156 Commits

Author	SHA1	Message	Date
Lars	e10e9d7eb9	fix: photos now display in History with token auth ... Problem: Photo endpoint requires auth header, but <img src> can't send headers. Solution: - Backend: Added require_auth_flexible() that accepts token via header OR query param - Backend: Photo endpoint uses flexible auth - Frontend: photoUrl() now appends ?token=xxx to URL Photos in History/Verlauf now display correctly. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 22:48:40 +01:00
Lars	a0660e7a40	fix: use api.exportZip/Json instead of window.open ... SettingsPage was still calling window.open() directly, bypassing the auth-enabled fetch methods in api.js. Changed buttons to use api.exportZip() and api.exportJson() which properly include authentication headers. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 22:04:42 +01:00
Lars	0797a8f55c	fix: export endpoints now include auth headers ... Changed from window.open() to fetch() + Blob download. window.open() cannot send custom headers, causing 401 errors. **Changed:** - exportZip: fetch with auth, download blob as .zip - exportJson: fetch with auth, download blob as .json - exportCsv: fetch with auth, download blob as .csv All exports now work with authenticated sessions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 22:00:35 +01:00
Lars	6f0f1ae9b4	fix: send 'password' instead of 'pin' in login request ... Frontend was sending {email, pin} but backend expects {email, password}. This caused 422 Unprocessable Entity errors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 12:04:36 +01:00
Lars Stommer	5091dfd1ce	fix: add auth token to all API calls (prompts, insights, pipeline)	2026-03-16 16:52:36 +01:00
Lars Stommer	89b6c0b072	feat: initial commit – Mitai Jinkendo v9a	2026-03-16 13:35:11 +01:00