const deleteAPKey = async (apiKeyId) => {
  const [result] = await pool.query("DELETE FROM apiKeys WHERE id = ?", [
    apiKeyId,
  ]);
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
 export const getAPIkey = async () => {
  const [rows] = await pool.query("SELECT apiKey FROM apiKeys");
  if (rows.length > 0) {
    return { success: true, data: rows };
  }
  return { success: false };
 };
--- a/backend/services/tokenService.js
+++ b/backend/services/tokenService.js
@@ -0,0 +1,25 @@
 import { SignJWT, jwtVerify } from "jose";
 import env from "dotenv";
 env.config();
 const secret = new TextEncoder().encode(process.env.SECRET_KEY);
 export async function generateToken(payload) {
  const newToken = await new SignJWT(payload)
    .setProtectedHeader({ alg: "HS256" })
    .setIssuedAt()
    .setExpirationTime("2h") // Token valid for 2 hours
    .sign(secret);
  return newToken;
 }
 export async function authenticate(req, res, next) {
  const authHeader = req.headers["authorization"];
  const token = authHeader && authHeader.split(" ")[1]; // Bearer <token>
  if (token == null) return res.sendStatus(401); // No token present
  const { payload } = await jwtVerify(token, secret);
  req.user = payload;
  next();
 }
--- a/backend/views/index.ejs
+++ b/backend/views/index.ejs
@@ -0,0 +1,11 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>backend</title>
 </head>
 <body>
    backend
 </body>
 </html>
--- a/backendV2/info.json
+++ b/backendV2/info.json
@@ -1,11 +1,11 @@
 {
    "backend-info": {
-        "version": "v2.0.1 (dev)"
+        "version": "v2.0"
    },
    "frontend-info": {
-        "version": "v2.0 (dev)"
+        "version": "v2.0"
    },
    "admin-panel-info": {
-        "version": "v1.3 (dev)"
+        "version": "v1.2"
    }
 }
--- a/backendV2/routes/admin/database/itemDataMgmt.database.js
+++ b/backendV2/routes/admin/database/itemDataMgmt.database.js
@@ -32,22 +32,10 @@ export const createItem = async (item_name, can_borrow_role, lockerNumber) => {
  return { success: false };
 };
-export const editItemById = async (
+export const editItemById = async (itemId, item_name, can_borrow_role) => {
  itemId,
  item_name,
  can_borrow_role,
  safe_nr,
  door_key
 ) => {
  let newSafeNr;
  if (safe_nr === null || safe_nr === "") {
    newSafeNr = null;
  } else {
    newSafeNr = safe_nr;
  }
  const [result] = await pool.query(
-    "UPDATE items SET item_name = ?, can_borrow_role = ?, safe_nr = ?, door_key = ?, entry_updated_at = NOW() WHERE id = ?",
+    "UPDATE items SET item_name = ?, can_borrow_role = ?, entry_updated_at = NOW() WHERE id = ?",
-    [item_name, can_borrow_role, newSafeNr, door_key, itemId]
+    [item_name, can_borrow_role, itemId]
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
--- a/backendV2/routes/admin/itemDataMgmt.route.js
+++ b/backendV2/routes/admin/itemDataMgmt.route.js
@@ -41,14 +41,11 @@ router.post("/create-item", authenticateAdmin, async (req, res) => {
 router.post("/edit-item/:id", authenticateAdmin, async (req, res) => {
  const itemId = req.params.id;
-  const { item_name, can_borrow_role, safe_nr, door_key } = req.body;
+  const { item_name, can_borrow_role } = req.body;
  const result = await editItemById(
    itemId,
    item_name,
-    can_borrow_role,
+    can_borrow_role
    safe_nr,
    door_key
  );
  if (result.success) {
    return res.status(200).json({ message: "Item edited successfully" });
--- a/backendV2/routes/api/api.database.js
+++ b/backendV2/routes/api/api.database.js
@@ -114,22 +114,3 @@ export const getAllLoansV2 = async () => {
  }
  return { success: false };
 };
 export const openDoor = async (doorKey) => {
  const [result] = await pool.query(
    "SELECT safe_nr, id FROM items WHERE door_key = ?;",
    [doorKey]
  );
  if (result.length > 0) {
    const [changeItemSate] = await pool.query(
      "UPDATE items SET in_safe = NOT in_safe WHERE id = ?",
      [result[0].id]
    );
    if (changeItemSate.affectedRows > 0) {
      return { success: true, data: result[0] };
    } else {
      return { success: false };
    }
  }
  return { success: false };
 };
--- a/backendV2/routes/api/api.route.js
+++ b/backendV2/routes/api/api.route.js
@@ -10,7 +10,6 @@ import {
  setTakeDateV2,
  setReturnDateV2,
  getLoanByCodeV2,
  openDoor,
 } from "./api.database.js";
 // Route for API to get all items from the database
@@ -80,16 +79,4 @@ router.post(
  }
 );
 // Route for API to open a door
 router.get("/open-door/:key/:doorKey", authenticate, async (req, res) => {
  const doorKey = req.params.doorKey;
  const result = await openDoor(doorKey);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to open door" });
  }
 });
 export default router;
--- a/backendV2/routes/app/database/loansMgmt.database.js
+++ b/backendV2/routes/app/database/loansMgmt.database.js
@@ -69,20 +69,12 @@ export const createLoanInDatabase = async (
      )
      .filter(Boolean);
-    // Build lockers array (unique, only 2-digit numbers from safe_nr)
+    // Build lockers array (unique, only 2-digit strings)
    const lockers = [
      ...new Set(
        itemsRows
          .map((r) => r.safe_nr)
-          .filter(
+          .filter((sn) => typeof sn === "string" && /^\d{2}$/.test(sn))
            (sn) =>
              sn !== null &&
              sn !== undefined &&
              Number.isInteger(Number(sn)) &&
              Number(sn) >= 0 &&
              Number(sn) <= 99
          )
          .map((sn) => Number(sn))
      ),
    ];
--- a/backendV2/routes/app/services/mailer.js
+++ b/backendV2/routes/app/services/mailer.js
@@ -2,38 +2,6 @@ import nodemailer from "nodemailer";
 import dotenv from "dotenv";
 dotenv.config();
 const formatDateTime = (value) => {
  if (value == null) return "N/A";
  const toOut = (d) => {
    if (!(d instanceof Date) || isNaN(d.getTime())) return "N/A";
    const dd = String(d.getDate()).padStart(2, "0");
    const mm = String(d.getMonth() + 1).padStart(2, "0");
    const yyyy = d.getFullYear();
    const hh = String(d.getHours()).padStart(2, "0");
    const mi = String(d.getMinutes()).padStart(2, "0");
    return `${dd}.${mm}.${yyyy} ${hh}:${mi} Uhr`;
  };
  if (value instanceof Date) return toOut(value);
  if (typeof value === "number") return toOut(new Date(value));
  const s = String(value).trim();
  // Direct pattern: "YYYY-MM-DD[ T]HH:mm[:ss]"
  const m = s.match(/^(\d{4})-(\d{2})-(\d{2})[ T](\d{2}):(\d{2})(?::\d{2})?/);
  if (m) {
    const [, y, M, d, h, min] = m;
    return `${d}.${M}.${y} ${h}:${min} Uhr`;
  }
  // ISO or other parseable formats
  const dObj = new Date(s);
  if (!isNaN(dObj.getTime())) return toOut(dObj);
  return "N/A";
 };
 function buildLoanEmail({ user, items, startDate, endDate, createdDate }) {
  const brand = process.env.MAIL_BRAND_COLOR || "#0ea5e9";
  const itemsList =
@@ -174,8 +142,7 @@ export function sendMailLoan(user, items, startDate, endDate, createdDate) {
      html: buildLoanEmail({ user, items, startDate, endDate, createdDate }),
    });
-    // debugging logs
+    console.log("Message sent:", info.messageId);
    // console.log("Message sent:", info.messageId);
  })();
-  // console.log("sendMailLoan called");
+  console.log("sendMailLoan called");
 }
--- a/backendV2/scheme.xlsx
+++ b/backendV2/scheme.xlsx
--- a/backendV2/schemeV2.sql
+++ b/backendV2/schemeV2.sql
@@ -37,13 +37,13 @@ CREATE TABLE items (
  item_name varchar(255) NOT NULL UNIQUE,
  can_borrow_role INT NOT NULL,
  in_safe bool NOT NULL DEFAULT true,
-  safe_nr INT DEFAULT NULL UNIQUE,
+  safe_nr CHAR(2) DEFAULT NULL UNIQUE,
  door_key INT DEFAULT NULL UNIQUE,
  entry_created_at timestamp NULL DEFAULT CURRENT_TIMESTAMP,
  entry_updated_at timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  last_borrowed_person varchar(255) DEFAULT NULL,
  currently_borrowing varchar(255) DEFAULT NULL,
-  PRIMARY KEY (id)
+  PRIMARY KEY (id),
  CHECK (safe_nr REGEXP '^[0-9]{2}$' OR safe_nr IS NULL)
 ) ENGINE=InnoDB;
 CREATE TABLE apiKeys (
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,23 +1,43 @@
 services:
-  #  usr-frontend_v2:
+  usr-frontend_v2:
-  #    container_name: borrow_system-usr-frontend
+    container_name: borrow_system-usr-frontend
-  #    build: ./FrontendV2
+    build: ./FrontendV2
-  #    ports:
+    ports:
-  #      - "8001:80"
+      - "8101:80"
-  #    restart: unless-stopped
+    restart: unless-stopped
-  #  admin-frontend:
+  admin-frontend:
-  #    container_name: borrow_system-admin-frontend
+    container_name: borrow_system-admin-frontend
-  #    build: ./admin
+    build: ./admin
    ports:
      - "8103:80"
    restart: unless-stopped
  #backend:
  #  container_name: borrow_system-backend
  #  build: ./backend
  #  ports:
-  #      - "8003:80"
+  #    - "8002:8002"
  #  environment:
  #    NODE_ENV: production
  #    DB_HOST: mysql
  #    DB_USER: root
  #    DB_PASSWORD: ${DB_PASSWORD}
  #    DB_NAME: borrow_system
  #  depends_on:
  #    - mysql
  #  restart: unless-stopped
  #  healthcheck:
  #    test: ["CMD", "wget", "-qO-", "http://localhost:8002/server-info"]
  #    interval: 30s
  #    timeout: 5s
  #    retries: 3
  backend_v2:
    container_name: borrow_system-backend_v2
    build: ./backendV2
    ports:
-      - "8004:8004"
+      - "8102:8102"
    environment:
      NODE_ENV: production
      DB_HOST: mysql_v2
@@ -28,6 +48,20 @@ services:
      - mysql_v2
    restart: unless-stopped
  # mysql:
  #   container_name: borrow_system-mysql
  #   image: mysql:8.0
  #   restart: unless-stopped
  #   environment:
  #     MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
  #     MYSQL_DATABASE: borrow_system
  #     TZ: Europe/Berlin
  #   volumes:
  #     - mysql-data:/var/lib/mysql
  #     - ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro
  #   ports:
  #     - "3309:3306"
  mysql_v2:
    container_name: borrow_system-mysql-v2
    image: mysql:8.0
--- a/next-js/.gitignore
+++ b/next-js/.gitignore
@@ -1,41 +0,0 @@
 # See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
 # dependencies
 /node_modules
 /.pnp
 .pnp.*
 .yarn/*
 !.yarn/patches
 !.yarn/plugins
 !.yarn/releases
 !.yarn/versions
 # testing
 /coverage
 # next.js
 /.next/
 /out/
 # production
 /build
 # misc
 .DS_Store
 *.pem
 # debug
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 .pnpm-debug.log*
 # env files (can opt-in for committing if needed)
 .env*
 # vercel
 .vercel
 # typescript
 *.tsbuildinfo
 next-env.d.ts
--- a/next-js/README.md
+++ b/next-js/README.md
@@ -1,36 +0,0 @@
 This is a [Next.js](https://nextjs.org) project bootstrapped with [`create-next-app`](https://nextjs.org/docs/app/api-reference/cli/create-next-app).
 ## Getting Started
 First, run the development server:
 ```bash
 npm run dev
 # or
 yarn dev
 # or
 pnpm dev
 # or
 bun dev
 ```
 Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
 You can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.
 This project uses [`next/font`](https://nextjs.org/docs/app/building-your-application/optimizing/fonts) to automatically optimize and load [Geist](https://vercel.com/font), a new font family for Vercel.
 ## Learn More
 To learn more about Next.js, take a look at the following resources:
 - [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
 - [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
 You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js) - your feedback and contributions are welcome!
 ## Deploy on Vercel
 The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
 Check out our [Next.js deployment documentation](https://nextjs.org/docs/app/building-your-application/deploying) for more details.
--- a/next-js/app/favicon.ico
+++ b/next-js/app/favicon.ico
--- a/next-js/app/globals.css
+++ b/next-js/app/globals.css
@@ -1,26 +0,0 @@
@import "tailwindcss";
 :root {
  --background: #ffffff;
  --foreground: #171717;
 }
@theme inline {
  --color-background: var(--background);
  --color-foreground: var(--foreground);
  --font-sans: var(--font-geist-sans);
  --font-mono: var(--font-geist-mono);
 }
@media (prefers-color-scheme: dark) {
  :root {
    --background: #0a0a0a;
    --foreground: #ededed;
  }
 }
 body {
  background: var(--background);
  color: var(--foreground);
  font-family: Arial, Helvetica, sans-serif;
 }
--- a/next-js/app/layout.tsx
+++ b/next-js/app/layout.tsx
@@ -1,34 +0,0 @@
 import type { Metadata } from "next";
 import { Geist, Geist_Mono } from "next/font/google";
 import "./globals.css";
 const geistSans = Geist({
  variable: "--font-geist-sans",
  subsets: ["latin"],
 });
 const geistMono = Geist_Mono({
  variable: "--font-geist-mono",
  subsets: ["latin"],
 });
 export const metadata: Metadata = {
  title: "Create Next App",
  description: "Generated by create next app",
 };
 export default function RootLayout({
  children,
 }: Readonly<{
  children: React.ReactNode;
 }>) {
  return (
    <html lang="en">
      <body
        className={`${geistSans.variable} ${geistMono.variable} antialiased`}
      >
        {children}
      </body>
    </html>
  );
 }
--- a/next-js/app/page.tsx
+++ b/next-js/app/page.tsx
@@ -1,65 +0,0 @@
 import Image from "next/image";
 export default function Home() {
  return (
    <div className="flex min-h-screen items-center justify-center bg-zinc-50 font-sans dark:bg-black">
      <main className="flex min-h-screen w-full max-w-3xl flex-col items-center justify-between py-32 px-16 bg-white dark:bg-black sm:items-start">
        <Image
          className="dark:invert"
          src="/next.svg"
          alt="Next.js logo"
          width={100}
          height={20}
          priority
        />
        <div className="flex flex-col items-center gap-6 text-center sm:items-start sm:text-left">
          <h1 className="max-w-xs text-3xl font-semibold leading-10 tracking-tight text-black dark:text-zinc-50">
            To get started, edit the page.tsx file.
          </h1>
          <p className="max-w-md text-lg leading-8 text-zinc-600 dark:text-zinc-400">
            Looking for a starting point or more instructions? Head over to{" "}
            <a
              href="https://vercel.com/templates?framework=next.js&utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
              className="font-medium text-zinc-950 dark:text-zinc-50"
            >
              Templates
            </a>{" "}
            or the{" "}
            <a
              href="https://nextjs.org/learn?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
              className="font-medium text-zinc-950 dark:text-zinc-50"
            >
              Learning
            </a>{" "}
            center.
          </p>
        </div>
        <div className="flex flex-col gap-4 text-base font-medium sm:flex-row">
          <a
            className="flex h-12 w-full items-center justify-center gap-2 rounded-full bg-foreground px-5 text-background transition-colors hover:bg-[#383838] dark:hover:bg-[#ccc] md:w-[158px]"
            href="https://vercel.com/new?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
            target="_blank"
            rel="noopener noreferrer"
          >
            <Image
              className="dark:invert"
              src="/vercel.svg"
              alt="Vercel logomark"
              width={16}
              height={16}
            />
            Deploy Now
          </a>
          <a
            className="flex h-12 w-full items-center justify-center rounded-full border border-solid px-5 transition-colors hover:border-transparent dark:border-white/[.145] dark:hover:bg-[#1a1a1a] md:w-[158px]"
            href="https://nextjs.org/docs?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
            target="_blank"
            rel="noopener noreferrer"
          >
            Documentation
          </a>
        </div>
      </main>
    </div>
  );
 }
--- a/next-js/eslint.config.mjs
+++ b/next-js/eslint.config.mjs
@@ -1,18 +0,0 @@
 import { defineConfig, globalIgnores } from "eslint/config";
 import nextVitals from "eslint-config-next/core-web-vitals";
 import nextTs from "eslint-config-next/typescript";
 const eslintConfig = defineConfig([
  ...nextVitals,
  ...nextTs,
  // Override default ignores of eslint-config-next.
  globalIgnores([
    // Default ignores of eslint-config-next:
    ".next/**",
    "out/**",
    "build/**",
    "next-env.d.ts",
  ]),
 ]);
 export default eslintConfig;
--- a/next-js/next.config.ts
+++ b/next-js/next.config.ts
@@ -1,8 +0,0 @@
 import type { NextConfig } from "next";
 const nextConfig: NextConfig = {
  /* config options here */
  reactCompiler: true,
 };
 export default nextConfig;
--- a/next-js/package-lock.json
+++ b/next-js/package-lock.json
--- a/next-js/package.json
+++ b/next-js/package.json
@@ -1,27 +0,0 @@
 {
  "name": "next-js",
  "version": "0.1.0",
  "private": true,
  "scripts": {
    "dev": "next dev",
    "build": "next build",
    "start": "next start",
    "lint": "eslint"
  },
  "dependencies": {
    "next": "16.0.5",
    "react": "19.2.0",
    "react-dom": "19.2.0"
  },
  "devDependencies": {
    "@tailwindcss/postcss": "^4",
    "@types/node": "^20",
    "@types/react": "^19",
    "@types/react-dom": "^19",
    "babel-plugin-react-compiler": "1.0.0",
    "eslint": "^9",
    "eslint-config-next": "16.0.5",
    "tailwindcss": "^4",
    "typescript": "^5"
  }
 }
--- a/next-js/postcss.config.mjs
+++ b/next-js/postcss.config.mjs
@@ -1,7 +0,0 @@
 const config = {
  plugins: {
    "@tailwindcss/postcss": {},
  },
 };
 export default config;
--- a/next-js/public/file.svg
+++ b/next-js/public/file.svg
@@ -1 +0,0 @@
 <svg fill="none" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg"><path d="M14.5 13.5V5.41a1 1 0 0 0-.3-.7L9.8.29A1 1 0 0 0 9.08 0H1.5v13.5A2.5 2.5 0 0 0 4 16h8a2.5 2.5 0 0 0 2.5-2.5m-1.5 0v-7H8v-5H3v12a1 1 0 0 0 1 1h8a1 1 0 0 0 1-1M9.5 5V2.12L12.38 5zM5.13 5h-.62v1.25h2.12V5zm-.62 3h7.12v1.25H4.5zm.62 3h-.62v1.25h7.12V11z" clip-rule="evenodd" fill="#666" fill-rule="evenodd"/></svg>
--- a/next-js/public/globe.svg
+++ b/next-js/public/globe.svg
@@ -1 +0,0 @@
 <svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"><g clip-path="url(#a)"><path fill-rule="evenodd" clip-rule="evenodd" d="M10.27 14.1a6.5 6.5 0 0 0 3.67-3.45q-1.24.21-2.7.34-.31 1.83-.97 3.1M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16m.48-1.52a7 7 0 0 1-.96 0H7.5a4 4 0 0 1-.84-1.32q-.38-.89-.63-2.08a40 40 0 0 0 3.92 0q-.25 1.2-.63 2.08a4 4 0 0 1-.84 1.31zm2.94-4.76q1.66-.15 2.95-.43a7 7 0 0 0 0-2.58q-1.3-.27-2.95-.43a18 18 0 0 1 0 3.44m-1.27-3.54a17 17 0 0 1 0 3.64 39 39 0 0 1-4.3 0 17 17 0 0 1 0-3.64 39 39 0 0 1 4.3 0m1.1-1.17q1.45.13 2.69.34a6.5 6.5 0 0 0-3.67-3.44q.65 1.26.98 3.1M8.48 1.5l.01.02q.41.37.84 1.31.38.89.63 2.08a40 40 0 0 0-3.92 0q.25-1.2.63-2.08a4 4 0 0 1 .85-1.32 7 7 0 0 1 .96 0m-2.75.4a6.5 6.5 0 0 0-3.67 3.44 29 29 0 0 1 2.7-.34q.31-1.83.97-3.1M4.58 6.28q-1.66.16-2.95.43a7 7 0 0 0 0 2.58q1.3.27 2.95.43a18 18 0 0 1 0-3.44m.17 4.71q-1.45-.12-2.69-.34a6.5 6.5 0 0 0 3.67 3.44q-.65-1.27-.98-3.1" fill="#666"/></g><defs><clipPath id="a"><path fill="#fff" d="M0 0h16v16H0z"/></clipPath></defs></svg>
--- a/next-js/public/next.svg
+++ b/next-js/public/next.svg
@@ -1 +0,0 @@
 <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 394 80"><path fill="#000" d="M262 0h68.5v12.7h-27.2v66.6h-13.6V12.7H262V0ZM149 0v12.7H94v20.4h44.3v12.6H94v21h55v12.6H80.5V0h68.7zm34.3 0h-17.8l63.8 79.4h17.9l-32-39.7 32-39.6h-17.9l-23 28.6-23-28.6zm18.3 56.7-9-11-27.1 33.7h17.8l18.3-22.7z"/><path fill="#000" d="M81 79.3 17 0H0v79.3h13.6V17l50.2 62.3H81Zm252.6-.4c-1 0-1.8-.4-2.5-1s-1.1-1.6-1.1-2.6.3-1.8 1-2.5 1.6-1 2.6-1 1.8.3 2.5 1a3.4 3.4 0 0 1 .6 4.3 3.7 3.7 0 0 1-3 1.8zm23.2-33.5h6v23.3c0 2.1-.4 4-1.3 5.5a9.1 9.1 0 0 1-3.8 3.5c-1.6.8-3.5 1.3-5.7 1.3-2 0-3.7-.4-5.3-1s-2.8-1.8-3.7-3.2c-.9-1.3-1.4-3-1.4-5h6c.1.8.3 1.6.7 2.2s1 1.2 1.6 1.5c.7.4 1.5.5 2.4.5 1 0 1.8-.2 2.4-.6a4 4 0 0 0 1.6-1.8c.3-.8.5-1.8.5-3V45.5zm30.9 9.1a4.4 4.4 0 0 0-2-3.3 7.5 7.5 0 0 0-4.3-1.1c-1.3 0-2.4.2-3.3.5-.9.4-1.6 1-2 1.6a3.5 3.5 0 0 0-.3 4c.3.5.7.9 1.3 1.2l1.8 1 2 .5 3.2.8c1.3.3 2.5.7 3.7 1.2a13 13 0 0 1 3.2 1.8 8.1 8.1 0 0 1 3 6.5c0 2-.5 3.7-1.5 5.1a10 10 0 0 1-4.4 3.5c-1.8.8-4.1 1.2-6.8 1.2-2.6 0-4.9-.4-6.8-1.2-2-.8-3.4-2-4.5-3.5a10 10 0 0 1-1.7-5.6h6a5 5 0 0 0 3.5 4.6c1 .4 2.2.6 3.4.6 1.3 0 2.5-.2 3.5-.6 1-.4 1.8-1 2.4-1.7a4 4 0 0 0 .8-2.4c0-.9-.2-1.6-.7-2.2a11 11 0 0 0-2.1-1.4l-3.2-1-3.8-1c-2.8-.7-5-1.7-6.6-3.2a7.2 7.2 0 0 1-2.4-5.7 8 8 0 0 1 1.7-5 10 10 0 0 1 4.3-3.5c2-.8 4-1.2 6.4-1.2 2.3 0 4.4.4 6.2 1.2 1.8.8 3.2 2 4.3 3.4 1 1.4 1.5 3 1.5 5h-5.8z"/></svg>
--- a/next-js/public/vercel.svg
+++ b/next-js/public/vercel.svg
@@ -1 +0,0 @@
 <svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1155 1000"><path d="m577.3 0 577.4 1000H0z" fill="#fff"/></svg>
--- a/next-js/public/window.svg
+++ b/next-js/public/window.svg
@@ -1 +0,0 @@
 <svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"><path fill-rule="evenodd" clip-rule="evenodd" d="M1.5 2.5h13v10a1 1 0 0 1-1 1h-11a1 1 0 0 1-1-1zM0 1h16v11.5a2.5 2.5 0 0 1-2.5 2.5h-11A2.5 2.5 0 0 1 0 12.5zm3.75 4.5a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5M7 4.75a.75.75 0 1 1-1.5 0 .75.75 0 0 1 1.5 0m1.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5" fill="#666"/></svg>
--- a/next-js/tsconfig.json
+++ b/next-js/tsconfig.json
@@ -1,34 +0,0 @@
 {
  "compilerOptions": {
    "target": "ES2017",
    "lib": ["dom", "dom.iterable", "esnext"],
    "allowJs": true,
    "skipLibCheck": true,
    "strict": true,
    "noEmit": true,
    "esModuleInterop": true,
    "module": "esnext",
    "moduleResolution": "bundler",
    "resolveJsonModule": true,
    "isolatedModules": true,
    "jsx": "react-jsx",
    "incremental": true,
    "plugins": [
      {
        "name": "next"
      }
    ],
    "paths": {
      "@/*": ["./*"]
    }
  },
  "include": [
    "next-env.d.ts",
    "**/*.ts",
    "**/*.tsx",
    ".next/types/**/*.ts",
    ".next/dev/types/**/*.ts",
    "**/*.mts"
  ],
  "exclude": ["node_modules"]
 }
Author	SHA1	Message	Date
Theis Gaedigk	4c781e9325	changed ports	2025-11-23 20:12:41 +01:00
Theis Gaedigk	451e6b3646	published v2	2025-11-23 20:11:36 +01:00
`@@ -1,4 +1,4 @@`
	`FROM node:22-alpine AS builder`	`FROM node:18 as builder`

	`WORKDIR /app`	`WORKDIR /app`
		`@@ -1 +0,0 @@`
			`<svg fill="none" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg"><path d="M14.5 13.5V5.41a1 1 0 0 0-.3-.7L9.8.29A1 1 0 0 0 9.08 0H1.5v13.5A2.5 2.5 0 0 0 4 16h8a2.5 2.5 0 0 0 2.5-2.5m-1.5 0v-7H8v-5H3v12a1 1 0 0 0 1 1h8a1 1 0 0 0 1-1M9.5 5V2.12L12.38 5zM5.13 5h-.62v1.25h2.12V5zm-.62 3h7.12v1.25H4.5zm.62 3h-.62v1.25h7.12V11z" clip-rule="evenodd" fill="#666" fill-rule="evenodd"/></svg>`
		`@@ -1 +0,0 @@`
			<svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"><g clip-path="url(#a)"><path fill-rule="evenodd" clip-rule="evenodd" d="M10.27 14.1a6.5 6.5 0 0 0 3.67-3.45q-1.24.21-2.7.34-.31 1.83-.97 3.1M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16m.48-1.52a7 7 0 0 1-.96 0H7.5a4 4 0 0 1-.84-1.32q-.38-.89-.63-2.08a40 40 0 0 0 3.92 0q-.25 1.2-.63 2.08a4 4 0 0 1-.84 1.31zm2.94-4.76q1.66-.15 2.95-.43a7 7 0 0 0 0-2.58q-1.3-.27-2.95-.43a18 18 0 0 1 0 3.44m-1.27-3.54a17 17 0 0 1 0 3.64 39 39 0 0 1-4.3 0 17 17 0 0 1 0-3.64 39 39 0 0 1 4.3 0m1.1-1.17q1.45.13 2.69.34a6.5 6.5 0 0 0-3.67-3.44q.65 1.26.98 3.1M8.48 1.5l.01.02q.41.37.84 1.31.38.89.63 2.08a40 40 0 0 0-3.92 0q.25-1.2.63-2.08a4 4 0 0 1 .85-1.32 7 7 0 0 1 .96 0m-2.75.4a6.5 6.5 0 0 0-3.67 3.44 29 29 0 0 1 2.7-.34q.31-1.83.97-3.1M4.58 6.28q-1.66.16-2.95.43a7 7 0 0 0 0 2.58q1.3.27 2.95.43a18 18 0 0 1 0-3.44m.17 4.71q-1.45-.12-2.69-.34a6.5 6.5 0 0 0 3.67 3.44q-.65-1.27-.98-3.1" fill="#666"/></g><defs><clipPath id="a"><path fill="#fff" d="M0 0h16v16H0z"/></clipPath></defs></svg>
		`@@ -1 +0,0 @@`
			<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 394 80"><path fill="#000" d="M262 0h68.5v12.7h-27.2v66.6h-13.6V12.7H262V0ZM149 0v12.7H94v20.4h44.3v12.6H94v21h55v12.6H80.5V0h68.7zm34.3 0h-17.8l63.8 79.4h17.9l-32-39.7 32-39.6h-17.9l-23 28.6-23-28.6zm18.3 56.7-9-11-27.1 33.7h17.8l18.3-22.7z"/><path fill="#000" d="M81 79.3 17 0H0v79.3h13.6V17l50.2 62.3H81Zm252.6-.4c-1 0-1.8-.4-2.5-1s-1.1-1.6-1.1-2.6.3-1.8 1-2.5 1.6-1 2.6-1 1.8.3 2.5 1a3.4 3.4 0 0 1 .6 4.3 3.7 3.7 0 0 1-3 1.8zm23.2-33.5h6v23.3c0 2.1-.4 4-1.3 5.5a9.1 9.1 0 0 1-3.8 3.5c-1.6.8-3.5 1.3-5.7 1.3-2 0-3.7-.4-5.3-1s-2.8-1.8-3.7-3.2c-.9-1.3-1.4-3-1.4-5h6c.1.8.3 1.6.7 2.2s1 1.2 1.6 1.5c.7.4 1.5.5 2.4.5 1 0 1.8-.2 2.4-.6a4 4 0 0 0 1.6-1.8c.3-.8.5-1.8.5-3V45.5zm30.9 9.1a4.4 4.4 0 0 0-2-3.3 7.5 7.5 0 0 0-4.3-1.1c-1.3 0-2.4.2-3.3.5-.9.4-1.6 1-2 1.6a3.5 3.5 0 0 0-.3 4c.3.5.7.9 1.3 1.2l1.8 1 2 .5 3.2.8c1.3.3 2.5.7 3.7 1.2a13 13 0 0 1 3.2 1.8 8.1 8.1 0 0 1 3 6.5c0 2-.5 3.7-1.5 5.1a10 10 0 0 1-4.4 3.5c-1.8.8-4.1 1.2-6.8 1.2-2.6 0-4.9-.4-6.8-1.2-2-.8-3.4-2-4.5-3.5a10 10 0 0 1-1.7-5.6h6a5 5 0 0 0 3.5 4.6c1 .4 2.2.6 3.4.6 1.3 0 2.5-.2 3.5-.6 1-.4 1.8-1 2.4-1.7a4 4 0 0 0 .8-2.4c0-.9-.2-1.6-.7-2.2a11 11 0 0 0-2.1-1.4l-3.2-1-3.8-1c-2.8-.7-5-1.7-6.6-3.2a7.2 7.2 0 0 1-2.4-5.7 8 8 0 0 1 1.7-5 10 10 0 0 1 4.3-3.5c2-.8 4-1.2 6.4-1.2 2.3 0 4.4.4 6.2 1.2 1.8.8 3.2 2 4.3 3.4 1 1.4 1.5 3 1.5 5h-5.8z"/></svg>
		`@@ -1 +0,0 @@`
			`<svg fill="none" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1155 1000"><path d="m577.3 0 577.4 1000H0z" fill="#fff"/></svg>`