Remove canvas splitting logic since zxing-wasm natively supports multiple barcode detection with maxNumberOfSymbols parameter. Reduces code by 69 lines and improves performance by requiring only a single decode call per canvas. Set maxNumberOfSymbols to 10 for realistic utility bill use case.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Replace @zxing/browser with zxing-wasm for better performance and smaller WebAssembly bundle size (919KB). Added middleware exclusion for .wasm files to prevent i18n routing interference.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add responsive layout for action buttons (stack vertically on mobile, horizontal on sm+)
- Adjust card max-widths for better mobile display (LocationCard, MultiBillEdit)
- Improve button text sizing with responsive classes (text-sm on mobile, text-xs on sm+)
- Remove width constraints on file inputs and info boxes for full-width mobile layout
- Fine-tune icon positioning for better visual alignment
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Move billStates calculation into useState lazy initializer to prevent recalculation on re-renders
- Initialize allPaidMode based on billStates to reflect actual data state
- Use lazy initialization pattern for better performance
- Remove intermediate variables to simplify code
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add getLocationsByMonth server action with aggregation pipeline to calculate hasAttachment
- Add updateMonth server action for bulk bill status updates with path revalidation
- Create multi-bill-edit page at /home/multi-bill-edit/[year]/[month]
- Implement MultiBillEdit component with toggle functionality for all bills
- Add BillToggleBadge component integration for consistent bill display
- Add "set all as paid/unpaid" toggle button for batch operations
- Implement server-side redirect with success message after save
- Add Suspense boundary with loading skeleton
- Update translations for multi-bill-edit feature (Croatian and English)
- Ensure data freshness with unstable_noStore and revalidatePath
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Display both unpaid and paid bill amounts in LocationCard and MonthCard
- Rename variables for clarity: totalUnpaid, totalPayed, unpaidTotal, payedTotal
- ViewLocationCard uses totalAmount for tenant bills (regardless of payment status)
- Update Croatian translations: "Ukupno neplaćeno" (unpaid), "Ukupno plaćeno" (paid)
- Add ShoppingCartIcon for unpaid amounts, BanknotesIcon for paid amounts
- Update HomePage to calculate and pass both totals to month cards
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Add console.log statements for shareId validation failures in locationActions
- Replace DocumentIcon with TicketIcon for proof-of-payment downloads (consistency)
- Add teal color to all proof-of-payment icons for visual distinction
- Adjust vertical alignment of icons for better visual alignment with text
Debug logging helps troubleshoot:
- shareId extraction failures
- Checksum validation failures
- Location not found errors
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Update attachment download link in UI to use shareId
- Add shareId validation to attachment download route
- Validate TTL before allowing attachment downloads
- Extract locationId from shareId using extractShareId helper
Security:
- Attachment downloads now validate checksum and TTL
- Prevents unauthorized access to bill attachment files
- Returns 404 for invalid/expired share links
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Extract shareId (40 chars) and billID from combined URL parameter
- Validate shareId using validateShareAccess before fetching bill
- Pass shareId to ViewBillCard for secure uploads
- Show error message if share link is invalid or expired
URL format: /share/bill/{shareId}-{billID}
where shareId = locationId (24) + checksum (16) = 40 chars
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changes:
- Secure uploadUtilBillsProofOfPayment with checksum validation
- Update ViewLocationCard to accept and use shareId prop
- Update ViewBillCard to accept shareId and use it for uploads
- Update ViewBillBadge to pass shareId to bill detail pages
- Add client-side validation check for shareId before upload
- Update back button links to use shareId
Security improvements:
- Both per-bill and combined uploads now validate checksum and TTL
- IP-based rate limiting applied to both upload types
- PDF magic bytes validation for both upload types
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add generateShareLink() for owners to create share URLs with checksums
- Add validateShareAccess() to validate checksum and TTL on tenant visits
- Implement automatic TTL reset (10 days → 1 hour after first visit)
- Include automatic cleanup of expired shares
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Added cache revalidation to ensure ViewLocationCard reflects uploaded
proof of payment when navigating back from ViewBillCard:
- Server-side: Added revalidatePath() to upload actions in billActions
and locationActions to invalidate Next.js server cache
- Client-side: Added router.refresh() calls in ViewBillCard and
ViewLocationCard to refresh client router cache after successful upload
This maintains the current UX (no redirect on upload) while ensuring
fresh data is displayed on navigation.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added read-only proof of payment display in bill edit form:
- Shows download link when proofOfPaymentType is "per-bill" and proof exists
- Uses TicketIcon with teal color for visual distinction
- Links to /share/proof-of-payment/per-bill/ download route
- Handles housekeeping case (no display if filename missing)
This allows users to view and download existing proof of payment
while editing a bill, improving transparency and user experience.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed proof of payment download link from old route structure
/share/proof-of-payment/[id]/ to new structure
/share/proof-of-payment/combined/[id]/
This aligns with the reorganized route structure that separates
combined and per-bill proof of payment downloads.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
