refactor: convert repository to monorepo with npm workspaces

Restructured the repository into a monorepo to better organize application code
and maintenance scripts.

## Workspace Structure
- web-app: Next.js application (all app code moved from root)
- housekeeping: Database backup and maintenance scripts

## Key Changes
- Moved all application code to web-app/ using git mv
- Moved database scripts to housekeeping/ workspace
- Updated Dockerfile for monorepo build process
- Updated docker-compose files (volume paths: ./web-app/etc/hosts/)
- Updated .gitignore for workspace-level node_modules
- Updated documentation (README.md, CLAUDE.md, CHANGELOG.md)

## Migration Impact
- Root package.json now manages workspaces
- Build commands delegate to web-app workspace
- All file history preserved via git mv
- Docker build process updated for workspace structure

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

web-app/app/lib/uploadRateLimiter.ts

@@ -0,0 +1,71 @@
+/**
+ * Simple in-memory rate limiter for upload attempts
+ * Tracks by IP address
+ */
+
+interface RateLimitEntry {
+  count: number;
+  resetAt: number; // Unix timestamp
+}
+
+// In-memory store (use Redis for production multi-instance setups)
+const rateLimitStore = new Map<string, RateLimitEntry>();
+
+/**
+ * Check if IP address is rate limited
+ * @returns { allowed: boolean, remaining: number }
+ */
+export function checkUploadRateLimit(ipAddress: string): { allowed: boolean; remaining: number; resetIn: number } {
+
+  const maxUploads = parseInt(process.env.UPLOAD_RATE_LIMIT_PER_IP || '5', 10);
+  const windowMs = parseInt(process.env.UPLOAD_RATE_LIMIT_WINDOW_MS || '3600000', 10); // 1 hour
+
+  const now = Date.now();
+  const key = `upload:${ipAddress}`;
+
+  let entry = rateLimitStore.get(key);
+
+  // Clean up expired entry or create new one
+  if (!entry || now > entry.resetAt) {
+    entry = {
+      count: 0,
+      resetAt: now + windowMs
+    };
+    rateLimitStore.set(key, entry);
+  }
+
+  // Check if limit exceeded
+  if (entry.count >= maxUploads) {
+    return {
+      allowed: false,
+      remaining: 0,
+      resetIn: Math.ceil((entry.resetAt - now) / 1000) // seconds
+    };
+  }
+
+  // Increment counter
+  entry.count++;
+  rateLimitStore.set(key, entry);
+
+  return {
+    allowed: true,
+    remaining: maxUploads - entry.count,
+    resetIn: Math.ceil((entry.resetAt - now) / 1000)
+  };
+}
+
+/**
+ * Periodic cleanup of expired entries (prevent memory leak)
+ * Call this occasionally (e.g., every hour)
+ */
+export function cleanupRateLimitStore() {
+  const now = Date.now();
+  rateLimitStore.forEach((entry, key) => {
+    if (now > entry.resetAt) {
+      rateLimitStore.delete(key);
+    }
+  });
+}
+
+// Auto-cleanup every 10 minutes
+setInterval(cleanupRateLimitStore, 10 * 60 * 1000);