From 52cf197ea18e243426f5065250eb50bb525cd0a7 Mon Sep 17 00:00:00 2001
From: Francesco La Camera <fm@lacamera.org>
Date: Tue, 24 Feb 2026 23:55:32 +0100
Subject: [PATCH 1/5] feat(api)!: implement jwt

---
 docs/docs.go                        |  87 +++++++++-------------
 docs/swagger.json                   |  87 +++++++++-------------
 docs/swagger.yaml                   |  60 +++++++---------
 go.mod                              |   1 +
 go.sum                              |   2 +
 internal/api/handler/auth.go        |  62 ----------------
 internal/api/handler/server.go      | 107 ++++++++--------------------
 internal/api/middleware/auth.go     |  11 ++-
 internal/api/middleware/security.go |  21 ------
 internal/api/routes.go              |   7 +-
 internal/config/config.go           |  66 ++++++++---------
 11 files changed, 166 insertions(+), 345 deletions(-)

diff --git a/docs/docs.go b/docs/docs.go
index 7094931..5470daa 100644
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -514,25 +514,6 @@ const docTemplate = `{
                 }
             }
         },
-        "/auth/csrf": {
-            "get": {
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Auth"
-                ],
-                "summary": "Issue CSRF token",
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "$ref": "#/definitions/dto.CsrfResponse"
-                        }
-                    }
-                }
-            }
-        },
         "/auth/forgot": {
             "post": {
                 "consumes": [
@@ -547,15 +528,12 @@ const docTemplate = `{
                 "summary": "Request password reset",
                 "parameters": [
                     {
-                        "description": "{email: string}",
+                        "description": "Forgot Password Info",
                         "name": "request",
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "type": "object",
-                            "additionalProperties": {
-                                "type": "string"
-                            }
+                            "$ref": "#/definitions/dto.ForgotPasswordRequest"
                         }
                     }
                 ],
@@ -611,19 +589,6 @@ const docTemplate = `{
                 }
             }
         },
-        "/auth/logout": {
-            "post": {
-                "tags": [
-                    "Auth"
-                ],
-                "summary": "Log out",
-                "responses": {
-                    "204": {
-                        "description": "No Content"
-                    }
-                }
-            }
-        },
         "/auth/me": {
             "get": {
                 "tags": [
@@ -845,15 +810,12 @@ const docTemplate = `{
                 "summary": "Reset password",
                 "parameters": [
                     {
-                        "description": "{token: string, password: string}",
+                        "description": "Reset Password Info",
                         "name": "request",
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "type": "object",
-                            "additionalProperties": {
-                                "type": "string"
-                            }
+                            "$ref": "#/definitions/dto.ResetPasswordRequest"
                         }
                     }
                 ],
@@ -2028,17 +1990,6 @@ const docTemplate = `{
                 }
             }
         },
-        "dto.CsrfResponse": {
-            "type": "object",
-            "properties": {
-                "csrf": {
-                    "type": "string"
-                },
-                "signups_enabled": {
-                    "type": "boolean"
-                }
-            }
-        },
         "dto.DashboardTrendItem": {
             "type": "object",
             "properties": {
@@ -2203,6 +2154,18 @@ const docTemplate = `{
                 }
             }
         },
+        "dto.ForgotPasswordRequest": {
+            "type": "object",
+            "required": [
+                "email"
+            ],
+            "properties": {
+                "email": {
+                    "type": "string",
+                    "example": "user@fsv-wh.de"
+                }
+            }
+        },
         "dto.Link": {
             "type": "object",
             "properties": {
@@ -2419,6 +2382,24 @@ const docTemplate = `{
                 }
             }
         },
+        "dto.ResetPasswordRequest": {
+            "type": "object",
+            "required": [
+                "password",
+                "token"
+            ],
+            "properties": {
+                "password": {
+                    "type": "string",
+                    "maxLength": 72,
+                    "minLength": 8,
+                    "example": "secret123"
+                },
+                "token": {
+                    "type": "string"
+                }
+            }
+        },
         "dto.SearchResult": {
             "type": "object",
             "properties": {
diff --git a/docs/swagger.json b/docs/swagger.json
index 5eb202e..bd7d0d9 100644
--- a/docs/swagger.json
+++ b/docs/swagger.json
@@ -507,25 +507,6 @@
                 }
             }
         },
-        "/auth/csrf": {
-            "get": {
-                "produces": [
-                    "application/json"
-                ],
-                "tags": [
-                    "Auth"
-                ],
-                "summary": "Issue CSRF token",
-                "responses": {
-                    "200": {
-                        "description": "OK",
-                        "schema": {
-                            "$ref": "#/definitions/dto.CsrfResponse"
-                        }
-                    }
-                }
-            }
-        },
         "/auth/forgot": {
             "post": {
                 "consumes": [
@@ -540,15 +521,12 @@
                 "summary": "Request password reset",
                 "parameters": [
                     {
-                        "description": "{email: string}",
+                        "description": "Forgot Password Info",
                         "name": "request",
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "type": "object",
-                            "additionalProperties": {
-                                "type": "string"
-                            }
+                            "$ref": "#/definitions/dto.ForgotPasswordRequest"
                         }
                     }
                 ],
@@ -604,19 +582,6 @@
                 }
             }
         },
-        "/auth/logout": {
-            "post": {
-                "tags": [
-                    "Auth"
-                ],
-                "summary": "Log out",
-                "responses": {
-                    "204": {
-                        "description": "No Content"
-                    }
-                }
-            }
-        },
         "/auth/me": {
             "get": {
                 "tags": [
@@ -838,15 +803,12 @@
                 "summary": "Reset password",
                 "parameters": [
                     {
-                        "description": "{token: string, password: string}",
+                        "description": "Reset Password Info",
                         "name": "request",
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "type": "object",
-                            "additionalProperties": {
-                                "type": "string"
-                            }
+                            "$ref": "#/definitions/dto.ResetPasswordRequest"
                         }
                     }
                 ],
@@ -2021,17 +1983,6 @@
                 }
             }
         },
-        "dto.CsrfResponse": {
-            "type": "object",
-            "properties": {
-                "csrf": {
-                    "type": "string"
-                },
-                "signups_enabled": {
-                    "type": "boolean"
-                }
-            }
-        },
         "dto.DashboardTrendItem": {
             "type": "object",
             "properties": {
@@ -2196,6 +2147,18 @@
                 }
             }
         },
+        "dto.ForgotPasswordRequest": {
+            "type": "object",
+            "required": [
+                "email"
+            ],
+            "properties": {
+                "email": {
+                    "type": "string",
+                    "example": "user@fsv-wh.de"
+                }
+            }
+        },
         "dto.Link": {
             "type": "object",
             "properties": {
@@ -2412,6 +2375,24 @@
                 }
             }
         },
+        "dto.ResetPasswordRequest": {
+            "type": "object",
+            "required": [
+                "password",
+                "token"
+            ],
+            "properties": {
+                "password": {
+                    "type": "string",
+                    "maxLength": 72,
+                    "minLength": 8,
+                    "example": "secret123"
+                },
+                "token": {
+                    "type": "string"
+                }
+            }
+        },
         "dto.SearchResult": {
             "type": "object",
             "properties": {
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
index 2621b75..eda6acb 100644
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -142,13 +142,6 @@ definitions:
     - body
     - title
     type: object
-  dto.CsrfResponse:
-    properties:
-      csrf:
-        type: string
-      signups_enabled:
-        type: boolean
-    type: object
   dto.DashboardTrendItem:
     properties:
       count:
@@ -257,6 +250,14 @@ definitions:
       title:
         type: string
     type: object
+  dto.ForgotPasswordRequest:
+    properties:
+      email:
+        example: user@fsv-wh.de
+        type: string
+    required:
+    - email
+    type: object
   dto.Link:
     properties:
       label:
@@ -402,6 +403,19 @@ definitions:
     - name
     - password
     type: object
+  dto.ResetPasswordRequest:
+    properties:
+      password:
+        example: secret123
+        maxLength: 72
+        minLength: 8
+        type: string
+      token:
+        type: string
+    required:
+    - password
+    - token
+    type: object
   dto.SearchResult:
     properties:
       id:
@@ -828,31 +842,17 @@ paths:
       summary: Get user avatar
       tags:
       - Auth
-  /auth/csrf:
-    get:
-      produces:
-      - application/json
-      responses:
-        "200":
-          description: OK
-          schema:
-            $ref: '#/definitions/dto.CsrfResponse'
-      summary: Issue CSRF token
-      tags:
-      - Auth
   /auth/forgot:
     post:
       consumes:
       - application/json
       parameters:
-      - description: '{email: string}'
+      - description: Forgot Password Info
         in: body
         name: request
         required: true
         schema:
-          additionalProperties:
-            type: string
-          type: object
+          $ref: '#/definitions/dto.ForgotPasswordRequest'
       produces:
       - application/json
       responses:
@@ -890,14 +890,6 @@ paths:
       summary: Log in
       tags:
       - Auth
-  /auth/logout:
-    post:
-      responses:
-        "204":
-          description: No Content
-      summary: Log out
-      tags:
-      - Auth
   /auth/me:
     get:
       responses:
@@ -1037,14 +1029,12 @@ paths:
       consumes:
       - application/json
       parameters:
-      - description: '{token: string, password: string}'
+      - description: Reset Password Info
         in: body
         name: request
         required: true
         schema:
-          additionalProperties:
-            type: string
-          type: object
+          $ref: '#/definitions/dto.ResetPasswordRequest'
       produces:
       - application/json
       responses:
diff --git a/go.mod b/go.mod
index a91bc34..270e081 100644
--- a/go.mod
+++ b/go.mod
@@ -52,6 +52,7 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-sql-driver/mysql v1.9.3 // indirect
+	github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
 	github.com/google/cel-go v0.26.1 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
diff --git a/go.sum b/go.sum
index a4c8ec5..5d60e06 100644
--- a/go.sum
+++ b/go.sum
@@ -77,6 +77,8 @@ github.com/go-playground/validator/v10 v10.30.1 h1:f3zDSN/zOma+w6+1Wswgd9fLkdwy0
 github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5hc2Tu889bF0Idm9Dg26cM=
 github.com/go-sql-driver/mysql v1.9.3 h1:U/N249h2WzJ3Ukj8SowVFjdtZKfu9vlLZxjPXV1aweo=
 github.com/go-sql-driver/mysql v1.9.3/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
+github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY=
+github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
diff --git a/internal/api/handler/auth.go b/internal/api/handler/auth.go
index ce5966d..169f8a0 100644
--- a/internal/api/handler/auth.go
+++ b/internal/api/handler/auth.go
@@ -12,7 +12,6 @@ import (
 	"time"
 
 	"github.com/fachschaftinformatik/web/internal/api/dto"
-	"github.com/fachschaftinformatik/web/internal/api/middleware"
 	"github.com/fachschaftinformatik/web/internal/database"
 	"github.com/fachschaftinformatik/web/internal/id"
 	"github.com/fachschaftinformatik/web/internal/storage"
@@ -243,32 +242,6 @@ func (s *Server) PostAuthLogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	s.SetCookie(w, SessionCookieName, "", -time.Hour, true)
-
-	sessionID := id.New().String()
-	duration := SessionDuration
-	if payload.Remember {
-		duration = 30 * 24 * time.Hour
-	}
-	expiresAt := time.Now().Add(duration)
-
-	ua := r.UserAgent()
-	ip := r.RemoteAddr
-
-	_, err = s.DB.CreateSession(r.Context(), database.CreateSessionParams{
-		ID:        sessionID,
-		UserID:    dbUser.ID,
-		ExpiresAt: expiresAt.UTC().Format(time.RFC3339),
-		UserAgent: &ua,
-		IpAddress: &ip,
-	})
-	if err != nil {
-		s.Log.Error("Failed to create session", "err", err)
-		s.JsonError(w, "server_error", "Could not create session", http.StatusInternalServerError)
-		return
-	}
-
-	s.SetCookie(w, SessionCookieName, sessionID, duration, true)
 	s.RespondJSON(w, http.StatusOK, s.toUserResponse(dbUser))
 }
 
@@ -351,41 +324,6 @@ func (s *Server) PutAuthMe(w http.ResponseWriter, r *http.Request) {
 	s.RespondJSON(w, http.StatusOK, s.toUserResponse(updatedUser))
 }
 
-// @Summary Log out
-// @Tags Auth
-// @Success 204
-// @Router /auth/logout [post]
-func (s *Server) PostAuthLogout(w http.ResponseWriter, r *http.Request) {
-	session, ok := r.Context().Value(middleware.SessionKey).(database.Session)
-	if !ok {
-		s.JsonError(w, "unauthorized", "Not logged in", http.StatusUnauthorized)
-		return
-	}
-
-	_ = s.DB.DeleteSession(r.Context(), session.ID)
-
-	s.SetCookie(w, SessionCookieName, "", -time.Hour, true)
-	s.SetCookie(w, CsrfCookieName, "", -time.Hour, false)
-
-	// Thoroughly flush browser state
-	w.Header().Set("Clear-Site-Data", "\"cookies\", \"cache\"")
-	w.WriteHeader(http.StatusNoContent)
-}
-
-// @Summary Issue CSRF token
-// @Tags Auth
-// @Produce json
-// @Success 200 {object} dto.CsrfResponse
-// @Router /auth/csrf [get]
-func (s *Server) GetAuthCsrf(w http.ResponseWriter, r *http.Request) {
-	csrfToken := uuid.NewString()
-	s.SetCookie(w, CsrfCookieName, csrfToken, CsrfDuration, false)
-	s.RespondJSON(w, http.StatusOK, dto.CsrfResponse{
-		Csrf:           csrfToken,
-		SignupsEnabled: s.Config.SignupsEnabled,
-	})
-}
-
 // @Summary List users
 // @Tags Users
 // @Param limit query int false "Limit"
diff --git a/internal/api/handler/server.go b/internal/api/handler/server.go
index 2530e82..e17b882 100644
--- a/internal/api/handler/server.go
+++ b/internal/api/handler/server.go
@@ -3,9 +3,9 @@ package handler
 import (
 	"encoding/json"
 	"errors"
+	"fmt"
 	"net/http"
 	"strings"
-	"time"
 
 	"github.com/fachschaftinformatik/web/internal/api/dto"
 	"github.com/fachschaftinformatik/web/internal/api/middleware"
@@ -17,15 +17,12 @@ import (
 	"github.com/fachschaftinformatik/web/internal/storage"
 	"github.com/go-chi/httplog/v2"
 	"github.com/go-playground/validator/v10"
+	"github.com/golang-jwt/jwt/v5"
 	"github.com/microcosm-cc/bluemonday"
 )
 
 const (
-	SessionCookieName = "__Host-session"
-	CsrfCookieName    = "__Host-csrf"
-	SessionDuration   = 24 * time.Hour
-	CsrfDuration      = 24 * time.Hour
-	maxUploadSize     = 256 << 20 // 256 MB
+	maxUploadSize = 256 << 20 // 256 MB
 )
 
 type Server struct {
@@ -129,92 +126,50 @@ func (s *Server) ToPublicUserResponse(user database.User) dto.PublicUserResponse
 	}
 }
 
-func (s *Server) SetCookie(w http.ResponseWriter, name string, value string, maxAge time.Duration, httpOnly bool) {
-	actualName := name
-	if !s.SecureCookies {
-		actualName = strings.TrimPrefix(name, "__Host-")
+func (s *Server) Authenticate(w http.ResponseWriter, r *http.Request) (database.User, error) {
+	authHeader := r.Header.Get("Authorization")
+	if authHeader == "" {
+		return database.User{}, errors.New("authorization header missing")
 	}
 
-	cookie := &http.Cookie{
-		Name:     actualName,
-		Value:    value,
-		Path:     "/",
-		MaxAge:   int(maxAge.Seconds()),
-		HttpOnly: httpOnly,
-		Secure:   s.SecureCookies,
-		SameSite: http.SameSiteLaxMode,
-	}
-	http.SetCookie(w, cookie)
-}
-
-func (s *Server) Authenticate(w http.ResponseWriter, r *http.Request) (database.Session, database.User, error) {
-	name := SessionCookieName
-	if !s.SecureCookies {
-		name = strings.TrimPrefix(name, "__Host-")
-	}
-
-	cookie, err := r.Cookie(name)
-	if err != nil {
-		return database.Session{}, database.User{}, errors.New("session cookie not found")
+	parts := strings.Split(authHeader, " ")
+	if len(parts) != 2 || strings.ToLower(parts[0]) != "bearer" {
+		return database.User{}, errors.New("invalid authorization header format")
 	}
 
-	sessionID := cookie.Value
-	ctx := r.Context()
+	tokenString := parts[1]
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+		return []byte(s.Config.InternalJWTSecret), nil
+	})
 
-	session, err := s.DB.GetSession(ctx, sessionID)
-	if err != nil {
-		return database.Session{}, database.User{}, errors.New("invalid session")
+	if err != nil || !token.Valid {
+		return database.User{}, errors.New("invalid or expired token")
 	}
 
-	if session.UserAgent != nil && *session.UserAgent != r.UserAgent() {
-		s.Log.Warn("Session user agent mismatch (potential hijack or browser update)", "sessionID", session.ID, "expectedUA", *session.UserAgent, "gotUA", r.UserAgent())
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok {
+		return database.User{}, errors.New("invalid token claims")
 	}
 
-	expiresAt, err := time.Parse(time.RFC3339, session.ExpiresAt)
-	if err != nil || expiresAt.Before(time.Now()) {
-		return database.Session{}, database.User{}, errors.New("session expired or invalid")
+	sub, ok := claims["sub"].(string)
+	if !ok {
+		return database.User{}, errors.New("subject claim missing in token")
 	}
 
-	lastSeen, err := time.Parse(time.RFC3339, session.LastSeen)
-	if err == nil && time.Since(lastSeen) > 5*time.Minute {
-		createdAt, err := time.Parse(time.RFC3339, session.CreatedAt)
-		if err != nil {
-			createdAt = time.Now()
-		}
-
-		extension := SessionDuration
-		if expiresAt.Sub(createdAt) > 25*time.Hour {
-			extension = 30 * 24 * time.Hour
-		}
-
-		newExpires := time.Now().UTC().Add(extension).Format(time.RFC3339)
-		s.DB.SlideSession(ctx, database.SlideSessionParams{
-			ID:        session.ID,
-			ExpiresAt: newExpires,
-		})
-	}
-
-	user, err := s.DB.GetUser(ctx, session.UserID)
+	uid, err := id.Parse(sub)
 	if err != nil {
-		return database.Session{}, database.User{}, errors.New("user not found")
+		return database.User{}, errors.New("invalid user id in token")
 	}
 
-	return session, user, nil
-}
-
-func (s *Server) CheckCSRF(r *http.Request) error {
-	headerToken := r.Header.Get("X-CSRF-Token")
-
-	name := CsrfCookieName
-	if !s.SecureCookies {
-		name = strings.TrimPrefix(name, "__Host-")
+	user, err := s.DB.GetUser(r.Context(), int64(uid))
+	if err != nil {
+		return database.User{}, errors.New("user not found")
 	}
 
-	cookie, err := r.Cookie(name)
-	if headerToken == "" || err != nil || headerToken != cookie.Value {
-		return errors.New("invalid CSRF token")
-	}
-	return nil
+	return user, nil
 }
 
 func (s *Server) BoolToInt(b bool) int64 {
diff --git a/internal/api/middleware/auth.go b/internal/api/middleware/auth.go
index 12973a0..c19c7de 100644
--- a/internal/api/middleware/auth.go
+++ b/internal/api/middleware/auth.go
@@ -8,19 +8,18 @@ import (
 )
 
 type AuthProvider interface {
-	Authenticate(w http.ResponseWriter, r *http.Request) (database.Session, database.User, error)
+	Authenticate(w http.ResponseWriter, r *http.Request) (database.User, error)
 	JsonError(w http.ResponseWriter, err, msg string, status int)
 }
 
 const (
-	UserKey    = "user"
-	SessionKey = "session"
+	UserKey = "user"
 )
 
 func RequireAuth(provider AuthProvider) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			session, user, err := provider.Authenticate(w, r)
+			user, err := provider.Authenticate(w, r)
 			if err != nil {
 				provider.JsonError(w, "unauthorized", "Authentication required", http.StatusUnauthorized)
 				return
@@ -34,7 +33,6 @@ func RequireAuth(provider AuthProvider) func(http.Handler) http.Handler {
 				return
 			}
 			ctx := context.WithValue(r.Context(), UserKey, user)
-			ctx = context.WithValue(ctx, SessionKey, session)
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}
@@ -43,10 +41,9 @@ func RequireAuth(provider AuthProvider) func(http.Handler) http.Handler {
 func OptionalAuth(provider AuthProvider) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			session, user, err := provider.Authenticate(w, r)
+			user, err := provider.Authenticate(w, r)
 			if err == nil && user.Active == 1 && user.Verified == 1 {
 				ctx := context.WithValue(r.Context(), UserKey, user)
-				ctx = context.WithValue(ctx, SessionKey, session)
 				next.ServeHTTP(w, r.WithContext(ctx))
 				return
 			}
diff --git a/internal/api/middleware/security.go b/internal/api/middleware/security.go
index cdb4dc7..15f3b9b 100644
--- a/internal/api/middleware/security.go
+++ b/internal/api/middleware/security.go
@@ -4,27 +4,6 @@ import (
 	"net/http"
 )
 
-type CSRFProvider interface {
-	CheckCSRF(r *http.Request) error
-	JsonError(w http.ResponseWriter, err, msg string, status int)
-}
-
-func RequireCSRF(provider CSRFProvider) func(http.Handler) http.Handler {
-	return func(next http.Handler) http.Handler {
-		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if r.Method == "GET" || r.Method == "HEAD" || r.Method == "OPTIONS" || r.Method == "TRACE" {
-				next.ServeHTTP(w, r)
-				return
-			}
-			if err := provider.CheckCSRF(r); err != nil {
-				provider.JsonError(w, "invalid_csrf", err.Error(), http.StatusForbidden)
-				return
-			}
-			next.ServeHTTP(w, r)
-		})
-	}
-}
-
 func SecurityHeaders(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if w.Header().Get("X-Frame-Options") == "" {
diff --git a/internal/api/routes.go b/internal/api/routes.go
index 4f0cd81..cc96ae4 100644
--- a/internal/api/routes.go
+++ b/internal/api/routes.go
@@ -24,7 +24,7 @@ func NewRouter(s *handler.Server, logger *httplog.Logger) http.Handler {
 	r.Use(cors.Handler(cors.Options{
 		AllowedOrigins:   []string{s.Config.Domain},
 		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
-		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type"},
 		ExposedHeaders:   []string{"Link", "X-Total-Count"},
 		AllowCredentials: true,
 		MaxAge:           300,
@@ -35,8 +35,6 @@ func NewRouter(s *handler.Server, logger *httplog.Logger) http.Handler {
 	r.Get("/swagger/*", httpSwagger.WrapHandler)
 
 	r.Route("/api/v1", func(r chi.Router) {
-		r.Get("/auth/csrf", s.GetAuthCsrf)
-
 		r.Group(func(r chi.Router) {
 			r.Use(httprate.LimitByIP(20, 1*time.Minute))
 			r.Post("/auth/login", s.PostAuthLogin)
@@ -63,7 +61,6 @@ func NewRouter(s *handler.Server, logger *httplog.Logger) http.Handler {
 		r.Get("/media/{mediaId}/preview", s.GetMediaPreview)
 
 		r.Group(func(r chi.Router) {
-			r.Use(middleware.RequireCSRF(s))
 			r.Use(middleware.OptionalAuth(s))
 			r.Get("/discussions", s.GetDiscussions)
 			r.Get("/discussions/{postId}", s.GetDiscussionsId)
@@ -74,10 +71,8 @@ func NewRouter(s *handler.Server, logger *httplog.Logger) http.Handler {
 		})
 
 		r.Group(func(r chi.Router) {
-			r.Use(middleware.RequireCSRF(s))
 			r.Use(middleware.RequireAuth(s))
 
-			r.Post("/auth/logout", s.PostAuthLogout)
 			r.Get("/auth/me", s.GetAuthMe)
 			r.Put("/auth/me", s.PutAuthMe)
 			r.Post("/auth/me/avatar", s.PostAuthAvatar)
diff --git a/internal/config/config.go b/internal/config/config.go
index 9928019..791e6ca 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -3,42 +3,44 @@ package config
 import "os"
 
 type Config struct {
-	HTTPPort       string
-	SecureCookies  bool
-	DatabaseUrl    string
-	Domain         string
-	SMTPHost       string
-	SMTPPort       string
-	SMTPUser       string
-	SMTPPass       string
-	SMTPFrom       string
-	S3Endpoint     string
-	S3Bucket       string
-	S3AccessKey    string
-	S3SecretKey    string
-	S3UseSSL       bool
-	SignupsVerify  bool
-	SignupsEnabled bool
+	HTTPPort          string
+	SecureCookies     bool
+	DatabaseUrl       string
+	Domain            string
+	SMTPHost          string
+	SMTPPort          string
+	SMTPUser          string
+	SMTPPass          string
+	SMTPFrom          string
+	S3Endpoint        string
+	S3Bucket          string
+	S3AccessKey       string
+	S3SecretKey       string
+	S3UseSSL          bool
+	SignupsVerify     bool
+	SignupsEnabled    bool
+	InternalJWTSecret string
 }
 
 func New() *Config {
 	return &Config{
-		HTTPPort:       getEnv("HTTP_PORT", "80"),
-		SecureCookies:  getEnv("SECURE_COOKIES", "true") == "true",
-		DatabaseUrl:    getEnv("DATABASE_URL", "file:/data/sqlite.db?_journal_mode=WAL&_foreign_keys=on&_recursive_triggers=off&_busy_timeout=5000"),
-		Domain:         getEnv("DOMAIN", "http://localhost:3000"),
-		SMTPHost:       getEnv("SMTP_HOST", ""),
-		SMTPPort:       getEnv("SMTP_PORT", ""),
-		SMTPUser:       getEnv("SMTP_USERNAME", ""),
-		SMTPPass:       getEnv("SMTP_PASSWORD", ""),
-		SMTPFrom:       getEnv("SMTP_FROM", ""),
-		S3Endpoint:     getEnv("S3_ENDPOINT", ""),
-		S3Bucket:       getEnv("S3_BUCKET", ""),
-		S3AccessKey:    getEnv("S3_ACCESS_KEY", ""),
-		S3SecretKey:    getEnv("S3_SECRET_KEY", ""),
-		S3UseSSL:       getEnv("S3_USE_SSL", "false") == "true",
-		SignupsVerify:  getEnv("SIGNUPS_VERIFY", "true") == "true",
-		SignupsEnabled: getEnv("SIGNUPS_ENABLED", "true") == "true",
+		HTTPPort:          getEnv("HTTP_PORT", "80"),
+		SecureCookies:     getEnv("SECURE_COOKIES", "true") == "true",
+		DatabaseUrl:       getEnv("DATABASE_URL", "file:/data/sqlite.db?_journal_mode=WAL&_foreign_keys=on&_recursive_triggers=off&_busy_timeout=5000"),
+		Domain:            getEnv("DOMAIN", "http://localhost:3000"),
+		SMTPHost:          getEnv("SMTP_HOST", ""),
+		SMTPPort:          getEnv("SMTP_PORT", ""),
+		SMTPUser:          getEnv("SMTP_USERNAME", ""),
+		SMTPPass:          getEnv("SMTP_PASSWORD", ""),
+		SMTPFrom:          getEnv("SMTP_FROM", ""),
+		S3Endpoint:        getEnv("S3_ENDPOINT", ""),
+		S3Bucket:          getEnv("S3_BUCKET", ""),
+		S3AccessKey:       getEnv("S3_ACCESS_KEY", ""),
+		S3SecretKey:       getEnv("S3_SECRET_KEY", ""),
+		S3UseSSL:          getEnv("S3_USE_SSL", "false") == "true",
+		SignupsVerify:     getEnv("SIGNUPS_VERIFY", "true") == "true",
+		SignupsEnabled:    getEnv("SIGNUPS_ENABLED", "true") == "true",
+		InternalJWTSecret: getEnv("INTERNAL_JWT_SECRET", "change-me-internal-secret"),
 	}
 }
 

From 42f4992204a9274765c5e2b9dede05a43a71bcb3 Mon Sep 17 00:00:00 2001
From: Francesco La Camera <fm@lacamera.org>
Date: Tue, 24 Feb 2026 23:56:40 +0100
Subject: [PATCH 2/5] feat(website)!: migrate to next-auth and jwt for sessions

---
 website/app/(auth)/AuthPage.tsx              |  49 +++-----
 website/app/(auth)/forgot/page.tsx           |   4 +-
 website/app/(auth)/reset/page.tsx            |   4 +-
 website/app/admin/layout.tsx                 |   5 -
 website/app/api/auth/[...nextauth]/route.ts  |   2 +
 website/app/archive/layout.tsx               |   5 -
 website/app/archive/page.tsx                 |   3 -
 website/app/d/[postId]/edit/layout.tsx       |   5 -
 "website/app/d/\\[postId\\]/edit/layout.tsx" |   3 +
 website/app/d/new/layout.tsx                 |   5 -
 website/app/guards.tsx                       |  45 -------
 website/app/providers.tsx                    |  34 ++----
 website/app/settings/layout.tsx              |   5 -
 website/auth.ts                              |  68 +++++++++++
 website/bun.lock                             |  16 +++
 website/next.config.ts                       |   9 +-
 website/package.json                         |   2 +
 website/proxy.ts                             |  78 ++++++++----
 website/src/lib/api/index.ts                 |   4 +-
 website/src/lib/api/sdk.gen.ts               |  12 +-
 website/src/lib/api/types.gen.ts             |  56 ++-------
 website/src/lib/api/zod.gen.ts               |  35 ++----
 website/src/lib/auth.tsx                     | 120 +++----------------
 website/src/lib/csrf.ts                      |  61 ----------
 website/tsconfig.json                        |  13 +-
 25 files changed, 221 insertions(+), 422 deletions(-)
 delete mode 100644 website/app/admin/layout.tsx
 create mode 100644 website/app/api/auth/[...nextauth]/route.ts
 delete mode 100644 website/app/archive/layout.tsx
 delete mode 100644 website/app/d/[postId]/edit/layout.tsx
 create mode 100644 "website/app/d/\\[postId\\]/edit/layout.tsx"
 delete mode 100644 website/app/d/new/layout.tsx
 delete mode 100644 website/app/guards.tsx
 delete mode 100644 website/app/settings/layout.tsx
 create mode 100644 website/auth.ts
 delete mode 100644 website/src/lib/csrf.ts

diff --git a/website/app/(auth)/AuthPage.tsx b/website/app/(auth)/AuthPage.tsx
index b175343..ffaf103 100644
--- a/website/app/(auth)/AuthPage.tsx
+++ b/website/app/(auth)/AuthPage.tsx
@@ -41,12 +41,12 @@ import CheckCircleOutlineRounded from '@mui/icons-material/CheckCircleOutlineRou
 import HelpOutlineRounded from '@mui/icons-material/HelpOutlineRounded';
 
 import { useThemeMode } from '@lib/theme';
-import { postAuthLogin, postAuthRegister, getPrograms } from '@lib/api';
+import { postAuthRegister, getPrograms } from '@lib/api';
 import type { DtoProgramResponse as Program } from '@lib/api';
-import { useAuth, REMEMBERED_FLAG_KEY } from '@lib/auth';
+import { useAuth } from '@lib/auth';
 import { translateError } from '@lib/errors';
 import { zDtoLoginRequest, zDtoRegisterRequest } from '@lib/api/zod.gen';
-import { fetchCsrfToken } from '@lib/csrf';
+import { signIn } from 'next-auth/react';
 
 const ALLOWED_DOMAINS = ['@studmail.w-hs.de', '@fsv-wh.de'];
 
@@ -106,29 +106,12 @@ export default function AuthPage() {
     const [showConfirmPassword, setShowConfirmPassword] = useState(false);
     const [programs, setPrograms] = useState<Program[]>([]);
     const [signupsEnabled, setSignupsEnabled] = useState(true);
-    const [rememberMe, setRememberMe] = useState(() => {
-        if (typeof window === 'undefined') return false;
-        return window.localStorage.getItem(REMEMBERED_FLAG_KEY) === 'true';
-    });
+    const [rememberMe, setRememberMe] = useState(false);
 
 
-    const { login } = useAuth();
     const { mode, setPreference } = useThemeMode();
     const theme = useTheme();
 
-    useEffect(() => {
-        fetchCsrfToken().then(data => {
-            if (data) {
-                const enabled = data.signups_enabled ?? true;
-                setSignupsEnabled(enabled);
-                if (!enabled && tabValue === 1) {
-                    setTabValue(0);
-                    router.push('/login');
-                }
-            }
-        });
-    }, [router, tabValue]);
-
     useEffect(() => {
         if (tabValue === 1 && programs.length === 0) {
             getPrograms()
@@ -182,25 +165,21 @@ export default function AuthPage() {
 
             const { emailPrefix, emailDomain, password } = validationResult.data;
             try {
-                const { data: user, error: apiError } = await postAuthLogin({
-                    body: { 
-                        email: `${emailPrefix}${emailDomain}`, 
-                        password,
-                        remember: rememberMe
-                    }
+                const result = await signIn('credentials', {
+                    email: `${emailPrefix}${emailDomain}`,
+                    password,
+                    redirect: false,
                 });
 
-                if (apiError) {
-                    setErrors({ global: translateError(apiError) });
+                if (result?.error) {
+                    setErrors({ global: "Ungültige E-Mail oder Passwort." });
                     setLoading(false);
                     return;
                 }
-                if (user) {
-                    login(user, rememberMe);
-                    router.push(`/u/${user.id}`);
-                }
+                
+                router.push('/');
             } catch (err) {
-                setErrors({ global: translateError(err) });
+                setErrors({ global: "Anmeldung fehlgeschlagen." });
             } finally {
                 setLoading(false);
             }
@@ -497,7 +476,7 @@ export default function AuthPage() {
                                     <Button
                                         type="button"
                                         component={Link}
-                                        href="/auth/forgot"
+                                        href="/forgot"
                                         size="small"
                                         sx={{
                                             color: 'text.secondary',
diff --git a/website/app/(auth)/forgot/page.tsx b/website/app/(auth)/forgot/page.tsx
index dfc6c21..c7d108c 100644
--- a/website/app/(auth)/forgot/page.tsx
+++ b/website/app/(auth)/forgot/page.tsx
@@ -17,7 +17,6 @@ import LockResetRoundedIcon from '@mui/icons-material/LockResetRounded';
 import ArrowBackRounded from '@mui/icons-material/ArrowBackRounded';
 import CheckCircleOutlineRounded from '@mui/icons-material/CheckCircleOutlineRounded';
 import ErrorOutlineRounded from '@mui/icons-material/ErrorOutlineRounded';
-import { getCsrfFromCookie } from '@lib/csrf';
 import MenuItem from '@mui/material/MenuItem';
 import Link from 'next/link';
 
@@ -39,8 +38,7 @@ export default function ForgotPage() {
             const res = await fetch('/api/v1/auth/forgot', {
                 method: 'POST',
                 headers: {
-                    'Content-Type': 'application/json',
-                    'X-CSRF-Token': getCsrfFromCookie() || ''
+                    'Content-Type': 'application/json'
                 },
                 body: JSON.stringify({ email: `${emailPrefix}${emailDomain}` })
             });
diff --git a/website/app/(auth)/reset/page.tsx b/website/app/(auth)/reset/page.tsx
index 29c6fc5..2ef7a31 100644
--- a/website/app/(auth)/reset/page.tsx
+++ b/website/app/(auth)/reset/page.tsx
@@ -24,7 +24,6 @@ import LockOpenRoundedIcon from '@mui/icons-material/LockOpenRounded';
 import CheckCircleOutlineRounded from '@mui/icons-material/CheckCircleOutlineRounded';
 import ErrorOutlineRounded from '@mui/icons-material/ErrorOutlineRounded';
 import ArrowBackRounded from '@mui/icons-material/ArrowBackRounded';
-import { getCsrfFromCookie } from '@lib/csrf';
 import Link from 'next/link';
 import { PageLoader } from '@components/layout';
 
@@ -53,8 +52,7 @@ function ResetForm() {
             const res = await fetch('/api/v1/auth/reset', {
                 method: 'POST',
                 headers: {
-                    'Content-Type': 'application/json',
-                    'X-CSRF-Token': getCsrfFromCookie() || ''
+                    'Content-Type': 'application/json'
                 },
                 body: JSON.stringify({ token, password })
             });
diff --git a/website/app/admin/layout.tsx b/website/app/admin/layout.tsx
deleted file mode 100644
index 9f9127b..0000000
--- a/website/app/admin/layout.tsx
+++ /dev/null
@@ -1,5 +0,0 @@
-import { AdminGuard } from '../guards';
-
-export default function AdminLayout({ children }: { children: React.ReactNode }) {
-  return <AdminGuard>{children}</AdminGuard>;
-}
diff --git a/website/app/api/auth/[...nextauth]/route.ts b/website/app/api/auth/[...nextauth]/route.ts
new file mode 100644
index 0000000..1f810e5
--- /dev/null
+++ b/website/app/api/auth/[...nextauth]/route.ts
@@ -0,0 +1,2 @@
+import { handlers } from "../../../../auth"
+export const { GET, POST } = handlers
diff --git a/website/app/archive/layout.tsx b/website/app/archive/layout.tsx
deleted file mode 100644
index 7bf82a0..0000000
--- a/website/app/archive/layout.tsx
+++ /dev/null
@@ -1,5 +0,0 @@
-import { ProtectedGuard } from '../guards';
-
-export default function ArchiveLayout({ children }: { children: React.ReactNode }) {
-  return <ProtectedGuard>{children}</ProtectedGuard>;
-}
diff --git a/website/app/archive/page.tsx b/website/app/archive/page.tsx
index acf7477..a646ac7 100644
--- a/website/app/archive/page.tsx
+++ b/website/app/archive/page.tsx
@@ -131,9 +131,6 @@ function UploadDialog({ open, onClose, programs, onSuccess }: { open: boolean; o
                         module_id: String(a.module.id),
                         version: a.version,
                         comment: comment || undefined
-                    },
-                    headers: {
-                        'X-CSRF-Token': ''
                     }
                 });
 
diff --git a/website/app/d/[postId]/edit/layout.tsx b/website/app/d/[postId]/edit/layout.tsx
deleted file mode 100644
index 1247e68..0000000
--- a/website/app/d/[postId]/edit/layout.tsx
+++ /dev/null
@@ -1,5 +0,0 @@
-import { ProtectedGuard } from '../../../guards';
-
-export default function EditPostLayout({ children }: { children: React.ReactNode }) {
-  return <ProtectedGuard>{children}</ProtectedGuard>;
-}
diff --git "a/website/app/d/\\[postId\\]/edit/layout.tsx" "b/website/app/d/\\[postId\\]/edit/layout.tsx"
new file mode 100644
index 0000000..672fbbe
--- /dev/null
+++ "b/website/app/d/\\[postId\\]/edit/layout.tsx"
@@ -0,0 +1,3 @@
+export default function EditPostLayout({ children }: { children: React.ReactNode }) {
+  return <>{children}</>;
+}
diff --git a/website/app/d/new/layout.tsx b/website/app/d/new/layout.tsx
deleted file mode 100644
index 9c3176d..0000000
--- a/website/app/d/new/layout.tsx
+++ /dev/null
@@ -1,5 +0,0 @@
-import { ProtectedGuard } from '../../guards';
-
-export default function NewPostLayout({ children }: { children: React.ReactNode }) {
-  return <ProtectedGuard>{children}</ProtectedGuard>;
-}
diff --git a/website/app/guards.tsx b/website/app/guards.tsx
deleted file mode 100644
index dc35bc3..0000000
--- a/website/app/guards.tsx
+++ /dev/null
@@ -1,45 +0,0 @@
-'use client';
-
-import { useAuth } from '@lib/auth';
-import { useRouter, usePathname } from 'next/navigation';
-import { useEffect } from 'react';
-import { PageLoader } from '@components/layout';
-
-export function ProtectedGuard({ children }: { children: React.ReactNode }) {
-  const { user, isLoading } = useAuth();
-  const router = useRouter();
-  const pathname = usePathname();
-
-  useEffect(() => {
-    if (!isLoading && !user) {
-      router.replace(`/login?from=${encodeURIComponent(pathname)}`);
-    }
-  }, [user, isLoading, router, pathname]);
-
-  if (isLoading || !user) {
-    return <PageLoader />;
-  }
-
-  return <>{children}</>;
-}
-
-export function AdminGuard({ children }: { children: React.ReactNode }) {
-  const { user, isLoading } = useAuth();
-  const router = useRouter();
-
-  useEffect(() => {
-    if (!isLoading) {
-      if (!user) {
-        router.replace('/login');
-      } else if (user.role !== 'admin') {
-        router.replace('/');
-      }
-    }
-  }, [user, isLoading, router]);
-
-  if (isLoading || !user || user.role !== 'admin') {
-    return <PageLoader />;
-  }
-
-  return <>{children}</>;
-}
diff --git a/website/app/providers.tsx b/website/app/providers.tsx
index e9bcaea..872d665 100644
--- a/website/app/providers.tsx
+++ b/website/app/providers.tsx
@@ -4,6 +4,7 @@ import * as React from 'react';
 import { AppRouterCacheProvider } from '@mui/material-nextjs/v16-appRouter';
 import { ThemeModeProvider } from '@lib/theme';
 import { AuthProvider } from '@lib/auth';
+import { SessionProvider } from 'next-auth/react';
 import { client } from '@lib/api/client.gen';
 
 // Initialize API client
@@ -12,37 +13,18 @@ if (typeof window !== 'undefined') {
     baseUrl: '/api/v1',
     credentials: 'include',
   });
-
-  // CSRF Interceptor moved from App.tsx
-  client.interceptors.request.use(async (request) => {
-    const method = request.method.toUpperCase();
-    const stateChangingMethods = ['POST', 'PUT', 'DELETE', 'PATCH'];
-
-    if (stateChangingMethods.includes(method)) {
-      const { getCsrfFromCookie, fetchCsrfToken } = await import('@lib/csrf');
-      let tokenValue = getCsrfFromCookie();
-      
-      if (!tokenValue && !request.url.includes('/auth/csrf')) {
-        const data = await fetchCsrfToken();
-        tokenValue = data?.csrf || null;
-      }
-
-      if (tokenValue) {
-        request.headers.set('X-CSRF-Token', tokenValue);
-      }
-    }
-    return request;
-  });
 }
 
 export default function Providers({ children }: { children: React.ReactNode }) {
   return (
     <AppRouterCacheProvider>
-      <ThemeModeProvider>
-        <AuthProvider>
-          {children}
-        </AuthProvider>
-      </ThemeModeProvider>
+      <SessionProvider basePath="/api/auth">
+        <ThemeModeProvider>
+          <AuthProvider>
+            {children}
+          </AuthProvider>
+        </ThemeModeProvider>
+      </SessionProvider>
     </AppRouterCacheProvider>
   );
 }
diff --git a/website/app/settings/layout.tsx b/website/app/settings/layout.tsx
deleted file mode 100644
index df6ca4d..0000000
--- a/website/app/settings/layout.tsx
+++ /dev/null
@@ -1,5 +0,0 @@
-import { ProtectedGuard } from '../guards';
-
-export default function SettingsLayout({ children }: { children: React.ReactNode }) {
-  return <ProtectedGuard>{children}</ProtectedGuard>;
-}
diff --git a/website/auth.ts b/website/auth.ts
new file mode 100644
index 0000000..cf1a8e4
--- /dev/null
+++ b/website/auth.ts
@@ -0,0 +1,68 @@
+import NextAuth from "next-auth";
+import Credentials from "next-auth/providers/credentials";
+import type { DtoUserResponse as User } from "@lib/api";
+
+export const { handlers, auth, signIn, signOut } = NextAuth({
+  trustHost: true,
+  basePath: "/api/auth",
+  providers: [
+    Credentials({
+      name: "Credentials",
+      credentials: {
+        email: { label: "Email", type: "email" },
+        password: { label: "Password", type: "password" },
+      },
+      async authorize(credentials) {
+        if (!credentials?.email || !credentials?.password) return null;
+
+        try {
+          const backendUrl = process.env.BACKEND_URL || "http://api";
+          const res = await fetch(`${backendUrl}/api/v1/auth/login`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({
+              email: credentials.email,
+              password: credentials.password,
+            }),
+          });
+
+          if (!res.ok) return null;
+
+          const user = await res.json() as User;
+          return {
+            id: String(user.id),
+            name: user.name,
+            email: user.email,
+            role: user.role,
+            avatar_url: user.avatar_url,
+            program_id: user.program_id,
+            verified: user.verified,
+            active: user.active,
+            theme: user.theme,
+            private: user.private,
+          };
+        } catch (error) {
+          console.error("Auth authorize error:", error);
+          return null;
+        }
+      },
+    }),
+  ],
+  callbacks: {
+    jwt({ token, user }) {
+      if (user) {
+        token.user = user;
+      }
+      return token;
+    },
+    session({ session, token }) {
+      if (token.user) {
+        session.user = token.user as any;
+      }
+      return session;
+    },
+  },
+  pages: {
+    signIn: "/login",
+  },
+});
diff --git a/website/bun.lock b/website/bun.lock
index 58059bb..6642d63 100644
--- a/website/bun.lock
+++ b/website/bun.lock
@@ -15,7 +15,9 @@
         "@mui/material-nextjs": "^7.3.8",
         "@mui/x-charts": "^8.27.0",
         "@mui/x-data-grid": "^8.27.1",
+        "jose": "^6.1.3",
         "next": "^16.1.6",
+        "next-auth": "^5.0.0-beta.30",
         "react": "^19.2.4",
         "react-dom": "^19.2.4",
         "zod": "^4.3.6",
@@ -37,6 +39,8 @@
     },
   },
   "packages": {
+    "@auth/core": ["@auth/core@0.41.0", "", { "dependencies": { "@panva/hkdf": "^1.2.1", "jose": "^6.0.6", "oauth4webapi": "^3.3.0", "preact": "10.24.3", "preact-render-to-string": "6.5.11" }, "peerDependencies": { "@simplewebauthn/browser": "^9.0.1", "@simplewebauthn/server": "^9.0.2", "nodemailer": "^6.8.0" }, "optionalPeers": ["@simplewebauthn/browser", "@simplewebauthn/server", "nodemailer"] }, "sha512-Wd7mHPQ/8zy6Qj7f4T46vg3aoor8fskJm6g2Zyj064oQ3+p0xNZXAV60ww0hY+MbTesfu29kK14Zk5d5JTazXQ=="],
+
     "@babel/code-frame": ["@babel/code-frame@7.28.6", "", { "dependencies": { "@babel/helper-validator-identifier": "^7.28.5", "js-tokens": "^4.0.0", "picocolors": "^1.1.1" } }, "sha512-JYgintcMjRiCvS8mMECzaEn+m3PfoQiyqukOMCCVQtoJGYJw8j/8LBJEiqkHLkfwCcs74E3pbAUFNg7d9VNJ+Q=="],
 
     "@babel/compat-data": ["@babel/compat-data@7.28.6", "", {}, "sha512-2lfu57JtzctfIrcGMz992hyLlByuzgIk58+hhGCxjKZ3rWI82NnVLjXcaTqkI2NvlcvOskZaiZ5kjUALo3Lpxg=="],
@@ -265,6 +269,8 @@
 
     "@nolyfill/is-core-module": ["@nolyfill/is-core-module@1.0.39", "", {}, "sha512-nn5ozdjYQpUCZlWGuxcJY/KpxkWQs4DcbMCmKojjyrYDEAGy4Ce19NN4v5MduafTwJlbKc99UA8YhSVqq9yPZA=="],
 
+    "@panva/hkdf": ["@panva/hkdf@1.2.1", "", {}, "sha512-6oclG6Y3PiDFcoyk8srjLfVKyMfVCKJ27JwNPViuXziFpmdz+MZnZN/aKY0JGXgYuO/VghU0jcOAZgWXZ1Dmrw=="],
+
     "@popperjs/core": ["@popperjs/core@2.11.8", "", {}, "sha512-P1st0aksCrn9sGZhp8GMYwBnQsbvAWsZAX44oXNNvLHGqAOcoVxmjZiohstwQ7SqKnbR47akdNi+uleWD8+g6A=="],
 
     "@rtsao/scc": ["@rtsao/scc@1.1.0", "", {}, "sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g=="],
@@ -767,6 +773,8 @@
 
     "jiti": ["jiti@2.6.1", "", { "bin": "lib/jiti-cli.mjs" }, "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ=="],
 
+    "jose": ["jose@6.1.3", "", {}, "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ=="],
+
     "js-tokens": ["js-tokens@4.0.0", "", {}, "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ=="],
 
     "js-yaml": ["js-yaml@4.1.1", "", { "dependencies": { "argparse": "^2.0.1" }, "bin": "bin/js-yaml.js" }, "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA=="],
@@ -825,6 +833,8 @@
 
     "next": ["next@16.1.6", "", { "dependencies": { "@next/env": "16.1.6", "@swc/helpers": "0.5.15", "baseline-browser-mapping": "^2.8.3", "caniuse-lite": "^1.0.30001579", "postcss": "8.4.31", "styled-jsx": "5.1.6" }, "optionalDependencies": { "@next/swc-darwin-arm64": "16.1.6", "@next/swc-darwin-x64": "16.1.6", "@next/swc-linux-arm64-gnu": "16.1.6", "@next/swc-linux-arm64-musl": "16.1.6", "@next/swc-linux-x64-gnu": "16.1.6", "@next/swc-linux-x64-musl": "16.1.6", "@next/swc-win32-arm64-msvc": "16.1.6", "@next/swc-win32-x64-msvc": "16.1.6", "sharp": "^0.34.4" }, "peerDependencies": { "@opentelemetry/api": "^1.1.0", "@playwright/test": "^1.51.1", "babel-plugin-react-compiler": "*", "react": "^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0", "react-dom": "^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0", "sass": "^1.3.0" }, "optionalPeers": ["@opentelemetry/api", "@playwright/test", "babel-plugin-react-compiler", "sass"], "bin": "dist/bin/next" }, "sha512-hkyRkcu5x/41KoqnROkfTm2pZVbKxvbZRuNvKXLRXxs3VfyO0WhY50TQS40EuKO9SW3rBj/sF3WbVwDACeMZyw=="],
 
+    "next-auth": ["next-auth@5.0.0-beta.30", "", { "dependencies": { "@auth/core": "0.41.0" }, "peerDependencies": { "@simplewebauthn/browser": "^9.0.1", "@simplewebauthn/server": "^9.0.2", "next": "^14.0.0-0 || ^15.0.0 || ^16.0.0", "nodemailer": "^7.0.7", "react": "^18.2.0 || ^19.0.0" }, "optionalPeers": ["@simplewebauthn/browser", "@simplewebauthn/server", "nodemailer"] }, "sha512-+c51gquM3F6nMVmoAusRJ7RIoY0K4Ts9HCCwyy/BRoe4mp3msZpOzYMyb5LAYc1wSo74PMQkGDcaghIO7W6Xjg=="],
+
     "node-exports-info": ["node-exports-info@1.6.0", "", { "dependencies": { "array.prototype.flatmap": "^1.3.3", "es-errors": "^1.3.0", "object.entries": "^1.1.9", "semver": "^6.3.1" } }, "sha512-pyFS63ptit/P5WqUkt+UUfe+4oevH+bFeIiPPdfb0pFeYEu/1ELnJu5l+5EcTKYL5M7zaAa7S8ddywgXypqKCw=="],
 
     "node-fetch-native": ["node-fetch-native@1.6.7", "", {}, "sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q=="],
@@ -833,6 +843,8 @@
 
     "nypm": ["nypm@0.6.5", "", { "dependencies": { "citty": "^0.2.0", "pathe": "^2.0.3", "tinyexec": "^1.0.2" }, "bin": "dist/cli.mjs" }, "sha512-K6AJy1GMVyfyMXRVB88700BJqNUkByijGJM8kEHpLdcAt+vSQAVfkWWHYzuRXHSY6xA2sNc5RjTj0p9rE2izVQ=="],
 
+    "oauth4webapi": ["oauth4webapi@3.8.5", "", {}, "sha512-A8jmyUckVhRJj5lspguklcl90Ydqk61H3dcU0oLhH3Yv13KpAliKTt5hknpGGPZSSfOwGyraNEFmofDYH+1kSg=="],
+
     "object-assign": ["object-assign@4.1.1", "", {}, "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg=="],
 
     "object-inspect": ["object-inspect@1.13.4", "", {}, "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew=="],
@@ -889,6 +901,10 @@
 
     "powershell-utils": ["powershell-utils@0.1.0", "", {}, "sha512-dM0jVuXJPsDN6DvRpea484tCUaMiXWjuCn++HGTqUWzGDjv5tZkEZldAJ/UMlqRYGFrD/etByo4/xOuC/snX2A=="],
 
+    "preact": ["preact@10.24.3", "", {}, "sha512-Z2dPnBnMUfyQfSQ+GBdsGa16hz35YmLmtTLhM169uW944hYL6xzTYkJjC07j+Wosz733pMWx0fgON3JNw1jJQA=="],
+
+    "preact-render-to-string": ["preact-render-to-string@6.5.11", "", { "peerDependencies": { "preact": ">=10" } }, "sha512-ubnauqoGczeGISiOh6RjX0/cdaF8v/oDXIjO85XALCQjwQP+SB4RDXXtvZ6yTYSjG+PC1QRP2AhPgCEsM2EvUw=="],
+
     "prelude-ls": ["prelude-ls@1.2.1", "", {}, "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g=="],
 
     "process-nextick-args": ["process-nextick-args@2.0.1", "", {}, "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="],
diff --git a/website/next.config.ts b/website/next.config.ts
index b446451..5d1f875 100644
--- a/website/next.config.ts
+++ b/website/next.config.ts
@@ -25,13 +25,7 @@ const nextConfig: NextConfig = {
     ];
   },
   async rewrites() {
-    const backendUrl = process.env.BACKEND_URL || 'http://api';
-    return [
-      {
-        source: '/api/:path*',
-        destination: `${backendUrl}/api/:path*`,
-      },
-    ];
+    return [];
   },
   async redirects() {
     return [
@@ -71,6 +65,7 @@ const nextConfig: NextConfig = {
   webpack: (config) => {
     config.resolve.alias = {
       ...config.resolve.alias,
+      '@': '.',
       '@lib': './src/lib',
       '@components': './src/components',
       '@routes': './src/routes',
diff --git a/website/package.json b/website/package.json
index f5268f0..71ce27f 100644
--- a/website/package.json
+++ b/website/package.json
@@ -22,7 +22,9 @@
     "@mui/material-nextjs": "^7.3.8",
     "@mui/x-charts": "^8.27.0",
     "@mui/x-data-grid": "^8.27.1",
+    "jose": "^6.1.3",
     "next": "^16.1.6",
+    "next-auth": "^5.0.0-beta.30",
     "react": "^19.2.4",
     "react-dom": "^19.2.4",
     "zod": "^4.3.6"
diff --git a/website/proxy.ts b/website/proxy.ts
index 3fc7831..f4c02b1 100644
--- a/website/proxy.ts
+++ b/website/proxy.ts
@@ -1,29 +1,61 @@
-import { NextResponse } from 'next/server';
-import type { NextRequest } from 'next/server';
-
-export function proxy(request: NextRequest) {
-  const { pathname } = request.nextUrl;
-
-  // We can't easily check auth state in middleware without a session cookie
-  // that we can verify. Since the current app uses an API call to check auth,
-  // we might want to keep the client-side checks for now or implement a more robust
-  // session management if we want to use middleware effectively.
-  
-  // For now, let's just let the client-side components handle it as they did before.
-  // The Sidebar and components already handle missing users.
-  
+import { NextResponse } from "next/server";
+import { auth } from "./auth";
+import * as jose from "jose";
+
+const INTERNAL_JWT_SECRET = process.env.INTERNAL_JWT_SECRET || "change-me-internal-secret";
+const secret = new TextEncoder().encode(INTERNAL_JWT_SECRET);
+
+export const proxy = auth(async (req) => {
+  const { pathname } = req.nextUrl;
+
+  // 1. API Proxying with Internal JWT
+  if (pathname.startsWith("/api/v1")) {
+    const backendUrl = process.env.BACKEND_URL || "http://api";
+    const targetUrl = new URL(req.url);
+    targetUrl.protocol = new URL(backendUrl).protocol;
+    targetUrl.host = new URL(backendUrl).host;
+    targetUrl.port = new URL(backendUrl).port;
+
+    const requestHeaders = new Headers(req.headers);
+    
+    // If authenticated, sign an internal JWT for Go
+    if (req.auth?.user) {
+      const token = await new jose.SignJWT({ sub: req.auth.user.id })
+        .setProtectedHeader({ alg: "HS256" })
+        .setIssuedAt()
+        .setExpirationTime("1m") // Short lived
+        .sign(secret);
+      
+      requestHeaders.set("Authorization", `Bearer ${token}`);
+    }
+
+    return NextResponse.rewrite(targetUrl, {
+      request: {
+        headers: requestHeaders,
+      },
+    });
+  }
+
+  // 2. Global Route Guards
+  const protectedRoutes = ["/admin", "/settings", "/archive", "/d/new"];
+  const isProtected = protectedRoutes.some(route => pathname.startsWith(route)) || pathname.endsWith("/edit");
+
+  if (isProtected && !req.auth) {
+    const url = new URL("/login", req.url);
+    url.searchParams.set("from", pathname);
+    return NextResponse.redirect(url);
+  }
+
   return NextResponse.next();
-}
+});
 
 export const config = {
   matcher: [
-    /*
-     * Match all request paths except for the ones starting with:
-     * - api (API routes)
-     * - _next/static (static files)
-     * - _next/image (image optimization files)
-     * - favicon.ico (favicon file)
-     */
-    '/((?!api|_next/static|_next/image|favicon.ico).*)',
+    "/api/v1/:path*",
+    "/admin/:path*",
+    "/settings/:path*",
+    "/archive/:path*",
+    "/d/new",
+    "/d/:postId/edit",
   ],
 };
diff --git a/website/src/lib/api/index.ts b/website/src/lib/api/index.ts
index 498b831..d72cf73 100644
--- a/website/src/lib/api/index.ts
+++ b/website/src/lib/api/index.ts
@@ -1,4 +1,4 @@
 // This file is auto-generated by @hey-api/openapi-ts
 
-export { deleteArchiveFile, deleteArchiveId, deleteDiscussionsByPostId, getActivities, getAdminDashboard, getAdminRefDiscussionTypes, getAdminRefRoles, getAdminStats, getArchive, getArchiveFile, getArchiveId, getArchiveVersions, getAuthAvatarsByUserIdByFilename, getAuthCsrf, getAuthMe, getAuthNotifications, getAuthVerify, getDiscussions, getDiscussionsByPostId, getDiscussionsByPostIdComments, getEvents, getEventsByEventId, getEventsByEventIdCover, getEventsByEventIdMedia, getMediaByMediaId, getMediaByMediaIdFile, getMediaByMediaIdPreview, getOfficeStatus, getProgramModules, getPrograms, getProgramsId, getSearch, getUsers, getUsersByUserId, getUsersByUserIdActivities, type Options, postAdminModules, postAdminPrograms, postArchive, postAuthForgot, postAuthLogin, postAuthLogout, postAuthMeAvatar, postAuthRegister, postAuthReset, postDiscussions, postDiscussionsByPostIdComments, postDiscussionsByPostIdVote, postDiscussionsCommentsByCommentIdVote, postEvents, postEventsByEventIdMedia, putArchiveId, putAuthMe, putAuthNotificationsIdRead, putAuthNotificationsReadAll, putDiscussionsByPostId, putDiscussionsCommentsByCommentId, putOfficeStatus } from './sdk.gen';
-export type { ClientOptions, DeleteArchiveFileData, DeleteArchiveFileResponses, DeleteArchiveIdData, DeleteArchiveIdResponses, DeleteDiscussionsByPostIdData, DeleteDiscussionsByPostIdResponses, DtoActivityResponse, DtoAdminDashboardResponse, DtoAdminStatsResponse, DtoArchiveEntryResponse, DtoCreateDiscussionPostRequest, DtoCsrfResponse, DtoDashboardTrendItem, DtoDiscussionCommentRequest, DtoDiscussionCommentResponse, DtoDiscussionPostResponse, DtoErrorResponse, DtoEventResponse, DtoLink, DtoLoginRequest, DtoMediaResponse, DtoModuleResponse, DtoNotificationResponse, DtoOfficeStatusResponse, DtoPostProgramResponse, DtoProgramDistributionItem, DtoProgramResponse, DtoPublicUserResponse, DtoRegisterRequest, DtoSearchResult, DtoUpdateArchiveEntryRequest, DtoUpdateOfficeStatusRequest, DtoUpdateProfileRequest, DtoUserResponse, DtoVoteRequest, GetActivitiesData, GetActivitiesResponse, GetActivitiesResponses, GetAdminDashboardData, GetAdminDashboardResponse, GetAdminDashboardResponses, GetAdminRefDiscussionTypesData, GetAdminRefDiscussionTypesResponse, GetAdminRefDiscussionTypesResponses, GetAdminRefRolesData, GetAdminRefRolesResponse, GetAdminRefRolesResponses, GetAdminStatsData, GetAdminStatsResponse, GetAdminStatsResponses, GetArchiveData, GetArchiveFileData, GetArchiveFileResponses, GetArchiveIdData, GetArchiveIdError, GetArchiveIdErrors, GetArchiveIdResponse, GetArchiveIdResponses, GetArchiveResponse, GetArchiveResponses, GetArchiveVersionsData, GetArchiveVersionsError, GetArchiveVersionsErrors, GetArchiveVersionsResponse, GetArchiveVersionsResponses, GetAuthAvatarsByUserIdByFilenameData, GetAuthAvatarsByUserIdByFilenameResponses, GetAuthCsrfData, GetAuthCsrfResponse, GetAuthCsrfResponses, GetAuthMeData, GetAuthMeResponse, GetAuthMeResponses, GetAuthNotificationsData, GetAuthNotificationsError, GetAuthNotificationsErrors, GetAuthNotificationsResponse, GetAuthNotificationsResponses, GetAuthVerifyData, GetDiscussionsByPostIdCommentsData, GetDiscussionsByPostIdCommentsResponse, GetDiscussionsByPostIdCommentsResponses, GetDiscussionsByPostIdData, GetDiscussionsByPostIdResponse, GetDiscussionsByPostIdResponses, GetDiscussionsData, GetDiscussionsResponse, GetDiscussionsResponses, GetEventsByEventIdCoverData, GetEventsByEventIdCoverResponses, GetEventsByEventIdData, GetEventsByEventIdMediaData, GetEventsByEventIdMediaResponse, GetEventsByEventIdMediaResponses, GetEventsByEventIdResponse, GetEventsByEventIdResponses, GetEventsData, GetEventsResponse, GetEventsResponses, GetMediaByMediaIdData, GetMediaByMediaIdFileData, GetMediaByMediaIdFileResponses, GetMediaByMediaIdPreviewData, GetMediaByMediaIdPreviewResponses, GetMediaByMediaIdResponse, GetMediaByMediaIdResponses, GetOfficeStatusData, GetOfficeStatusResponse, GetOfficeStatusResponses, GetProgramModulesData, GetProgramModulesError, GetProgramModulesErrors, GetProgramModulesResponse, GetProgramModulesResponses, GetProgramsData, GetProgramsError, GetProgramsErrors, GetProgramsIdData, GetProgramsIdError, GetProgramsIdErrors, GetProgramsIdResponse, GetProgramsIdResponses, GetProgramsResponse, GetProgramsResponses, GetSearchData, GetSearchResponse, GetSearchResponses, GetUsersByUserIdActivitiesData, GetUsersByUserIdActivitiesResponse, GetUsersByUserIdActivitiesResponses, GetUsersByUserIdData, GetUsersByUserIdResponse, GetUsersByUserIdResponses, GetUsersData, GetUsersResponse, GetUsersResponses, PostAdminModulesData, PostAdminModulesResponse, PostAdminModulesResponses, PostAdminProgramsData, PostAdminProgramsResponse, PostAdminProgramsResponses, PostArchiveData, PostArchiveResponse, PostArchiveResponses, PostAuthForgotData, PostAuthForgotError, PostAuthForgotErrors, PostAuthForgotResponses, PostAuthLoginData, PostAuthLoginError, PostAuthLoginErrors, PostAuthLoginResponse, PostAuthLoginResponses, PostAuthLogoutData, PostAuthLogoutResponses, PostAuthMeAvatarData, PostAuthMeAvatarResponse, PostAuthMeAvatarResponses, PostAuthRegisterData, PostAuthRegisterError, PostAuthRegisterErrors, PostAuthRegisterResponse, PostAuthRegisterResponses, PostAuthResetData, PostAuthResetError, PostAuthResetErrors, PostAuthResetResponse, PostAuthResetResponses, PostDiscussionsByPostIdCommentsData, PostDiscussionsByPostIdCommentsResponse, PostDiscussionsByPostIdCommentsResponses, PostDiscussionsByPostIdVoteData, PostDiscussionsByPostIdVoteResponses, PostDiscussionsCommentsByCommentIdVoteData, PostDiscussionsCommentsByCommentIdVoteResponses, PostDiscussionsData, PostDiscussionsResponse, PostDiscussionsResponses, PostEventsByEventIdMediaData, PostEventsByEventIdMediaResponse, PostEventsByEventIdMediaResponses, PostEventsData, PostEventsResponse, PostEventsResponses, PutArchiveIdData, PutArchiveIdResponse, PutArchiveIdResponses, PutAuthMeData, PutAuthMeError, PutAuthMeErrors, PutAuthMeResponse, PutAuthMeResponses, PutAuthNotificationsIdReadData, PutAuthNotificationsIdReadError, PutAuthNotificationsIdReadErrors, PutAuthNotificationsIdReadResponse, PutAuthNotificationsIdReadResponses, PutAuthNotificationsReadAllData, PutAuthNotificationsReadAllError, PutAuthNotificationsReadAllErrors, PutAuthNotificationsReadAllResponses, PutDiscussionsByPostIdData, PutDiscussionsByPostIdResponse, PutDiscussionsByPostIdResponses, PutDiscussionsCommentsByCommentIdData, PutDiscussionsCommentsByCommentIdResponse, PutDiscussionsCommentsByCommentIdResponses, PutOfficeStatusData, PutOfficeStatusResponse, PutOfficeStatusResponses } from './types.gen';
+export { deleteArchiveFile, deleteArchiveId, deleteDiscussionsByPostId, getActivities, getAdminDashboard, getAdminRefDiscussionTypes, getAdminRefRoles, getAdminStats, getArchive, getArchiveFile, getArchiveId, getArchiveVersions, getAuthAvatarsByUserIdByFilename, getAuthMe, getAuthNotifications, getAuthVerify, getDiscussions, getDiscussionsByPostId, getDiscussionsByPostIdComments, getEvents, getEventsByEventId, getEventsByEventIdCover, getEventsByEventIdMedia, getMediaByMediaId, getMediaByMediaIdFile, getMediaByMediaIdPreview, getOfficeStatus, getProgramModules, getPrograms, getProgramsId, getSearch, getUsers, getUsersByUserId, getUsersByUserIdActivities, type Options, postAdminModules, postAdminPrograms, postArchive, postAuthForgot, postAuthLogin, postAuthMeAvatar, postAuthRegister, postAuthReset, postDiscussions, postDiscussionsByPostIdComments, postDiscussionsByPostIdVote, postDiscussionsCommentsByCommentIdVote, postEvents, postEventsByEventIdMedia, putArchiveId, putAuthMe, putAuthNotificationsIdRead, putAuthNotificationsReadAll, putDiscussionsByPostId, putDiscussionsCommentsByCommentId, putOfficeStatus } from './sdk.gen';
+export type { ClientOptions, DeleteArchiveFileData, DeleteArchiveFileResponses, DeleteArchiveIdData, DeleteArchiveIdResponses, DeleteDiscussionsByPostIdData, DeleteDiscussionsByPostIdResponses, DtoActivityResponse, DtoAdminDashboardResponse, DtoAdminStatsResponse, DtoArchiveEntryResponse, DtoCreateDiscussionPostRequest, DtoDashboardTrendItem, DtoDiscussionCommentRequest, DtoDiscussionCommentResponse, DtoDiscussionPostResponse, DtoErrorResponse, DtoEventResponse, DtoForgotPasswordRequest, DtoLink, DtoLoginRequest, DtoMediaResponse, DtoModuleResponse, DtoNotificationResponse, DtoOfficeStatusResponse, DtoPostProgramResponse, DtoProgramDistributionItem, DtoProgramResponse, DtoPublicUserResponse, DtoRegisterRequest, DtoResetPasswordRequest, DtoSearchResult, DtoUpdateArchiveEntryRequest, DtoUpdateOfficeStatusRequest, DtoUpdateProfileRequest, DtoUserResponse, DtoVoteRequest, GetActivitiesData, GetActivitiesResponse, GetActivitiesResponses, GetAdminDashboardData, GetAdminDashboardResponse, GetAdminDashboardResponses, GetAdminRefDiscussionTypesData, GetAdminRefDiscussionTypesResponse, GetAdminRefDiscussionTypesResponses, GetAdminRefRolesData, GetAdminRefRolesResponse, GetAdminRefRolesResponses, GetAdminStatsData, GetAdminStatsResponse, GetAdminStatsResponses, GetArchiveData, GetArchiveFileData, GetArchiveFileResponses, GetArchiveIdData, GetArchiveIdError, GetArchiveIdErrors, GetArchiveIdResponse, GetArchiveIdResponses, GetArchiveResponse, GetArchiveResponses, GetArchiveVersionsData, GetArchiveVersionsError, GetArchiveVersionsErrors, GetArchiveVersionsResponse, GetArchiveVersionsResponses, GetAuthAvatarsByUserIdByFilenameData, GetAuthAvatarsByUserIdByFilenameResponses, GetAuthMeData, GetAuthMeResponse, GetAuthMeResponses, GetAuthNotificationsData, GetAuthNotificationsError, GetAuthNotificationsErrors, GetAuthNotificationsResponse, GetAuthNotificationsResponses, GetAuthVerifyData, GetDiscussionsByPostIdCommentsData, GetDiscussionsByPostIdCommentsResponse, GetDiscussionsByPostIdCommentsResponses, GetDiscussionsByPostIdData, GetDiscussionsByPostIdResponse, GetDiscussionsByPostIdResponses, GetDiscussionsData, GetDiscussionsResponse, GetDiscussionsResponses, GetEventsByEventIdCoverData, GetEventsByEventIdCoverResponses, GetEventsByEventIdData, GetEventsByEventIdMediaData, GetEventsByEventIdMediaResponse, GetEventsByEventIdMediaResponses, GetEventsByEventIdResponse, GetEventsByEventIdResponses, GetEventsData, GetEventsResponse, GetEventsResponses, GetMediaByMediaIdData, GetMediaByMediaIdFileData, GetMediaByMediaIdFileResponses, GetMediaByMediaIdPreviewData, GetMediaByMediaIdPreviewResponses, GetMediaByMediaIdResponse, GetMediaByMediaIdResponses, GetOfficeStatusData, GetOfficeStatusResponse, GetOfficeStatusResponses, GetProgramModulesData, GetProgramModulesError, GetProgramModulesErrors, GetProgramModulesResponse, GetProgramModulesResponses, GetProgramsData, GetProgramsError, GetProgramsErrors, GetProgramsIdData, GetProgramsIdError, GetProgramsIdErrors, GetProgramsIdResponse, GetProgramsIdResponses, GetProgramsResponse, GetProgramsResponses, GetSearchData, GetSearchResponse, GetSearchResponses, GetUsersByUserIdActivitiesData, GetUsersByUserIdActivitiesResponse, GetUsersByUserIdActivitiesResponses, GetUsersByUserIdData, GetUsersByUserIdResponse, GetUsersByUserIdResponses, GetUsersData, GetUsersResponse, GetUsersResponses, PostAdminModulesData, PostAdminModulesResponse, PostAdminModulesResponses, PostAdminProgramsData, PostAdminProgramsResponse, PostAdminProgramsResponses, PostArchiveData, PostArchiveResponse, PostArchiveResponses, PostAuthForgotData, PostAuthForgotError, PostAuthForgotErrors, PostAuthForgotResponses, PostAuthLoginData, PostAuthLoginError, PostAuthLoginErrors, PostAuthLoginResponse, PostAuthLoginResponses, PostAuthMeAvatarData, PostAuthMeAvatarResponse, PostAuthMeAvatarResponses, PostAuthRegisterData, PostAuthRegisterError, PostAuthRegisterErrors, PostAuthRegisterResponse, PostAuthRegisterResponses, PostAuthResetData, PostAuthResetError, PostAuthResetErrors, PostAuthResetResponse, PostAuthResetResponses, PostDiscussionsByPostIdCommentsData, PostDiscussionsByPostIdCommentsResponse, PostDiscussionsByPostIdCommentsResponses, PostDiscussionsByPostIdVoteData, PostDiscussionsByPostIdVoteResponses, PostDiscussionsCommentsByCommentIdVoteData, PostDiscussionsCommentsByCommentIdVoteResponses, PostDiscussionsData, PostDiscussionsResponse, PostDiscussionsResponses, PostEventsByEventIdMediaData, PostEventsByEventIdMediaResponse, PostEventsByEventIdMediaResponses, PostEventsData, PostEventsResponse, PostEventsResponses, PutArchiveIdData, PutArchiveIdResponse, PutArchiveIdResponses, PutAuthMeData, PutAuthMeError, PutAuthMeErrors, PutAuthMeResponse, PutAuthMeResponses, PutAuthNotificationsIdReadData, PutAuthNotificationsIdReadError, PutAuthNotificationsIdReadErrors, PutAuthNotificationsIdReadResponse, PutAuthNotificationsIdReadResponses, PutAuthNotificationsReadAllData, PutAuthNotificationsReadAllError, PutAuthNotificationsReadAllErrors, PutAuthNotificationsReadAllResponses, PutDiscussionsByPostIdData, PutDiscussionsByPostIdResponse, PutDiscussionsByPostIdResponses, PutDiscussionsCommentsByCommentIdData, PutDiscussionsCommentsByCommentIdResponse, PutDiscussionsCommentsByCommentIdResponses, PutOfficeStatusData, PutOfficeStatusResponse, PutOfficeStatusResponses } from './types.gen';
diff --git a/website/src/lib/api/sdk.gen.ts b/website/src/lib/api/sdk.gen.ts
index 4cf657c..1528528 100644
--- a/website/src/lib/api/sdk.gen.ts
+++ b/website/src/lib/api/sdk.gen.ts
@@ -2,7 +2,7 @@
 
 import { type Client, formDataBodySerializer, type Options as Options2, type TDataShape } from './client';
 import { client } from './client.gen';
-import type { DeleteArchiveFileData, DeleteArchiveFileResponses, DeleteArchiveIdData, DeleteArchiveIdResponses, DeleteDiscussionsByPostIdData, DeleteDiscussionsByPostIdResponses, GetActivitiesData, GetActivitiesResponses, GetAdminDashboardData, GetAdminDashboardResponses, GetAdminRefDiscussionTypesData, GetAdminRefDiscussionTypesResponses, GetAdminRefRolesData, GetAdminRefRolesResponses, GetAdminStatsData, GetAdminStatsResponses, GetArchiveData, GetArchiveFileData, GetArchiveFileResponses, GetArchiveIdData, GetArchiveIdErrors, GetArchiveIdResponses, GetArchiveResponses, GetArchiveVersionsData, GetArchiveVersionsErrors, GetArchiveVersionsResponses, GetAuthAvatarsByUserIdByFilenameData, GetAuthAvatarsByUserIdByFilenameResponses, GetAuthCsrfData, GetAuthCsrfResponses, GetAuthMeData, GetAuthMeResponses, GetAuthNotificationsData, GetAuthNotificationsErrors, GetAuthNotificationsResponses, GetAuthVerifyData, GetDiscussionsByPostIdCommentsData, GetDiscussionsByPostIdCommentsResponses, GetDiscussionsByPostIdData, GetDiscussionsByPostIdResponses, GetDiscussionsData, GetDiscussionsResponses, GetEventsByEventIdCoverData, GetEventsByEventIdCoverResponses, GetEventsByEventIdData, GetEventsByEventIdMediaData, GetEventsByEventIdMediaResponses, GetEventsByEventIdResponses, GetEventsData, GetEventsResponses, GetMediaByMediaIdData, GetMediaByMediaIdFileData, GetMediaByMediaIdFileResponses, GetMediaByMediaIdPreviewData, GetMediaByMediaIdPreviewResponses, GetMediaByMediaIdResponses, GetOfficeStatusData, GetOfficeStatusResponses, GetProgramModulesData, GetProgramModulesErrors, GetProgramModulesResponses, GetProgramsData, GetProgramsErrors, GetProgramsIdData, GetProgramsIdErrors, GetProgramsIdResponses, GetProgramsResponses, GetSearchData, GetSearchResponses, GetUsersByUserIdActivitiesData, GetUsersByUserIdActivitiesResponses, GetUsersByUserIdData, GetUsersByUserIdResponses, GetUsersData, GetUsersResponses, PostAdminModulesData, PostAdminModulesResponses, PostAdminProgramsData, PostAdminProgramsResponses, PostArchiveData, PostArchiveResponses, PostAuthForgotData, PostAuthForgotErrors, PostAuthForgotResponses, PostAuthLoginData, PostAuthLoginErrors, PostAuthLoginResponses, PostAuthLogoutData, PostAuthLogoutResponses, PostAuthMeAvatarData, PostAuthMeAvatarResponses, PostAuthRegisterData, PostAuthRegisterErrors, PostAuthRegisterResponses, PostAuthResetData, PostAuthResetErrors, PostAuthResetResponses, PostDiscussionsByPostIdCommentsData, PostDiscussionsByPostIdCommentsResponses, PostDiscussionsByPostIdVoteData, PostDiscussionsByPostIdVoteResponses, PostDiscussionsCommentsByCommentIdVoteData, PostDiscussionsCommentsByCommentIdVoteResponses, PostDiscussionsData, PostDiscussionsResponses, PostEventsByEventIdMediaData, PostEventsByEventIdMediaResponses, PostEventsData, PostEventsResponses, PutArchiveIdData, PutArchiveIdResponses, PutAuthMeData, PutAuthMeErrors, PutAuthMeResponses, PutAuthNotificationsIdReadData, PutAuthNotificationsIdReadErrors, PutAuthNotificationsIdReadResponses, PutAuthNotificationsReadAllData, PutAuthNotificationsReadAllErrors, PutAuthNotificationsReadAllResponses, PutDiscussionsByPostIdData, PutDiscussionsByPostIdResponses, PutDiscussionsCommentsByCommentIdData, PutDiscussionsCommentsByCommentIdResponses, PutOfficeStatusData, PutOfficeStatusResponses } from './types.gen';
+import type { DeleteArchiveFileData, DeleteArchiveFileResponses, DeleteArchiveIdData, DeleteArchiveIdResponses, DeleteDiscussionsByPostIdData, DeleteDiscussionsByPostIdResponses, GetActivitiesData, GetActivitiesResponses, GetAdminDashboardData, GetAdminDashboardResponses, GetAdminRefDiscussionTypesData, GetAdminRefDiscussionTypesResponses, GetAdminRefRolesData, GetAdminRefRolesResponses, GetAdminStatsData, GetAdminStatsResponses, GetArchiveData, GetArchiveFileData, GetArchiveFileResponses, GetArchiveIdData, GetArchiveIdErrors, GetArchiveIdResponses, GetArchiveResponses, GetArchiveVersionsData, GetArchiveVersionsErrors, GetArchiveVersionsResponses, GetAuthAvatarsByUserIdByFilenameData, GetAuthAvatarsByUserIdByFilenameResponses, GetAuthMeData, GetAuthMeResponses, GetAuthNotificationsData, GetAuthNotificationsErrors, GetAuthNotificationsResponses, GetAuthVerifyData, GetDiscussionsByPostIdCommentsData, GetDiscussionsByPostIdCommentsResponses, GetDiscussionsByPostIdData, GetDiscussionsByPostIdResponses, GetDiscussionsData, GetDiscussionsResponses, GetEventsByEventIdCoverData, GetEventsByEventIdCoverResponses, GetEventsByEventIdData, GetEventsByEventIdMediaData, GetEventsByEventIdMediaResponses, GetEventsByEventIdResponses, GetEventsData, GetEventsResponses, GetMediaByMediaIdData, GetMediaByMediaIdFileData, GetMediaByMediaIdFileResponses, GetMediaByMediaIdPreviewData, GetMediaByMediaIdPreviewResponses, GetMediaByMediaIdResponses, GetOfficeStatusData, GetOfficeStatusResponses, GetProgramModulesData, GetProgramModulesErrors, GetProgramModulesResponses, GetProgramsData, GetProgramsErrors, GetProgramsIdData, GetProgramsIdErrors, GetProgramsIdResponses, GetProgramsResponses, GetSearchData, GetSearchResponses, GetUsersByUserIdActivitiesData, GetUsersByUserIdActivitiesResponses, GetUsersByUserIdData, GetUsersByUserIdResponses, GetUsersData, GetUsersResponses, PostAdminModulesData, PostAdminModulesResponses, PostAdminProgramsData, PostAdminProgramsResponses, PostArchiveData, PostArchiveResponses, PostAuthForgotData, PostAuthForgotErrors, PostAuthForgotResponses, PostAuthLoginData, PostAuthLoginErrors, PostAuthLoginResponses, PostAuthMeAvatarData, PostAuthMeAvatarResponses, PostAuthRegisterData, PostAuthRegisterErrors, PostAuthRegisterResponses, PostAuthResetData, PostAuthResetErrors, PostAuthResetResponses, PostDiscussionsByPostIdCommentsData, PostDiscussionsByPostIdCommentsResponses, PostDiscussionsByPostIdVoteData, PostDiscussionsByPostIdVoteResponses, PostDiscussionsCommentsByCommentIdVoteData, PostDiscussionsCommentsByCommentIdVoteResponses, PostDiscussionsData, PostDiscussionsResponses, PostEventsByEventIdMediaData, PostEventsByEventIdMediaResponses, PostEventsData, PostEventsResponses, PutArchiveIdData, PutArchiveIdResponses, PutAuthMeData, PutAuthMeErrors, PutAuthMeResponses, PutAuthNotificationsIdReadData, PutAuthNotificationsIdReadErrors, PutAuthNotificationsIdReadResponses, PutAuthNotificationsReadAllData, PutAuthNotificationsReadAllErrors, PutAuthNotificationsReadAllResponses, PutDiscussionsByPostIdData, PutDiscussionsByPostIdResponses, PutDiscussionsCommentsByCommentIdData, PutDiscussionsCommentsByCommentIdResponses, PutOfficeStatusData, PutOfficeStatusResponses } from './types.gen';
 
 export type Options<TData extends TDataShape = TDataShape, ThrowOnError extends boolean = boolean> = Options2<TData, ThrowOnError> & {
     /**
@@ -127,11 +127,6 @@ export const deleteArchiveFile = <ThrowOnError extends boolean = false>(options:
  */
 export const getAuthAvatarsByUserIdByFilename = <ThrowOnError extends boolean = false>(options: Options<GetAuthAvatarsByUserIdByFilenameData, ThrowOnError>) => (options.client ?? client).get<GetAuthAvatarsByUserIdByFilenameResponses, unknown, ThrowOnError>({ url: '/auth/avatars/{userId}/{filename}', ...options });
 
-/**
- * Issue CSRF token
- */
-export const getAuthCsrf = <ThrowOnError extends boolean = false>(options?: Options<GetAuthCsrfData, ThrowOnError>) => (options?.client ?? client).get<GetAuthCsrfResponses, unknown, ThrowOnError>({ url: '/auth/csrf', ...options });
-
 /**
  * Request password reset
  */
@@ -156,11 +151,6 @@ export const postAuthLogin = <ThrowOnError extends boolean = false>(options: Opt
     }
 });
 
-/**
- * Log out
- */
-export const postAuthLogout = <ThrowOnError extends boolean = false>(options?: Options<PostAuthLogoutData, ThrowOnError>) => (options?.client ?? client).post<PostAuthLogoutResponses, unknown, ThrowOnError>({ url: '/auth/logout', ...options });
-
 /**
  * Get current user
  */
diff --git a/website/src/lib/api/types.gen.ts b/website/src/lib/api/types.gen.ts
index c5fb110..0db20af 100644
--- a/website/src/lib/api/types.gen.ts
+++ b/website/src/lib/api/types.gen.ts
@@ -65,11 +65,6 @@ export type DtoCreateDiscussionPostRequest = {
     type?: 'discussion' | 'news' | 'event';
 };
 
-export type DtoCsrfResponse = {
-    csrf?: string;
-    signups_enabled?: boolean;
-};
-
 export type DtoDashboardTrendItem = {
     count?: number;
     date?: string;
@@ -128,6 +123,10 @@ export type DtoEventResponse = {
     title?: string;
 };
 
+export type DtoForgotPasswordRequest = {
+    email: string;
+};
+
 export type DtoLink = {
     label?: string;
     url?: string;
@@ -207,6 +206,11 @@ export type DtoRegisterRequest = {
     program_id?: string;
 };
 
+export type DtoResetPasswordRequest = {
+    password: string;
+    token: string;
+};
+
 export type DtoSearchResult = {
     id?: string;
     subtitle?: string;
@@ -631,29 +635,11 @@ export type GetAuthAvatarsByUserIdByFilenameResponses = {
     200: unknown;
 };
 
-export type GetAuthCsrfData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: '/auth/csrf';
-};
-
-export type GetAuthCsrfResponses = {
-    /**
-     * OK
-     */
-    200: DtoCsrfResponse;
-};
-
-export type GetAuthCsrfResponse = GetAuthCsrfResponses[keyof GetAuthCsrfResponses];
-
 export type PostAuthForgotData = {
     /**
-     * {email: string}
+     * Forgot Password Info
      */
-    body: {
-        [key: string]: string;
-    };
+    body: DtoForgotPasswordRequest;
     path?: never;
     query?: never;
     url: '/auth/forgot';
@@ -703,20 +689,6 @@ export type PostAuthLoginResponses = {
 
 export type PostAuthLoginResponse = PostAuthLoginResponses[keyof PostAuthLoginResponses];
 
-export type PostAuthLogoutData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: '/auth/logout';
-};
-
-export type PostAuthLogoutResponses = {
-    /**
-     * No Content
-     */
-    204: unknown;
-};
-
 export type GetAuthMeData = {
     body?: never;
     path?: never;
@@ -894,11 +866,9 @@ export type PostAuthRegisterResponse = PostAuthRegisterResponses[keyof PostAuthR
 
 export type PostAuthResetData = {
     /**
-     * {token: string, password: string}
+     * Reset Password Info
      */
-    body: {
-        [key: string]: string;
-    };
+    body: DtoResetPasswordRequest;
     path?: never;
     query?: never;
     url: '/auth/reset';
diff --git a/website/src/lib/api/zod.gen.ts b/website/src/lib/api/zod.gen.ts
index bdf211e..8a7a6a0 100644
--- a/website/src/lib/api/zod.gen.ts
+++ b/website/src/lib/api/zod.gen.ts
@@ -37,11 +37,6 @@ export const zDtoArchiveEntryResponse = z.object({
     version: z.optional(z.string())
 });
 
-export const zDtoCsrfResponse = z.object({
-    csrf: z.optional(z.string()),
-    signups_enabled: z.optional(z.boolean())
-});
-
 export const zDtoDashboardTrendItem = z.object({
     count: z.optional(z.int()),
     date: z.optional(z.string())
@@ -78,6 +73,10 @@ export const zDtoEventResponse = z.object({
     title: z.optional(z.string())
 });
 
+export const zDtoForgotPasswordRequest = z.object({
+    email: z.string()
+});
+
 export const zDtoLink = z.object({
     label: z.optional(z.string()),
     url: z.optional(z.string())
@@ -209,6 +208,11 @@ export const zDtoRegisterRequest = z.object({
     program_id: z.optional(z.string())
 });
 
+export const zDtoResetPasswordRequest = z.object({
+    password: z.string().min(8).max(72),
+    token: z.string()
+});
+
 export const zDtoSearchResult = z.object({
     id: z.optional(z.string()),
     subtitle: z.optional(z.string()),
@@ -453,19 +457,8 @@ export const zGetAuthAvatarsByUserIdByFilenameData = z.object({
     }))
 });
 
-export const zGetAuthCsrfData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
-});
-
-/**
- * OK
- */
-export const zGetAuthCsrfResponse = zDtoCsrfResponse;
-
 export const zPostAuthForgotData = z.object({
-    body: z.record(z.string(), z.string()),
+    body: zDtoForgotPasswordRequest,
     path: z.optional(z.never()),
     query: z.optional(z.never())
 });
@@ -481,12 +474,6 @@ export const zPostAuthLoginData = z.object({
  */
 export const zPostAuthLoginResponse = zDtoUserResponse;
 
-export const zPostAuthLogoutData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
-});
-
 export const zGetAuthMeData = z.object({
     body: z.optional(z.never()),
     path: z.optional(z.never()),
@@ -564,7 +551,7 @@ export const zPostAuthRegisterData = z.object({
 export const zPostAuthRegisterResponse = zDtoUserResponse;
 
 export const zPostAuthResetData = z.object({
-    body: z.record(z.string(), z.string()),
+    body: zDtoResetPasswordRequest,
     path: z.optional(z.never()),
     query: z.optional(z.never())
 });
diff --git a/website/src/lib/auth.tsx b/website/src/lib/auth.tsx
index 93337d4..9049f43 100644
--- a/website/src/lib/auth.tsx
+++ b/website/src/lib/auth.tsx
@@ -1,50 +1,7 @@
-import React, { createContext, useState, useContext, useEffect, ReactNode, useCallback } from 'react';
-
-import { getAuthMe, postAuthLogout } from '@lib/api';
+import React, { createContext, useContext, useEffect, ReactNode, useMemo } from 'react';
+import { useSession, signIn, signOut } from 'next-auth/react';
 import type { DtoUserResponse as User } from '@lib/api';
 import { useThemeMode, type ThemePreference } from '@lib/theme';
-import { clearCsrfToken } from './csrf';
-
-const REMEMBERED_USER_KEY = 'fs_remembered_user';
-export const REMEMBERED_FLAG_KEY = 'fs_remember_flag';
-
-const readRememberedUser = (): User | null => {
-  if (typeof window === 'undefined') {
-    return null;
-  }
-  try {
-    const stored = window.localStorage.getItem(REMEMBERED_USER_KEY);
-    if (!stored) {
-      return null;
-    }
-    const parsed = JSON.parse(stored) as Record<string, unknown>;
-    // Migration: fix old typos in persisted data
-    if (parsed.programid && !parsed.program_id) {
-      parsed.program_id = parsed.programid;
-    }
-    return parsed as unknown as User;
-  } catch {
-    window.localStorage.removeItem(REMEMBERED_USER_KEY);
-    window.localStorage.removeItem(REMEMBERED_FLAG_KEY);
-    return null;
-  }
-};
-
-const persistRememberedUser = (userToPersist: User) => {
-  if (typeof window === 'undefined') {
-    return;
-  }
-  window.localStorage.setItem(REMEMBERED_USER_KEY, JSON.stringify(userToPersist));
-  window.localStorage.setItem(REMEMBERED_FLAG_KEY, 'true');
-};
-
-const clearRememberedUser = () => {
-  if (typeof window === 'undefined') {
-    return;
-  }
-  window.localStorage.removeItem(REMEMBERED_USER_KEY);
-  window.localStorage.removeItem(REMEMBERED_FLAG_KEY);
-};
 
 interface AuthContextType {
   user: User | null;
@@ -55,40 +12,12 @@ interface AuthContextType {
 
 const AuthContext = createContext<AuthContextType | undefined>(undefined);
 
-interface AuthProviderProps {
-  children: ReactNode;
-}
-
-export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
-  const [user, setUser] = useState<User | null>(() => readRememberedUser());
-  const [isLoading, setIsLoading] = useState(true);
+export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) => {
+  const { data: session, status } = useSession();
   const { setPreference } = useThemeMode();
 
-  const checkAuthStatus = useCallback(async () => {
-    setIsLoading(true);
-    try {
-      const { data, error } = await getAuthMe();
-      if (error || !data) {
-        throw new Error('Nicht authentifiziert');
-      }
-      setUser(data);
-      if (data.theme) {
-        setPreference(data.theme as ThemePreference);
-      }
-      if (typeof window !== 'undefined' && window.localStorage.getItem(REMEMBERED_FLAG_KEY) === 'true') {
-        persistRememberedUser(data);
-      }
-    } catch {
-      setUser(null);
-      clearRememberedUser();
-    } finally {
-      setIsLoading(false);
-    }
-  }, [setPreference]);
-
-  useEffect(() => {
-    checkAuthStatus();
-  }, [checkAuthStatus]);
+  const user = (session?.user as unknown as User) || null;
+  const isLoading = status === 'loading';
 
   useEffect(() => {
     if (user && user.theme) {
@@ -96,34 +25,20 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
     }
   }, [user, setPreference]);
 
-  const login = (loggedInUser: User, rememberMe?: boolean) => {
-    setUser(loggedInUser);
-    if (loggedInUser.theme) {
-      setPreference(loggedInUser.theme as ThemePreference);
-    }
-    if (rememberMe) {
-      persistRememberedUser(loggedInUser);
-    } else {
-      clearRememberedUser();
+  const value = useMemo(() => ({
+    user,
+    isLoading,
+    login: () => {
+      // The login logic is now handled by the Login page calling signIn('credentials', ...)
+      // This is a no-op to maintain compatibility with existing components
+    },
+    logout: () => {
+      signOut({ callbackUrl: '/' });
     }
-  };
-
-  const logout = async () => {
-    try {
-      await postAuthLogout();
-      setUser(null);
-      clearRememberedUser();
-      clearCsrfToken();
-    } catch (error) {
-      console.error('Abmeldung fehlgeschlagen:', error);
-      setUser(null);
-      clearRememberedUser();
-      clearCsrfToken();
-    }
-  };
+  }), [user, isLoading]);
 
   return (
-    <AuthContext.Provider value={{ user, isLoading, login, logout }}>
+    <AuthContext.Provider value={value}>
       {children}
     </AuthContext.Provider>
   );
@@ -137,3 +52,4 @@ export const useAuth = (): AuthContextType => {
   return context;
 };
 
+
diff --git a/website/src/lib/csrf.ts b/website/src/lib/csrf.ts
deleted file mode 100644
index 423e017..0000000
--- a/website/src/lib/csrf.ts
+++ /dev/null
@@ -1,61 +0,0 @@
-import { getAuthCsrf, type DtoCsrfResponse } from './api';
-
-let csrfToken: string | null = null;
-let fetchPromise: Promise<DtoCsrfResponse | null> | null = null;
-
-export const getCsrfToken = () => csrfToken;
-
-export const setCsrfToken = (token: string) => {
-    csrfToken = token;
-};
-
-export const clearCsrfToken = () => {
-    csrfToken = null;
-    fetchPromise = null;
-};
-
-export const fetchCsrfToken = async (): Promise<DtoCsrfResponse | null> => {
-    if (fetchPromise) return fetchPromise;
-
-    fetchPromise = (async () => {
-        try {
-            const { data } = await getAuthCsrf();
-            if (data?.csrf) {
-                csrfToken = data.csrf;
-                return data;
-            }
-        } catch (error) {
-            console.error('Failed to fetch CSRF token:', error);
-        } finally {
-            fetchPromise = null;
-        }
-        return null;
-    })();
-
-    return fetchPromise;
-};
-
-export const getCsrfFromCookie = (): string | null => {
-    if (typeof document === 'undefined') return null;
-    const name1 = '__Host-csrf=';
-    const name2 = 'csrf=';
-    const decodedCookie = decodeURIComponent(document.cookie);
-    const ca = decodedCookie.split(';');
-    
-    let fallbackToken: string | null = null;
-
-    for (let i = 0; i < ca.length; i++) {
-        let c = ca[i];
-        while (c.charAt(0) === ' ') {
-            c = c.substring(1);
-        }
-        // Always prioritize __Host- prefix if it exists
-        if (c.indexOf(name1) === 0) {
-            return c.substring(name1.length, c.length);
-        }
-        if (c.indexOf(name2) === 0) {
-            fallbackToken = c.substring(name2.length, c.length);
-        }
-    }
-    return fallbackToken;
-};
diff --git a/website/tsconfig.json b/website/tsconfig.json
index 7aea9eb..ae956ee 100644
--- a/website/tsconfig.json
+++ b/website/tsconfig.json
@@ -20,15 +20,10 @@
     "noUnusedParameters": false,
     "noFallthroughCasesInSwitch": true,
     "paths": {
-      "@lib/*": [
-        "./src/lib/*"
-      ],
-      "@components/*": [
-        "./src/components/*"
-      ],
-      "@routes/*": [
-        "./src/routes/*"
-      ]
+      "@/*": ["./*"],
+      "@lib/*": ["./src/lib/*"],
+      "@components/*": ["./src/components/*"],
+      "@routes/*": ["./src/routes/*"]
     },
     "allowJs": true,
     "incremental": true,

From ace1cfe1cbef27cacf766797ba3f9996fbd79d99 Mon Sep 17 00:00:00 2001
From: Francesco La Camera <fm@lacamera.org>
Date: Wed, 25 Feb 2026 00:16:53 +0100
Subject: [PATCH 3/5] fix(website): missing headers

---
 website/app/archive/page.tsx                 | 3 +++
 "website/app/d/\\[postId\\]/edit/layout.tsx" | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)
 delete mode 100644 "website/app/d/\\[postId\\]/edit/layout.tsx"

diff --git a/website/app/archive/page.tsx b/website/app/archive/page.tsx
index a646ac7..acf7477 100644
--- a/website/app/archive/page.tsx
+++ b/website/app/archive/page.tsx
@@ -131,6 +131,9 @@ function UploadDialog({ open, onClose, programs, onSuccess }: { open: boolean; o
                         module_id: String(a.module.id),
                         version: a.version,
                         comment: comment || undefined
+                    },
+                    headers: {
+                        'X-CSRF-Token': ''
                     }
                 });
 
diff --git "a/website/app/d/\\[postId\\]/edit/layout.tsx" "b/website/app/d/\\[postId\\]/edit/layout.tsx"
deleted file mode 100644
index 672fbbe..0000000
--- "a/website/app/d/\\[postId\\]/edit/layout.tsx"
+++ /dev/null
@@ -1,3 +0,0 @@
-export default function EditPostLayout({ children }: { children: React.ReactNode }) {
-  return <>{children}</>;
-}

From 6aea507cecc210a31733dcbc712d3e316dbd6df0 Mon Sep 17 00:00:00 2001
From: Francesco La Camera <fm@lacamera.org>
Date: Wed, 25 Feb 2026 00:18:20 +0100
Subject: [PATCH 4/5] chore(website): bump dependencies

---
 website/bun.lock     | 200 +++++++++++++++++++++----------------------
 website/package.json |  14 +--
 2 files changed, 106 insertions(+), 108 deletions(-)

diff --git a/website/bun.lock b/website/bun.lock
index 6642d63..8896bb9 100644
--- a/website/bun.lock
+++ b/website/bun.lock
@@ -23,18 +23,18 @@
         "zod": "^4.3.6",
       },
       "devDependencies": {
-        "@hey-api/openapi-ts": "0.92.4",
+        "@hey-api/openapi-ts": "0.93.0",
         "@types/node": "25.3.0",
-        "@types/react": "^19.2.10",
+        "@types/react": "^19.2.14",
         "@types/react-dom": "19.2.3",
-        "@typescript-eslint/eslint-plugin": "8.54.0",
-        "@typescript-eslint/parser": "8.54.0",
-        "@typescript/native-preview": "^7.0.0-dev.20260223.1",
-        "eslint": "9.39.2",
+        "@typescript-eslint/eslint-plugin": "8.56.1",
+        "@typescript-eslint/parser": "8.56.1",
+        "@typescript/native-preview": "^7.0.0-dev.20260224.1",
+        "eslint": "10.0.2",
         "eslint-config-next": "^16.1.6",
         "eslint-plugin-react-hooks": "7.0.1",
         "typescript": "^5.9.3",
-        "typescript-eslint": "8.56.0",
+        "typescript-eslint": "8.56.1",
       },
     },
   },
@@ -113,27 +113,23 @@
 
     "@eslint-community/regexpp": ["@eslint-community/regexpp@4.12.2", "", {}, "sha512-EriSTlt5OC9/7SXkRSCAhfSxxoSUgBm33OH+IkwbdpgoqsSsUg7y3uh+IICI/Qg4BBWr3U2i39RpmycbxMq4ew=="],
 
-    "@eslint/config-array": ["@eslint/config-array@0.21.1", "", { "dependencies": { "@eslint/object-schema": "^2.1.7", "debug": "^4.3.1", "minimatch": "^3.1.2" } }, "sha512-aw1gNayWpdI/jSYVgzN5pL0cfzU02GT3NBpeT/DXbx1/1x7ZKxFPd9bwrzygx/qiwIQiJ1sw/zD8qY/kRvlGHA=="],
+    "@eslint/config-array": ["@eslint/config-array@0.23.2", "", { "dependencies": { "@eslint/object-schema": "^3.0.2", "debug": "^4.3.1", "minimatch": "^10.2.1" } }, "sha512-YF+fE6LV4v5MGWRGj7G404/OZzGNepVF8fxk7jqmqo3lrza7a0uUcDnROGRBG1WFC1omYUS/Wp1f42i0M+3Q3A=="],
 
-    "@eslint/config-helpers": ["@eslint/config-helpers@0.4.2", "", { "dependencies": { "@eslint/core": "^0.17.0" } }, "sha512-gBrxN88gOIf3R7ja5K9slwNayVcZgK6SOUORm2uBzTeIEfeVaIhOpCtTox3P6R7o2jLFwLFTLnC7kU/RGcYEgw=="],
+    "@eslint/config-helpers": ["@eslint/config-helpers@0.5.2", "", { "dependencies": { "@eslint/core": "^1.1.0" } }, "sha512-a5MxrdDXEvqnIq+LisyCX6tQMPF/dSJpCfBgBauY+pNZ28yCtSsTvyTYrMhaI+LK26bVyCJfJkT0u8KIj2i1dQ=="],
 
-    "@eslint/core": ["@eslint/core@0.17.0", "", { "dependencies": { "@types/json-schema": "^7.0.15" } }, "sha512-yL/sLrpmtDaFEiUj1osRP4TI2MDz1AddJL+jZ7KSqvBuliN4xqYY54IfdN8qD8Toa6g1iloph1fxQNkjOxrrpQ=="],
+    "@eslint/core": ["@eslint/core@1.1.0", "", { "dependencies": { "@types/json-schema": "^7.0.15" } }, "sha512-/nr9K9wkr3P1EzFTdFdMoLuo1PmIxjmwvPozwoSodjNBdefGujXQUF93u1DDZpEaTuDvMsIQddsd35BwtrW9Xw=="],
 
-    "@eslint/eslintrc": ["@eslint/eslintrc@3.3.3", "", { "dependencies": { "ajv": "^6.12.4", "debug": "^4.3.2", "espree": "^10.0.1", "globals": "^14.0.0", "ignore": "^5.2.0", "import-fresh": "^3.2.1", "js-yaml": "^4.1.1", "minimatch": "^3.1.2", "strip-json-comments": "^3.1.1" } }, "sha512-Kr+LPIUVKz2qkx1HAMH8q1q6azbqBAsXJUxBl/ODDuVPX45Z9DfwB8tPjTi6nNZ8BuM3nbJxC5zCAg5elnBUTQ=="],
+    "@eslint/object-schema": ["@eslint/object-schema@3.0.2", "", {}, "sha512-HOy56KJt48Bx8KmJ+XGQNSUMT/6dZee/M54XyUyuvTvPXJmsERRvBchsUVx1UMe1WwIH49XLAczNC7V2INsuUw=="],
 
-    "@eslint/js": ["@eslint/js@9.39.2", "", {}, "sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA=="],
-
-    "@eslint/object-schema": ["@eslint/object-schema@2.1.7", "", {}, "sha512-VtAOaymWVfZcmZbp6E2mympDIHvyjXs/12LqWYjVw6qjrfF+VK+fyG33kChz3nnK+SU5/NeHOqrTEHS8sXO3OA=="],
-
-    "@eslint/plugin-kit": ["@eslint/plugin-kit@0.4.1", "", { "dependencies": { "@eslint/core": "^0.17.0", "levn": "^0.4.1" } }, "sha512-43/qtrDUokr7LJqoF2c3+RInu/t4zfrpYdoSDfYyhg52rwLV6TnOvdG4fXm7IkSB3wErkcmJS9iEhjVtOSEjjA=="],
+    "@eslint/plugin-kit": ["@eslint/plugin-kit@0.6.0", "", { "dependencies": { "@eslint/core": "^1.1.0", "levn": "^0.4.1" } }, "sha512-bIZEUzOI1jkhviX2cp5vNyXQc6olzb2ohewQubuYlMXZ2Q/XjBO0x0XhGPvc9fjSIiUN0vw+0hq53BJ4eQSJKQ=="],
 
     "@hey-api/codegen-core": ["@hey-api/codegen-core@0.7.0", "", { "dependencies": { "@hey-api/types": "0.1.3", "ansi-colors": "4.1.3", "c12": "3.3.3", "color-support": "1.1.3" }, "peerDependencies": { "typescript": ">=5.5.3" } }, "sha512-HglL4B4QwpzocE+c8qDU6XK8zMf8W8Pcv0RpFDYxHuYALWLTnpDUuEsglC7NQ4vC1maoXsBpMbmwpco0N4QviA=="],
 
-    "@hey-api/json-schema-ref-parser": ["@hey-api/json-schema-ref-parser@1.3.0", "", { "dependencies": { "@jsdevtools/ono": "7.1.3", "@types/json-schema": "7.0.15", "js-yaml": "4.1.1" } }, "sha512-3tQJ8N2egHXZjQWUeceoWrl88APWjo7gRrQ/L4HWJKnh6HowczCv7yNNFeSusPoWGV6HGdoFiCvq6UsLkrwKhg=="],
+    "@hey-api/json-schema-ref-parser": ["@hey-api/json-schema-ref-parser@1.3.1", "", { "dependencies": { "@jsdevtools/ono": "7.1.3", "@types/json-schema": "7.0.15", "js-yaml": "4.1.1" } }, "sha512-7atnpUkT8TyUPHYPLk91j/GyaqMuwTEHanLOe50Dlx0EEvNuQqFD52Yjg8x4KU0UFL1mWlyhE+sUE/wAtQ1N2A=="],
 
-    "@hey-api/openapi-ts": ["@hey-api/openapi-ts@0.92.4", "", { "dependencies": { "@hey-api/codegen-core": "0.7.0", "@hey-api/json-schema-ref-parser": "1.3.0", "@hey-api/shared": "0.2.0", "@hey-api/types": "0.1.3", "ansi-colors": "4.1.3", "color-support": "1.1.3", "commander": "14.0.3" }, "peerDependencies": { "typescript": ">=5.5.3" }, "bin": { "openapi-ts": "bin/run.js" } }, "sha512-RA3wnL7Odr5xczuS3xpvnPClgJ/K8jivK3hvD8J0m5GBuvJFkZ1A1xp+6Ve1G0BV8p4LwxwgN1Qhb+4BFsLfMg=="],
+    "@hey-api/openapi-ts": ["@hey-api/openapi-ts@0.93.0", "", { "dependencies": { "@hey-api/codegen-core": "0.7.0", "@hey-api/json-schema-ref-parser": "1.3.1", "@hey-api/shared": "0.2.1", "@hey-api/types": "0.1.3", "ansi-colors": "4.1.3", "color-support": "1.1.3", "commander": "14.0.3" }, "peerDependencies": { "typescript": ">=5.5.3" }, "bin": { "openapi-ts": "bin/run.js" } }, "sha512-LzYpKHRSasPGJFP+UvgrvlhLBa5W0roqKJKAJCTbAMpAKutC0jcWegkYXD3m85RFpBU2aXFDJrG99hf3xw1QMA=="],
 
-    "@hey-api/shared": ["@hey-api/shared@0.2.0", "", { "dependencies": { "@hey-api/codegen-core": "0.7.0", "@hey-api/json-schema-ref-parser": "1.3.0", "@hey-api/types": "0.1.3", "ansi-colors": "4.1.3", "cross-spawn": "7.0.6", "open": "11.0.0", "semver": "7.7.3" }, "peerDependencies": { "typescript": ">=5.5.3" } }, "sha512-t7C+65ES12OqAE5k6DB/y5nDuTjydtqdxf/Qe4zflVn2AzGs7hO/7KjXvGXZYnpNVF7QISAcj0LEObASU9I53Q=="],
+    "@hey-api/shared": ["@hey-api/shared@0.2.1", "", { "dependencies": { "@hey-api/codegen-core": "0.7.0", "@hey-api/json-schema-ref-parser": "1.3.1", "@hey-api/types": "0.1.3", "ansi-colors": "4.1.3", "cross-spawn": "7.0.6", "open": "11.0.0", "semver": "7.7.3" }, "peerDependencies": { "typescript": ">=5.5.3" } }, "sha512-uWI9047e9OVe3Ss+6vPMnRiixjRcjcBbdgpeq4IQymet3+wsn0+N/4RLDHBz1h57SemaxayPRUA0JOOsuC1qyA=="],
 
     "@hey-api/types": ["@hey-api/types@0.1.3", "", { "peerDependencies": { "typescript": ">=5.5.3" } }, "sha512-mZaiPOWH761yD4GjDQvtjS2ZYLu5o5pI1TVSvV/u7cmbybv51/FVtinFBeaE1kFQCKZ8OQpn2ezjLBJrKsGATw=="],
 
@@ -299,6 +295,8 @@
 
     "@types/d3-timer": ["@types/d3-timer@3.0.2", "", {}, "sha512-Ps3T8E8dZDam6fUyNiMkekK3XUsaUEik+idO9/YjPtfj2qruF8tFBXS7XhtE4iIXBLxhmLjP3SXpLhVf21I9Lw=="],
 
+    "@types/esrecurse": ["@types/esrecurse@4.3.1", "", {}, "sha512-xJBAbDifo5hpffDBuHl0Y8ywswbiAp/Wi7Y/GtAgSlZyIABppyurxVueOPE8LUQOxdlgi6Zqce7uoEpqNTeiUw=="],
+
     "@types/estree": ["@types/estree@1.0.8", "", {}, "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w=="],
 
     "@types/json-schema": ["@types/json-schema@7.0.15", "", {}, "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA=="],
@@ -311,47 +309,47 @@
 
     "@types/prop-types": ["@types/prop-types@15.7.15", "", {}, "sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw=="],
 
-    "@types/react": ["@types/react@19.2.10", "", { "dependencies": { "csstype": "^3.2.2" } }, "sha512-WPigyYuGhgZ/cTPRXB2EwUw+XvsRA3GqHlsP4qteqrnnjDrApbS7MxcGr/hke5iUoeB7E/gQtrs9I37zAJ0Vjw=="],
+    "@types/react": ["@types/react@19.2.14", "", { "dependencies": { "csstype": "^3.2.2" } }, "sha512-ilcTH/UniCkMdtexkoCN0bI7pMcJDvmQFPvuPvmEaYA/NSfFTAgdUSLAoVjaRJm7+6PvcM+q1zYOwS4wTYMF9w=="],
 
     "@types/react-dom": ["@types/react-dom@19.2.3", "", { "peerDependencies": { "@types/react": "^19.2.0" } }, "sha512-jp2L/eY6fn+KgVVQAOqYItbF0VY/YApe5Mz2F0aykSO8gx31bYCZyvSeYxCHKvzHG5eZjc+zyaS5BrBWya2+kQ=="],
 
     "@types/react-transition-group": ["@types/react-transition-group@4.4.12", "", { "peerDependencies": { "@types/react": "*" } }, "sha512-8TV6R3h2j7a91c+1DXdJi3Syo69zzIZbz7Lg5tORM5LEJG7X/E6a1V3drRyBRZq7/utz7A+c4OgYLiLcYGHG6w=="],
 
-    "@typescript-eslint/eslint-plugin": ["@typescript-eslint/eslint-plugin@8.54.0", "", { "dependencies": { "@eslint-community/regexpp": "^4.12.2", "@typescript-eslint/scope-manager": "8.54.0", "@typescript-eslint/type-utils": "8.54.0", "@typescript-eslint/utils": "8.54.0", "@typescript-eslint/visitor-keys": "8.54.0", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "@typescript-eslint/parser": "^8.54.0", "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-hAAP5io/7csFStuOmR782YmTthKBJ9ND3WVL60hcOjvtGFb+HJxH4O5huAcmcZ9v9G8P+JETiZ/G1B8MALnWZQ=="],
+    "@typescript-eslint/eslint-plugin": ["@typescript-eslint/eslint-plugin@8.56.1", "", { "dependencies": { "@eslint-community/regexpp": "^4.12.2", "@typescript-eslint/scope-manager": "8.56.1", "@typescript-eslint/type-utils": "8.56.1", "@typescript-eslint/utils": "8.56.1", "@typescript-eslint/visitor-keys": "8.56.1", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "@typescript-eslint/parser": "^8.56.1", "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-Jz9ZztpB37dNC+HU2HI28Bs9QXpzCz+y/twHOwhyrIRdbuVDxSytJNDl6z/aAKlaRIwC7y8wJdkBv7FxYGgi0A=="],
 
-    "@typescript-eslint/parser": ["@typescript-eslint/parser@8.54.0", "", { "dependencies": { "@typescript-eslint/scope-manager": "8.54.0", "@typescript-eslint/types": "8.54.0", "@typescript-eslint/typescript-estree": "8.54.0", "@typescript-eslint/visitor-keys": "8.54.0", "debug": "^4.4.3" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-BtE0k6cjwjLZoZixN0t5AKP0kSzlGu7FctRXYuPAm//aaiZhmfq1JwdYpYr1brzEspYyFeF+8XF5j2VK6oalrA=="],
+    "@typescript-eslint/parser": ["@typescript-eslint/parser@8.56.1", "", { "dependencies": { "@typescript-eslint/scope-manager": "8.56.1", "@typescript-eslint/types": "8.56.1", "@typescript-eslint/typescript-estree": "8.56.1", "@typescript-eslint/visitor-keys": "8.56.1", "debug": "^4.4.3" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-klQbnPAAiGYFyI02+znpBRLyjL4/BrBd0nyWkdC0s/6xFLkXYQ8OoRrSkqacS1ddVxf/LDyODIKbQ5TgKAf/Fg=="],
 
-    "@typescript-eslint/project-service": ["@typescript-eslint/project-service@8.54.0", "", { "dependencies": { "@typescript-eslint/tsconfig-utils": "^8.54.0", "@typescript-eslint/types": "^8.54.0", "debug": "^4.4.3" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-YPf+rvJ1s7MyiWM4uTRhE4DvBXrEV+d8oC3P9Y2eT7S+HBS0clybdMIPnhiATi9vZOYDc7OQ1L/i6ga6NFYK/g=="],
+    "@typescript-eslint/project-service": ["@typescript-eslint/project-service@8.56.1", "", { "dependencies": { "@typescript-eslint/tsconfig-utils": "^8.56.1", "@typescript-eslint/types": "^8.56.1", "debug": "^4.4.3" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-TAdqQTzHNNvlVFfR+hu2PDJrURiwKsUvxFn1M0h95BB8ah5jejas08jUWG4dBA68jDMI988IvtfdAI53JzEHOQ=="],
 
-    "@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.54.0", "", { "dependencies": { "@typescript-eslint/types": "8.54.0", "@typescript-eslint/visitor-keys": "8.54.0" } }, "sha512-27rYVQku26j/PbHYcVfRPonmOlVI6gihHtXFbTdB5sb6qA0wdAQAbyXFVarQ5t4HRojIz64IV90YtsjQSSGlQg=="],
+    "@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.1", "", { "dependencies": { "@typescript-eslint/types": "8.56.1", "@typescript-eslint/visitor-keys": "8.56.1" } }, "sha512-YAi4VDKcIZp0O4tz/haYKhmIDZFEUPOreKbfdAN3SzUDMcPhJ8QI99xQXqX+HoUVq8cs85eRKnD+rne2UAnj2w=="],
 
-    "@typescript-eslint/tsconfig-utils": ["@typescript-eslint/tsconfig-utils@8.54.0", "", { "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-dRgOyT2hPk/JwxNMZDsIXDgyl9axdJI3ogZ2XWhBPsnZUv+hPesa5iuhdYt2gzwA9t8RE5ytOJ6xB0moV0Ujvw=="],
+    "@typescript-eslint/tsconfig-utils": ["@typescript-eslint/tsconfig-utils@8.56.1", "", { "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-qOtCYzKEeyr3aR9f28mPJqBty7+DBqsdd63eO0yyDwc6vgThj2UjWfJIcsFeSucYydqcuudMOprZ+x1SpF3ZuQ=="],
 
-    "@typescript-eslint/type-utils": ["@typescript-eslint/type-utils@8.54.0", "", { "dependencies": { "@typescript-eslint/types": "8.54.0", "@typescript-eslint/typescript-estree": "8.54.0", "@typescript-eslint/utils": "8.54.0", "debug": "^4.4.3", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-hiLguxJWHjjwL6xMBwD903ciAwd7DmK30Y9Axs/etOkftC3ZNN9K44IuRD/EB08amu+Zw6W37x9RecLkOo3pMA=="],
+    "@typescript-eslint/type-utils": ["@typescript-eslint/type-utils@8.56.1", "", { "dependencies": { "@typescript-eslint/types": "8.56.1", "@typescript-eslint/typescript-estree": "8.56.1", "@typescript-eslint/utils": "8.56.1", "debug": "^4.4.3", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-yB/7dxi7MgTtGhZdaHCemf7PuwrHMenHjmzgUW1aJpO+bBU43OycnM3Wn+DdvDO/8zzA9HlhaJ0AUGuvri4oGg=="],
 
-    "@typescript-eslint/types": ["@typescript-eslint/types@8.54.0", "", {}, "sha512-PDUI9R1BVjqu7AUDsRBbKMtwmjWcn4J3le+5LpcFgWULN3LvHC5rkc9gCVxbrsrGmO1jfPybN5s6h4Jy+OnkAA=="],
+    "@typescript-eslint/types": ["@typescript-eslint/types@8.56.1", "", {}, "sha512-dbMkdIUkIkchgGDIv7KLUpa0Mda4IYjo4IAMJUZ+3xNoUXxMsk9YtKpTHSChRS85o+H9ftm51gsK1dZReY9CVw=="],
 
-    "@typescript-eslint/typescript-estree": ["@typescript-eslint/typescript-estree@8.54.0", "", { "dependencies": { "@typescript-eslint/project-service": "8.54.0", "@typescript-eslint/tsconfig-utils": "8.54.0", "@typescript-eslint/types": "8.54.0", "@typescript-eslint/visitor-keys": "8.54.0", "debug": "^4.4.3", "minimatch": "^9.0.5", "semver": "^7.7.3", "tinyglobby": "^0.2.15", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-BUwcskRaPvTk6fzVWgDPdUndLjB87KYDrN5EYGetnktoeAvPtO4ONHlAZDnj5VFnUANg0Sjm7j4usBlnoVMHwA=="],
+    "@typescript-eslint/typescript-estree": ["@typescript-eslint/typescript-estree@8.56.1", "", { "dependencies": { "@typescript-eslint/project-service": "8.56.1", "@typescript-eslint/tsconfig-utils": "8.56.1", "@typescript-eslint/types": "8.56.1", "@typescript-eslint/visitor-keys": "8.56.1", "debug": "^4.4.3", "minimatch": "^10.2.2", "semver": "^7.7.3", "tinyglobby": "^0.2.15", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-qzUL1qgalIvKWAf9C1HpvBjif+Vm6rcT5wZd4VoMb9+Km3iS3Cv9DY6dMRMDtPnwRAFyAi7YXJpTIEXLvdfPxg=="],
 
-    "@typescript-eslint/utils": ["@typescript-eslint/utils@8.54.0", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", "@typescript-eslint/scope-manager": "8.54.0", "@typescript-eslint/types": "8.54.0", "@typescript-eslint/typescript-estree": "8.54.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-9Cnda8GS57AQakvRyG0PTejJNlA2xhvyNtEVIMlDWOOeEyBkYWhGPnfrIAnqxLMTSTo6q8g12XVjjev5l1NvMA=="],
+    "@typescript-eslint/utils": ["@typescript-eslint/utils@8.56.1", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", "@typescript-eslint/scope-manager": "8.56.1", "@typescript-eslint/types": "8.56.1", "@typescript-eslint/typescript-estree": "8.56.1" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-HPAVNIME3tABJ61siYlHzSWCGtOoeP2RTIaHXFMPqjrQKCGB9OgUVdiNgH7TJS2JNIQ5qQ4RsAUDuGaGme/KOA=="],
 
-    "@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.54.0", "", { "dependencies": { "@typescript-eslint/types": "8.54.0", "eslint-visitor-keys": "^4.2.1" } }, "sha512-VFlhGSl4opC0bprJiItPQ1RfUhGDIBokcPwaFH4yiBCaNPeld/9VeXbiPO1cLyorQi1G1vL+ecBk1x8o1axORA=="],
+    "@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.1", "", { "dependencies": { "@typescript-eslint/types": "8.56.1", "eslint-visitor-keys": "^5.0.0" } }, "sha512-KiROIzYdEV85YygXw6BI/Dx4fnBlFQu6Mq4QE4MOH9fFnhohw6wX/OAvDY2/C+ut0I3RSPKenvZJIVYqJNkhEw=="],
 
-    "@typescript/native-preview": ["@typescript/native-preview@7.0.0-dev.20260223.1", "", { "optionalDependencies": { "@typescript/native-preview-darwin-arm64": "7.0.0-dev.20260223.1", "@typescript/native-preview-darwin-x64": "7.0.0-dev.20260223.1", "@typescript/native-preview-linux-arm": "7.0.0-dev.20260223.1", "@typescript/native-preview-linux-arm64": "7.0.0-dev.20260223.1", "@typescript/native-preview-linux-x64": "7.0.0-dev.20260223.1", "@typescript/native-preview-win32-arm64": "7.0.0-dev.20260223.1", "@typescript/native-preview-win32-x64": "7.0.0-dev.20260223.1" }, "bin": { "tsgo": "bin/tsgo.js" } }, "sha512-NEifR9F/0khbTQRztM4Yuxcj9dFuK9ubWIXJwLSmKMlncSp4u1fzRnlfv1vlNKKrXB7BUXoANFHpsM5BEXJ06w=="],
+    "@typescript/native-preview": ["@typescript/native-preview@7.0.0-dev.20260224.1", "", { "optionalDependencies": { "@typescript/native-preview-darwin-arm64": "7.0.0-dev.20260224.1", "@typescript/native-preview-darwin-x64": "7.0.0-dev.20260224.1", "@typescript/native-preview-linux-arm": "7.0.0-dev.20260224.1", "@typescript/native-preview-linux-arm64": "7.0.0-dev.20260224.1", "@typescript/native-preview-linux-x64": "7.0.0-dev.20260224.1", "@typescript/native-preview-win32-arm64": "7.0.0-dev.20260224.1", "@typescript/native-preview-win32-x64": "7.0.0-dev.20260224.1" }, "bin": { "tsgo": "bin/tsgo.js" } }, "sha512-PU0zBXLvz6RKxbIubT66RCnJXgScdDIhfmNMkvRhOnX/C4SZom5TFSn7BEHC3w8JPj7OSz5OYoubtV1Haty2GA=="],
 
-    "@typescript/native-preview-darwin-arm64": ["@typescript/native-preview-darwin-arm64@7.0.0-dev.20260223.1", "", { "os": "darwin", "cpu": "arm64" }, "sha512-uDvCfIGr3PR8iKBA6OCNq6w0b2WMvmtkS8KUZVy04CH8ieFsxChYStLiyFTDX4GZs9BtWKeth/7qGDZewY20sQ=="],
+    "@typescript/native-preview-darwin-arm64": ["@typescript/native-preview-darwin-arm64@7.0.0-dev.20260224.1", "", { "os": "darwin", "cpu": "arm64" }, "sha512-9VHXRhB7sM5DFqdlKaeDww8vuklgfzhYCjBazLCEnuFvb4J+rJ1DodLykc2bL+6kE8k6sdhYi3x8ipfbjtO44g=="],
 
-    "@typescript/native-preview-darwin-x64": ["@typescript/native-preview-darwin-x64@7.0.0-dev.20260223.1", "", { "os": "darwin", "cpu": "x64" }, "sha512-hOKQicSgd1DhFbsqdpC5fMgg0R46sYbbtVjfXgYTAHg/WO6whfZ2SfPy9IIzsQ/CXYUZuwoJElCnc9DTcd66+w=="],
+    "@typescript/native-preview-darwin-x64": ["@typescript/native-preview-darwin-x64@7.0.0-dev.20260224.1", "", { "os": "darwin", "cpu": "x64" }, "sha512-uCHipPRcIhHnvb7lAM29MQ1QT9pZ+uirqtH630aOMFm8VG3j8mkxVM9iGRLx829n38DMSDLjc3joCrQO3+sDcQ=="],
 
-    "@typescript/native-preview-linux-arm": ["@typescript/native-preview-linux-arm@7.0.0-dev.20260223.1", "", { "os": "linux", "cpu": "arm" }, "sha512-FVq6XjzqtLC1MVgQiumwpuW7Ug+S+WVEbvCUJQhrs8Szbf6fIFU/6+D6fOGCKzzo9SAD6zq2RNHtejBw74JSFA=="],
+    "@typescript/native-preview-linux-arm": ["@typescript/native-preview-linux-arm@7.0.0-dev.20260224.1", "", { "os": "linux", "cpu": "arm" }, "sha512-cEWSRQ8b+CXdMJvoG18IjNTvBo+qT22B5imqm6nAssMpyHHQb62PvZGnrA8mPRQNPzLpa5F956j8GwAjyP8hBQ=="],
 
-    "@typescript/native-preview-linux-arm64": ["@typescript/native-preview-linux-arm64@7.0.0-dev.20260223.1", "", { "os": "linux", "cpu": "arm64" }, "sha512-oRt0l3O/itqBEwd5rhfDAyziEzbSgWar1NShduK4n2mHWTHCI1I7mFsbSPbox2pdrqOwOr0QW8xu7xEgDWWRXA=="],
+    "@typescript/native-preview-linux-arm64": ["@typescript/native-preview-linux-arm64@7.0.0-dev.20260224.1", "", { "os": "linux", "cpu": "arm64" }, "sha512-yFEEq6hD2R70+lTogb211sPdCwz3H5hpYh0+YuKVMPsKo0oM8/jMvgjj2pyutmj/uCKLdbcJ9HP2vJ/13Szbcg=="],
 
-    "@typescript/native-preview-linux-x64": ["@typescript/native-preview-linux-x64@7.0.0-dev.20260223.1", "", { "os": "linux", "cpu": "x64" }, "sha512-qpFTW7q8Vvq1v/0bzfT8+D0wLjqydIP0qKlomrEGLlMnCCAnPodo2oLc2JCtacc40TSMZZARvhctTszCn1gWBA=="],
+    "@typescript/native-preview-linux-x64": ["@typescript/native-preview-linux-x64@7.0.0-dev.20260224.1", "", { "os": "linux", "cpu": "x64" }, "sha512-zGz5kVcCeBRheQwA4jVTAxtbLsBsTkp9AEvWK5AlyCs1rQCUQobBhtx37X4VEmxn4ekIDMxYgaZdlZb7/PGp8w=="],
 
-    "@typescript/native-preview-win32-arm64": ["@typescript/native-preview-win32-arm64@7.0.0-dev.20260223.1", "", { "os": "win32", "cpu": "arm64" }, "sha512-HHu63F8cDhgIlqFGBnqBVQn7HSiORxyT0M6yPzG4tG4gdzx+aFUdogbYily0nzN5b6NolQTrFfh3Q85UfHCHqg=="],
+    "@typescript/native-preview-win32-arm64": ["@typescript/native-preview-win32-arm64@7.0.0-dev.20260224.1", "", { "os": "win32", "cpu": "arm64" }, "sha512-A0f9ZDQqKvGk/an59HuAJuzoI/wMyrgTd69oX9gFCx7+5E/ajSdgv0Eg1Fco+nyLfT/UVM0CV3ERyWrKzx277w=="],
 
-    "@typescript/native-preview-win32-x64": ["@typescript/native-preview-win32-x64@7.0.0-dev.20260223.1", "", { "os": "win32", "cpu": "x64" }, "sha512-vSis36O5qT+vOYfei7GtfWWzvIoaNdmxa1zDypBKkGGCCHt/c5vp0pXls85+8jBVS11Ep6p7ECcHlt+R5CBaug=="],
+    "@typescript/native-preview-win32-x64": ["@typescript/native-preview-win32-x64@7.0.0-dev.20260224.1", "", { "os": "win32", "cpu": "x64" }, "sha512-Se9JrcMdVLeDYMLn+CKEV3qy1yiildb5N23USGvnC9siNFalz8tVgd589dhRP+ywDhXnbIsZiFKDrZF/7B4wSQ=="],
 
     "@unrs/resolver-binding-android-arm-eabi": ["@unrs/resolver-binding-android-arm-eabi@1.11.1", "", { "os": "android", "cpu": "arm" }, "sha512-ppLRUgHVaGRWUx0R0Ut06Mjo9gBaBkg3v/8AxusGLhsIotbBLuRk51rAzqLC8gq6NyyAojEXglNjzf6R948DNw=="],
 
@@ -391,16 +389,14 @@
 
     "@unrs/resolver-binding-win32-x64-msvc": ["@unrs/resolver-binding-win32-x64-msvc@1.11.1", "", { "os": "win32", "cpu": "x64" }, "sha512-lrW200hZdbfRtztbygyaq/6jP6AKE8qQN2KvPcJ+x7wiD038YtnYtZ82IMNJ69GJibV7bwL3y9FgK+5w/pYt6g=="],
 
-    "acorn": ["acorn@8.15.0", "", { "bin": "bin/acorn" }, "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg=="],
+    "acorn": ["acorn@8.16.0", "", { "bin": { "acorn": "bin/acorn" } }, "sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw=="],
 
     "acorn-jsx": ["acorn-jsx@5.3.2", "", { "peerDependencies": { "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" } }, "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ=="],
 
-    "ajv": ["ajv@6.12.6", "", { "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", "json-schema-traverse": "^0.4.1", "uri-js": "^4.2.2" } }, "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g=="],
+    "ajv": ["ajv@6.14.0", "", { "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", "json-schema-traverse": "^0.4.1", "uri-js": "^4.2.2" } }, "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw=="],
 
     "ansi-colors": ["ansi-colors@4.1.3", "", {}, "sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw=="],
 
-    "ansi-styles": ["ansi-styles@4.3.0", "", { "dependencies": { "color-convert": "^2.0.1" } }, "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg=="],
-
     "argparse": ["argparse@2.0.1", "", {}, "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q=="],
 
     "aria-query": ["aria-query@5.3.2", "", {}, "sha512-COROpnaoap1E2F000S62r6A60uHZnmlvomhfyT2DlTcrY1OrBKn2UhH7qn5wTC9zMvD0AY7csdPSNwKP+7WiQw=="],
@@ -433,13 +429,13 @@
 
     "babel-plugin-macros": ["babel-plugin-macros@3.1.0", "", { "dependencies": { "@babel/runtime": "^7.12.5", "cosmiconfig": "^7.0.0", "resolve": "^1.19.0" } }, "sha512-Cg7TFGpIr01vOQNODXOOaGz2NpCU5gl8x1qJFbb6hbZxR7XrcE2vtbAsTAbJ7/xwJtUuJEw8K8Zr/AE0LHlesg=="],
 
-    "balanced-match": ["balanced-match@1.0.2", "", {}, "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="],
+    "balanced-match": ["balanced-match@4.0.4", "", {}, "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA=="],
 
     "baseline-browser-mapping": ["baseline-browser-mapping@2.9.19", "", { "bin": "dist/cli.js" }, "sha512-ipDqC8FrAl/76p2SSWKSI+H9tFwm7vYqXQrItCuiVPt26Km0jS+NzSsBWAaBusvSbQcfJG+JitdMm+wZAgTYqg=="],
 
     "bezier-easing": ["bezier-easing@2.1.0", "", {}, "sha512-gbIqZ/eslnUFC1tjEvtz0sgx+xTK20wDnYMIA27VA04R7w6xxXQPZDbibjA9DTWZRA2CXtwHykkVzlCaAJAZig=="],
 
-    "brace-expansion": ["brace-expansion@1.1.12", "", { "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg=="],
+    "brace-expansion": ["brace-expansion@5.0.3", "", { "dependencies": { "balanced-match": "^4.0.2" } }, "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA=="],
 
     "braces": ["braces@3.0.3", "", { "dependencies": { "fill-range": "^7.1.1" } }, "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA=="],
 
@@ -461,8 +457,6 @@
 
     "caniuse-lite": ["caniuse-lite@1.0.30001766", "", {}, "sha512-4C0lfJ0/YPjJQHagaE9x2Elb69CIqEPZeG0anQt9SIvIoOH4a4uaRl73IavyO+0qZh6MDLH//DrXThEYKHkmYA=="],
 
-    "chalk": ["chalk@4.1.2", "", { "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" } }, "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA=="],
-
     "chokidar": ["chokidar@5.0.0", "", { "dependencies": { "readdirp": "^5.0.0" } }, "sha512-TQMmc3w+5AxjpL8iIiwebF73dRDF4fBIieAqGn9RGCWaEVwQ6Fb2cGe31Yns0RRIzii5goJ1Y7xbMwo1TxMplw=="],
 
     "citty": ["citty@0.1.6", "", { "dependencies": { "consola": "^3.2.3" } }, "sha512-tskPPKEs8D2KPafUypv2gxwJP8h/OaJmC82QQGGDQcHvXX43xF2VDACcJVmZ0EuSxkpO9Kc4MlrA3q0+FG58AQ=="],
@@ -471,10 +465,6 @@
 
     "clsx": ["clsx@2.1.1", "", {}, "sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA=="],
 
-    "color-convert": ["color-convert@2.0.1", "", { "dependencies": { "color-name": "~1.1.4" } }, "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ=="],
-
-    "color-name": ["color-name@1.1.4", "", {}, "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="],
-
     "color-support": ["color-support@1.1.3", "", { "bin": "bin.js" }, "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg=="],
 
     "commander": ["commander@14.0.3", "", {}, "sha512-H+y0Jo/T1RZ9qPP4Eh1pkcQcLRglraJaSLoyOtHxu6AapkjWVCy2Sit1QQ4x3Dng8qDlSsZEet7g5Pq06MvTgw=="],
@@ -579,7 +569,7 @@
 
     "escape-string-regexp": ["escape-string-regexp@4.0.0", "", {}, "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA=="],
 
-    "eslint": ["eslint@9.39.2", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", "@eslint/config-array": "^0.21.1", "@eslint/config-helpers": "^0.4.2", "@eslint/core": "^0.17.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "9.39.2", "@eslint/plugin-kit": "^0.4.1", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", "@humanwhocodes/retry": "^0.4.2", "@types/estree": "^1.0.6", "ajv": "^6.12.4", "chalk": "^4.0.0", "cross-spawn": "^7.0.6", "debug": "^4.3.2", "escape-string-regexp": "^4.0.0", "eslint-scope": "^8.4.0", "eslint-visitor-keys": "^4.2.1", "espree": "^10.4.0", "esquery": "^1.5.0", "esutils": "^2.0.2", "fast-deep-equal": "^3.1.3", "file-entry-cache": "^8.0.0", "find-up": "^5.0.0", "glob-parent": "^6.0.2", "ignore": "^5.2.0", "imurmurhash": "^0.1.4", "is-glob": "^4.0.0", "json-stable-stringify-without-jsonify": "^1.0.1", "lodash.merge": "^4.6.2", "minimatch": "^3.1.2", "natural-compare": "^1.4.0", "optionator": "^0.9.3" }, "peerDependencies": { "jiti": "*" }, "bin": "bin/eslint.js" }, "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw=="],
+    "eslint": ["eslint@10.0.2", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.2", "@eslint/config-array": "^0.23.2", "@eslint/config-helpers": "^0.5.2", "@eslint/core": "^1.1.0", "@eslint/plugin-kit": "^0.6.0", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", "@humanwhocodes/retry": "^0.4.2", "@types/estree": "^1.0.6", "ajv": "^6.14.0", "cross-spawn": "^7.0.6", "debug": "^4.3.2", "escape-string-regexp": "^4.0.0", "eslint-scope": "^9.1.1", "eslint-visitor-keys": "^5.0.1", "espree": "^11.1.1", "esquery": "^1.7.0", "esutils": "^2.0.2", "fast-deep-equal": "^3.1.3", "file-entry-cache": "^8.0.0", "find-up": "^5.0.0", "glob-parent": "^6.0.2", "ignore": "^5.2.0", "imurmurhash": "^0.1.4", "is-glob": "^4.0.0", "json-stable-stringify-without-jsonify": "^1.0.1", "minimatch": "^10.2.1", "natural-compare": "^1.4.0", "optionator": "^0.9.3" }, "peerDependencies": { "jiti": "*" }, "optionalPeers": ["jiti"], "bin": { "eslint": "bin/eslint.js" } }, "sha512-uYixubwmqJZH+KLVYIVKY1JQt7tysXhtj21WSvjcSmU5SVNzMus1bgLe+pAt816yQ8opKfheVVoPLqvVMGejYw=="],
 
     "eslint-config-next": ["eslint-config-next@16.1.6", "", { "dependencies": { "@next/eslint-plugin-next": "16.1.6", "eslint-import-resolver-node": "^0.3.6", "eslint-import-resolver-typescript": "^3.5.2", "eslint-plugin-import": "^2.32.0", "eslint-plugin-jsx-a11y": "^6.10.0", "eslint-plugin-react": "^7.37.0", "eslint-plugin-react-hooks": "^7.0.0", "globals": "16.4.0", "typescript-eslint": "^8.46.0" }, "peerDependencies": { "eslint": ">=9.0.0", "typescript": ">=3.3.1" }, "optionalPeers": ["typescript"] }, "sha512-vKq40io2B0XtkkNDYyleATwblNt8xuh3FWp8SpSz3pt7P01OkBFlKsJZ2mWt5WsCySlDQLckb1zMY9yE9Qy0LA=="],
 
@@ -597,11 +587,11 @@
 
     "eslint-plugin-react-hooks": ["eslint-plugin-react-hooks@7.0.1", "", { "dependencies": { "@babel/core": "^7.24.4", "@babel/parser": "^7.24.4", "hermes-parser": "^0.25.1", "zod": "^3.25.0 || ^4.0.0", "zod-validation-error": "^3.5.0 || ^4.0.0" }, "peerDependencies": { "eslint": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 || ^9.0.0" } }, "sha512-O0d0m04evaNzEPoSW+59Mezf8Qt0InfgGIBJnpC0h3NH/WjUAR7BIKUfysC6todmtiZ/A0oUVS8Gce0WhBrHsA=="],
 
-    "eslint-scope": ["eslint-scope@8.4.0", "", { "dependencies": { "esrecurse": "^4.3.0", "estraverse": "^5.2.0" } }, "sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg=="],
+    "eslint-scope": ["eslint-scope@9.1.1", "", { "dependencies": { "@types/esrecurse": "^4.3.1", "@types/estree": "^1.0.8", "esrecurse": "^4.3.0", "estraverse": "^5.2.0" } }, "sha512-GaUN0sWim5qc8KVErfPBWmc31LEsOkrUJbvJZV+xuL3u2phMUK4HIvXlWAakfC8W4nzlK+chPEAkYOYb5ZScIw=="],
 
-    "eslint-visitor-keys": ["eslint-visitor-keys@4.2.1", "", {}, "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ=="],
+    "eslint-visitor-keys": ["eslint-visitor-keys@5.0.1", "", {}, "sha512-tD40eHxA35h0PEIZNeIjkHoDR4YjjJp34biM0mDvplBe//mB+IHCqHDGV7pxF+7MklTvighcCPPZC7ynWyjdTA=="],
 
-    "espree": ["espree@10.4.0", "", { "dependencies": { "acorn": "^8.15.0", "acorn-jsx": "^5.3.2", "eslint-visitor-keys": "^4.2.1" } }, "sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ=="],
+    "espree": ["espree@11.1.1", "", { "dependencies": { "acorn": "^8.16.0", "acorn-jsx": "^5.3.2", "eslint-visitor-keys": "^5.0.1" } }, "sha512-AVHPqQoZYc+RUM4/3Ly5udlZY/U4LS8pIG05jEjWM2lQMU/oaZ7qshzAl2YP1tfNmXfftH3ohurfwNAug+MnsQ=="],
 
     "esquery": ["esquery@1.7.0", "", { "dependencies": { "estraverse": "^5.1.0" } }, "sha512-Ap6G0WQwcU/LHsvLwON1fAQX9Zp0A2Y6Y/cJBl9r/JbW90Zyg4/zbG6zzKa2OTALELarYHmKu0GhpM5EO+7T0g=="],
 
@@ -671,8 +661,6 @@
 
     "has-bigints": ["has-bigints@1.1.0", "", {}, "sha512-R3pbpkcIqv2Pm3dUwgjclDRVmWpTJW2DcMzcIhEXEx1oh/CEMObMm3KLmRJOdvhM7o4uQBnwr8pzRK2sJWIqfg=="],
 
-    "has-flag": ["has-flag@4.0.0", "", {}, "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ=="],
-
     "has-property-descriptors": ["has-property-descriptors@1.0.2", "", { "dependencies": { "es-define-property": "^1.0.0" } }, "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg=="],
 
     "has-proto": ["has-proto@1.2.0", "", { "dependencies": { "dunder-proto": "^1.0.0" } }, "sha512-KIL7eQPfHQRC8+XluaIw7BHUwwqL19bQn4hzNgdr+1wXoU0KKj6rufu47lhY7KbJR2C6T6+PfyN0Ea7wkSS+qQ=="],
@@ -805,8 +793,6 @@
 
     "locate-path": ["locate-path@6.0.0", "", { "dependencies": { "p-locate": "^5.0.0" } }, "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw=="],
 
-    "lodash.merge": ["lodash.merge@4.6.2", "", {}, "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="],
-
     "loose-envify": ["loose-envify@1.4.0", "", { "dependencies": { "js-tokens": "^3.0.0 || ^4.0.0" }, "bin": "cli.js" }, "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q=="],
 
     "lru-cache": ["lru-cache@5.1.1", "", { "dependencies": { "yallist": "^3.0.2" } }, "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w=="],
@@ -817,7 +803,7 @@
 
     "micromatch": ["micromatch@4.0.8", "", { "dependencies": { "braces": "^3.0.3", "picomatch": "^2.3.1" } }, "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA=="],
 
-    "minimatch": ["minimatch@3.1.2", "", { "dependencies": { "brace-expansion": "^1.1.7" } }, "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw=="],
+    "minimatch": ["minimatch@10.2.2", "", { "dependencies": { "brace-expansion": "^5.0.2" } }, "sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw=="],
 
     "minimist": ["minimist@1.2.8", "", {}, "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA=="],
 
@@ -1003,14 +989,10 @@
 
     "strip-bom": ["strip-bom@3.0.0", "", {}, "sha512-vavAMRXOgBVNF6nyEEmL3DBK19iRpDcoIwW+swQ+CbGiu7lju6t+JklA1MHweoWtadgt4ISVUsXLyDq34ddcwA=="],
 
-    "strip-json-comments": ["strip-json-comments@3.1.1", "", {}, "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig=="],
-
     "styled-jsx": ["styled-jsx@5.1.6", "", { "dependencies": { "client-only": "0.0.1" }, "peerDependencies": { "react": ">= 16.8.0 || 17.x.x || ^18.0.0-0 || ^19.0.0-0" } }, "sha512-qSVyDTeMotdvQYoHWLNGwRFJHC+i+ZvdBRYosOFgC+Wg1vx4frN2/RG/NA7SYqqvKNLf39P2LSRA2pu6n0XYZA=="],
 
     "stylis": ["stylis@4.2.0", "", {}, "sha512-Orov6g6BB1sDfYgzWfTHDOxamtX1bE/zo104Dh9e6fqJ3PooipYyfJ0pUmrZO2wAvO8YbEyeFrkV91XTsGMSrw=="],
 
-    "supports-color": ["supports-color@7.2.0", "", { "dependencies": { "has-flag": "^4.0.0" } }, "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw=="],
-
     "supports-preserve-symlinks-flag": ["supports-preserve-symlinks-flag@1.0.0", "", {}, "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w=="],
 
     "through": ["through@2.3.8", "", {}, "sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg=="],
@@ -1041,7 +1023,7 @@
 
     "typescript": ["typescript@5.9.3", "", { "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" } }, "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw=="],
 
-    "typescript-eslint": ["typescript-eslint@8.56.0", "", { "dependencies": { "@typescript-eslint/eslint-plugin": "8.56.0", "@typescript-eslint/parser": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/utils": "8.56.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-c7toRLrotJ9oixgdW7liukZpsnq5CZ7PuKztubGYlNppuTqhIoWfhgHo/7EU0v06gS2l/x0i2NEFK1qMIf0rIg=="],
+    "typescript-eslint": ["typescript-eslint@8.56.1", "", { "dependencies": { "@typescript-eslint/eslint-plugin": "8.56.1", "@typescript-eslint/parser": "8.56.1", "@typescript-eslint/typescript-estree": "8.56.1", "@typescript-eslint/utils": "8.56.1" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-U4lM6pjmBX7J5wk4szltF7I1cGBHXZopnAXCMXb3+fZ3B/0Z3hq3wS/CCUB2NZBNAExK92mCU2tEohWuwVMsDQ=="],
 
     "unbox-primitive": ["unbox-primitive@1.1.0", "", { "dependencies": { "call-bound": "^1.0.3", "has-bigints": "^1.0.2", "has-symbols": "^1.1.0", "which-boxed-primitive": "^1.1.1" } }, "sha512-nWJ91DjeOkej/TA8pXQ3myruKpKEYgqvpw9lz4OPHj/NWFNluYrjbz9j01CJ8yKQd2g4jFoOkINCTW2I5LEEyw=="],
 
@@ -1091,24 +1073,28 @@
 
     "@eslint-community/eslint-utils/eslint-visitor-keys": ["eslint-visitor-keys@3.4.3", "", {}, "sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag=="],
 
-    "@eslint/eslintrc/globals": ["globals@14.0.0", "", {}, "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ=="],
-
-    "@eslint/eslintrc/ignore": ["ignore@5.3.2", "", {}, "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g=="],
-
-    "@typescript-eslint/typescript-estree/minimatch": ["minimatch@9.0.5", "", { "dependencies": { "brace-expansion": "^2.0.1" } }, "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow=="],
+    "@typescript-eslint/typescript-estree/semver": ["semver@7.7.4", "", { "bin": "bin/semver.js" }, "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA=="],
 
     "duplexer2/readable-stream": ["readable-stream@2.3.8", "", { "dependencies": { "core-util-is": "~1.0.0", "inherits": "~2.0.3", "isarray": "~1.0.0", "process-nextick-args": "~2.0.0", "safe-buffer": "~5.1.1", "string_decoder": "~1.1.1", "util-deprecate": "~1.0.1" } }, "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA=="],
 
     "eslint/ignore": ["ignore@5.3.2", "", {}, "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g=="],
 
+    "eslint-config-next/typescript-eslint": ["typescript-eslint@8.56.0", "", { "dependencies": { "@typescript-eslint/eslint-plugin": "8.56.0", "@typescript-eslint/parser": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/utils": "8.56.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-c7toRLrotJ9oixgdW7liukZpsnq5CZ7PuKztubGYlNppuTqhIoWfhgHo/7EU0v06gS2l/x0i2NEFK1qMIf0rIg=="],
+
     "eslint-import-resolver-node/debug": ["debug@3.2.7", "", { "dependencies": { "ms": "^2.1.1" } }, "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ=="],
 
     "eslint-module-utils/debug": ["debug@3.2.7", "", { "dependencies": { "ms": "^2.1.1" } }, "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ=="],
 
     "eslint-plugin-import/debug": ["debug@3.2.7", "", { "dependencies": { "ms": "^2.1.1" } }, "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ=="],
 
+    "eslint-plugin-import/minimatch": ["minimatch@3.1.2", "", { "dependencies": { "brace-expansion": "^1.1.7" } }, "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw=="],
+
     "eslint-plugin-import/semver": ["semver@6.3.1", "", { "bin": "bin/semver.js" }, "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="],
 
+    "eslint-plugin-jsx-a11y/minimatch": ["minimatch@3.1.2", "", { "dependencies": { "brace-expansion": "^1.1.7" } }, "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw=="],
+
+    "eslint-plugin-react/minimatch": ["minimatch@3.1.2", "", { "dependencies": { "brace-expansion": "^1.1.7" } }, "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw=="],
+
     "eslint-plugin-react/resolve": ["resolve@2.0.0-next.6", "", { "dependencies": { "es-errors": "^1.3.0", "is-core-module": "^2.16.1", "node-exports-info": "^1.6.0", "object-keys": "^1.1.1", "path-parse": "^1.0.7", "supports-preserve-symlinks-flag": "^1.0.0" }, "bin": { "resolve": "bin/resolve" } }, "sha512-3JmVl5hMGtJ3kMmB3zi3DL25KfkCEyy3Tw7Gmw7z5w8M9WlwoPFnIvwChzu1+cF3iaK3sp18hhPz8ANeimdJfA=="],
 
     "eslint-plugin-react/semver": ["semver@6.3.1", "", { "bin": "bin/semver.js" }, "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="],
@@ -1135,68 +1121,80 @@
 
     "tsconfig-paths/json5": ["json5@1.0.2", "", { "dependencies": { "minimist": "^1.2.0" }, "bin": { "json5": "lib/cli.js" } }, "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin": ["@typescript-eslint/eslint-plugin@8.56.0", "", { "dependencies": { "@eslint-community/regexpp": "^4.12.2", "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/type-utils": "8.56.0", "@typescript-eslint/utils": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "@typescript-eslint/parser": "^8.56.0", "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-lRyPDLzNCuae71A3t9NEINBiTn7swyOhvUj3MyUOxb8x6g6vPEFoOU+ZRmGMusNC3X3YMhqMIX7i8ShqhT74Pw=="],
+    "which-builtin-type/isarray": ["isarray@2.0.5", "", {}, "sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw=="],
 
-    "typescript-eslint/@typescript-eslint/parser": ["@typescript-eslint/parser@8.56.0", "", { "dependencies": { "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "debug": "^4.4.3" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-IgSWvLobTDOjnaxAfDTIHaECbkNlAlKv2j5SjpB2v7QHKv1FIfjwMy8FsDbVfDX/KjmCmYICcw7uGaXLhtsLNg=="],
+    "xtend/object-keys": ["object-keys@0.4.0", "", {}, "sha512-ncrLw+X55z7bkl5PnUvHwFK9FcGuFYo9gtjws2XtSzL+aZ8tm830P60WJ0dSmFVaSalWieW5MD7kEdnXda9yJw=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree": ["@typescript-eslint/typescript-estree@8.56.0", "", { "dependencies": { "@typescript-eslint/project-service": "8.56.0", "@typescript-eslint/tsconfig-utils": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "debug": "^4.4.3", "minimatch": "^9.0.5", "semver": "^7.7.3", "tinyglobby": "^0.2.15", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-ex1nTUMWrseMltXUHmR2GAQ4d+WjkZCT4f+4bVsps8QEdh0vlBsaCokKTPlnqBFqqGaxilDNJG7b8dolW2m43Q=="],
+    "duplexer2/readable-stream/isarray": ["isarray@1.0.0", "", {}, "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ=="],
 
-    "typescript-eslint/@typescript-eslint/utils": ["@typescript-eslint/utils@8.56.0", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-RZ3Qsmi2nFGsS+n+kjLAYDPVlrzf7UhTffrDIKr+h2yzAlYP/y5ZulU0yeDEPItos2Ph46JAL5P/On3pe7kDIQ=="],
+    "duplexer2/readable-stream/string_decoder": ["string_decoder@1.1.1", "", { "dependencies": { "safe-buffer": "~5.1.0" } }, "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg=="],
 
-    "which-builtin-type/isarray": ["isarray@2.0.5", "", {}, "sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin": ["@typescript-eslint/eslint-plugin@8.56.0", "", { "dependencies": { "@eslint-community/regexpp": "^4.12.2", "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/type-utils": "8.56.0", "@typescript-eslint/utils": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "@typescript-eslint/parser": "^8.56.0", "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-lRyPDLzNCuae71A3t9NEINBiTn7swyOhvUj3MyUOxb8x6g6vPEFoOU+ZRmGMusNC3X3YMhqMIX7i8ShqhT74Pw=="],
 
-    "xtend/object-keys": ["object-keys@0.4.0", "", {}, "sha512-ncrLw+X55z7bkl5PnUvHwFK9FcGuFYo9gtjws2XtSzL+aZ8tm830P60WJ0dSmFVaSalWieW5MD7kEdnXda9yJw=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/parser": ["@typescript-eslint/parser@8.56.0", "", { "dependencies": { "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "debug": "^4.4.3" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-IgSWvLobTDOjnaxAfDTIHaECbkNlAlKv2j5SjpB2v7QHKv1FIfjwMy8FsDbVfDX/KjmCmYICcw7uGaXLhtsLNg=="],
 
-    "@typescript-eslint/typescript-estree/minimatch/brace-expansion": ["brace-expansion@2.0.2", "", { "dependencies": { "balanced-match": "^1.0.0" } }, "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree": ["@typescript-eslint/typescript-estree@8.56.0", "", { "dependencies": { "@typescript-eslint/project-service": "8.56.0", "@typescript-eslint/tsconfig-utils": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0", "debug": "^4.4.3", "minimatch": "^9.0.5", "semver": "^7.7.3", "tinyglobby": "^0.2.15", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-ex1nTUMWrseMltXUHmR2GAQ4d+WjkZCT4f+4bVsps8QEdh0vlBsaCokKTPlnqBFqqGaxilDNJG7b8dolW2m43Q=="],
 
-    "duplexer2/readable-stream/isarray": ["isarray@1.0.0", "", {}, "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/utils": ["@typescript-eslint/utils@8.56.0", "", { "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", "@typescript-eslint/scope-manager": "8.56.0", "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-RZ3Qsmi2nFGsS+n+kjLAYDPVlrzf7UhTffrDIKr+h2yzAlYP/y5ZulU0yeDEPItos2Ph46JAL5P/On3pe7kDIQ=="],
 
-    "duplexer2/readable-stream/string_decoder": ["string_decoder@1.1.1", "", { "dependencies": { "safe-buffer": "~5.1.0" } }, "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg=="],
+    "eslint-plugin-import/minimatch/brace-expansion": ["brace-expansion@1.1.12", "", { "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg=="],
+
+    "eslint-plugin-jsx-a11y/minimatch/brace-expansion": ["brace-expansion@1.1.12", "", { "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg=="],
+
+    "eslint-plugin-react/minimatch/brace-expansion": ["brace-expansion@1.1.12", "", { "dependencies": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" } }, "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg=="],
+
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
+
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/type-utils": ["@typescript-eslint/type-utils@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/utils": "8.56.0", "debug": "^4.4.3", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-qX2L3HWOU2nuDs6GzglBeuFXviDODreS58tLY/BALPC7iu3Fa+J7EOTwnX9PdNBxUI7Uh0ntP0YWGnxCkXzmfA=="],
+
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
+
+    "eslint-config-next/typescript-eslint/@typescript-eslint/parser/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/parser/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/type-utils": ["@typescript-eslint/type-utils@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/typescript-estree": "8.56.0", "@typescript-eslint/utils": "8.56.0", "debug": "^4.4.3", "ts-api-utils": "^2.4.0" }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-qX2L3HWOU2nuDs6GzglBeuFXviDODreS58tLY/BALPC7iu3Fa+J7EOTwnX9PdNBxUI7Uh0ntP0YWGnxCkXzmfA=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/parser/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/project-service": ["@typescript-eslint/project-service@8.56.0", "", { "dependencies": { "@typescript-eslint/tsconfig-utils": "^8.56.0", "@typescript-eslint/types": "^8.56.0", "debug": "^4.4.3" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-M3rnyL1vIQOMeWxTWIW096/TtVP+8W3p/XnaFflhmcFp+U4zlxUxWj4XwNs6HbDeTtN4yun0GNTTDBw/SvufKg=="],
 
-    "typescript-eslint/@typescript-eslint/parser/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/tsconfig-utils": ["@typescript-eslint/tsconfig-utils@8.56.0", "", { "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-bSJoIIt4o3lKXD3xmDh9chZcjCz5Lk8xS7Rxn+6l5/pKrDpkCwtQNQQwZ2qRPk7TkUYhrq3WPIHXOXlbXP0itg=="],
 
-    "typescript-eslint/@typescript-eslint/parser/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/parser/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/project-service": ["@typescript-eslint/project-service@8.56.0", "", { "dependencies": { "@typescript-eslint/tsconfig-utils": "^8.56.0", "@typescript-eslint/types": "^8.56.0", "debug": "^4.4.3" }, "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-M3rnyL1vIQOMeWxTWIW096/TtVP+8W3p/XnaFflhmcFp+U4zlxUxWj4XwNs6HbDeTtN4yun0GNTTDBw/SvufKg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/minimatch": ["minimatch@9.0.5", "", { "dependencies": { "brace-expansion": "^2.0.1" } }, "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/tsconfig-utils": ["@typescript-eslint/tsconfig-utils@8.56.0", "", { "peerDependencies": { "typescript": ">=4.8.4 <6.0.0" } }, "sha512-bSJoIIt4o3lKXD3xmDh9chZcjCz5Lk8xS7Rxn+6l5/pKrDpkCwtQNQQwZ2qRPk7TkUYhrq3WPIHXOXlbXP0itg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/semver": ["semver@7.7.4", "", { "bin": "bin/semver.js" }, "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/utils/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/minimatch": ["minimatch@9.0.5", "", { "dependencies": { "brace-expansion": "^2.0.1" } }, "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow=="],
+    "eslint-plugin-import/minimatch/brace-expansion/balanced-match": ["balanced-match@1.0.2", "", {}, "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/semver": ["semver@7.7.4", "", { "bin": "bin/semver.js" }, "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA=="],
+    "eslint-plugin-jsx-a11y/minimatch/brace-expansion/balanced-match": ["balanced-match@1.0.2", "", {}, "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="],
 
-    "typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager": ["@typescript-eslint/scope-manager@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "@typescript-eslint/visitor-keys": "8.56.0" } }, "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w=="],
+    "eslint-plugin-react/minimatch/brace-expansion/balanced-match": ["balanced-match@1.0.2", "", {}, "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="],
 
-    "typescript-eslint/@typescript-eslint/utils/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/scope-manager/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/scope-manager/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/type-utils/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/type-utils/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys/@typescript-eslint/types": ["@typescript-eslint/types@8.56.0", "", {}, "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
 
-    "typescript-eslint/@typescript-eslint/eslint-plugin/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/parser/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
 
-    "typescript-eslint/@typescript-eslint/parser/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/minimatch/brace-expansion": ["brace-expansion@2.0.2", "", { "dependencies": { "balanced-match": "^1.0.0" } }, "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ=="],
 
-    "typescript-eslint/@typescript-eslint/typescript-estree/minimatch/brace-expansion": ["brace-expansion@2.0.2", "", { "dependencies": { "balanced-match": "^1.0.0" } }, "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
 
-    "typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager/@typescript-eslint/visitor-keys": ["@typescript-eslint/visitor-keys@8.56.0", "", { "dependencies": { "@typescript-eslint/types": "8.56.0", "eslint-visitor-keys": "^5.0.0" } }, "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/typescript-estree/minimatch/brace-expansion/balanced-match": ["balanced-match@1.0.2", "", {}, "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="],
 
-    "typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
+    "eslint-config-next/typescript-eslint/@typescript-eslint/utils/@typescript-eslint/scope-manager/@typescript-eslint/visitor-keys/eslint-visitor-keys": ["eslint-visitor-keys@5.0.0", "", {}, "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q=="],
   }
 }
diff --git a/website/package.json b/website/package.json
index 71ce27f..6b1b923 100644
--- a/website/package.json
+++ b/website/package.json
@@ -30,17 +30,17 @@
     "zod": "^4.3.6"
   },
   "devDependencies": {
-    "@hey-api/openapi-ts": "0.92.4",
+    "@hey-api/openapi-ts": "0.93.0",
     "@types/node": "25.3.0",
-    "@types/react": "^19.2.10",
+    "@types/react": "^19.2.14",
     "@types/react-dom": "19.2.3",
-    "@typescript-eslint/eslint-plugin": "8.54.0",
-    "@typescript-eslint/parser": "8.54.0",
-    "@typescript/native-preview": "^7.0.0-dev.20260223.1",
-    "eslint": "9.39.2",
+    "@typescript-eslint/eslint-plugin": "8.56.1",
+    "@typescript-eslint/parser": "8.56.1",
+    "@typescript/native-preview": "^7.0.0-dev.20260224.1",
+    "eslint": "10.0.2",
     "eslint-config-next": "^16.1.6",
     "eslint-plugin-react-hooks": "7.0.1",
     "typescript": "^5.9.3",
-    "typescript-eslint": "8.56.0"
+    "typescript-eslint": "8.56.1"
   }
 }

From f67c0db6f0c43b012c211b16c6363ae8b242de00 Mon Sep 17 00:00:00 2001
From: Francesco La Camera <fm@lacamera.org>
Date: Wed, 25 Feb 2026 00:19:16 +0100
Subject: [PATCH 5/5] chore(website): regenerate api sdk

---
 website/src/lib/api/client/types.gen.ts |   1 +
 website/src/lib/api/zod.gen.ts          | 600 ++++++++++++------------
 2 files changed, 301 insertions(+), 300 deletions(-)

diff --git a/website/src/lib/api/client/types.gen.ts b/website/src/lib/api/client/types.gen.ts
index cb6d0d5..a3f8616 100644
--- a/website/src/lib/api/client/types.gen.ts
+++ b/website/src/lib/api/client/types.gen.ts
@@ -66,6 +66,7 @@ export interface RequestOptions<
     }>,
     Pick<
       ServerSentEventsOptions<TData>,
+      | 'onRequest'
       | 'onSseError'
       | 'onSseEvent'
       | 'sseDefaultRetryDelay'
diff --git a/website/src/lib/api/zod.gen.ts b/website/src/lib/api/zod.gen.ts
index 8a7a6a0..799cfc8 100644
--- a/website/src/lib/api/zod.gen.ts
+++ b/website/src/lib/api/zod.gen.ts
@@ -3,74 +3,74 @@
 import * as z from 'zod';
 
 export const zDtoActivityResponse = z.object({
-    created_at: z.optional(z.string()),
-    id: z.optional(z.string()),
-    target_id: z.optional(z.string()),
-    target_name: z.optional(z.string()),
-    type: z.optional(z.string()),
-    user_id: z.optional(z.string()),
-    user_name: z.optional(z.string())
+    created_at: z.string().optional(),
+    id: z.string().optional(),
+    target_id: z.string().optional(),
+    target_name: z.string().optional(),
+    type: z.string().optional(),
+    user_id: z.string().optional(),
+    user_name: z.string().optional()
 });
 
 export const zDtoAdminStatsResponse = z.object({
-    activity_count: z.optional(z.int()),
-    archive_count: z.optional(z.int()),
-    event_count: z.optional(z.int()),
-    module_count: z.optional(z.int()),
-    post_count: z.optional(z.int()),
-    program_count: z.optional(z.int()),
-    session_count: z.optional(z.int()),
-    user_count: z.optional(z.int())
+    activity_count: z.int().optional(),
+    archive_count: z.int().optional(),
+    event_count: z.int().optional(),
+    module_count: z.int().optional(),
+    post_count: z.int().optional(),
+    program_count: z.int().optional(),
+    session_count: z.int().optional(),
+    user_count: z.int().optional()
 });
 
 export const zDtoArchiveEntryResponse = z.object({
-    comment: z.optional(z.string()),
-    created_at: z.optional(z.string()),
-    edit_version: z.optional(z.int()),
-    exam_date: z.optional(z.string()),
-    file_id: z.optional(z.string()),
-    id: z.optional(z.string()),
-    module_id: z.optional(z.string()),
-    module_name: z.optional(z.string()),
-    program_id: z.optional(z.string()),
-    uploader_name: z.optional(z.string()),
-    version: z.optional(z.string())
+    comment: z.string().optional(),
+    created_at: z.string().optional(),
+    edit_version: z.int().optional(),
+    exam_date: z.string().optional(),
+    file_id: z.string().optional(),
+    id: z.string().optional(),
+    module_id: z.string().optional(),
+    module_name: z.string().optional(),
+    program_id: z.string().optional(),
+    uploader_name: z.string().optional(),
+    version: z.string().optional()
 });
 
 export const zDtoDashboardTrendItem = z.object({
-    count: z.optional(z.int()),
-    date: z.optional(z.string())
+    count: z.int().optional(),
+    date: z.string().optional()
 });
 
 export const zDtoDiscussionCommentRequest = z.object({
-    parent_id: z.optional(z.string()),
+    parent_id: z.string().optional(),
     text: z.string().min(1).max(2000)
 });
 
 export const zDtoDiscussionCommentResponse = z.object({
-    created_at: z.optional(z.string()),
-    id: z.optional(z.string()),
-    parent_id: z.optional(z.string()),
-    post_id: z.optional(z.string()),
-    text: z.optional(z.string()),
-    updated_at: z.optional(z.string()),
-    user_avatar_url: z.optional(z.string()),
-    user_id: z.optional(z.string()),
-    user_name: z.optional(z.string()),
-    user_vote: z.optional(z.int()),
-    votes: z.optional(z.int())
+    created_at: z.string().optional(),
+    id: z.string().optional(),
+    parent_id: z.string().optional(),
+    post_id: z.string().optional(),
+    text: z.string().optional(),
+    updated_at: z.string().optional(),
+    user_avatar_url: z.string().optional(),
+    user_id: z.string().optional(),
+    user_name: z.string().optional(),
+    user_vote: z.int().optional(),
+    votes: z.int().optional()
 });
 
 export const zDtoErrorResponse = z.object({
-    error: z.optional(z.string()),
-    message: z.optional(z.string())
+    error: z.string().optional(),
+    message: z.string().optional()
 });
 
 export const zDtoEventResponse = z.object({
-    cover_path: z.optional(z.string()),
-    created_at: z.optional(z.string()),
-    id: z.optional(z.string()),
-    title: z.optional(z.string())
+    cover_path: z.string().optional(),
+    created_at: z.string().optional(),
+    id: z.string().optional(),
+    title: z.string().optional()
 });
 
 export const zDtoForgotPasswordRequest = z.object({
@@ -78,134 +78,134 @@ export const zDtoForgotPasswordRequest = z.object({
 });
 
 export const zDtoLink = z.object({
-    label: z.optional(z.string()),
-    url: z.optional(z.string())
+    label: z.string().optional(),
+    url: z.string().optional()
 });
 
 export const zDtoCreateDiscussionPostRequest = z.object({
     body: z.string().min(10).max(10000),
-    event_date: z.optional(z.string()),
-    image_url: z.optional(z.string()),
-    links: z.optional(z.array(zDtoLink)),
-    location: z.optional(z.string()),
-    pinned: z.optional(z.boolean()),
-    programs: z.optional(z.array(z.string())),
-    tags: z.optional(z.array(z.string())),
+    event_date: z.string().optional(),
+    image_url: z.string().optional(),
+    links: z.array(zDtoLink).optional(),
+    location: z.string().optional(),
+    pinned: z.boolean().optional(),
+    programs: z.array(z.string()).optional(),
+    tags: z.array(z.string()).optional(),
     title: z.string().min(3).max(255),
-    type: z.optional(z.enum([
+    type: z.enum([
         'discussion',
         'news',
         'event'
-    ]))
+    ]).optional()
 });
 
 export const zDtoLoginRequest = z.object({
     email: z.string(),
     password: z.string().min(8).max(72),
-    remember: z.optional(z.boolean())
+    remember: z.boolean().optional()
 });
 
 export const zDtoMediaResponse = z.object({
-    created_at: z.optional(z.string()),
-    description: z.optional(z.string()),
-    event_id: z.optional(z.string()),
-    id: z.optional(z.string()),
-    mime_type: z.optional(z.string()),
-    title: z.optional(z.string()),
-    uploader_name: z.optional(z.string())
+    created_at: z.string().optional(),
+    description: z.string().optional(),
+    event_id: z.string().optional(),
+    id: z.string().optional(),
+    mime_type: z.string().optional(),
+    title: z.string().optional(),
+    uploader_name: z.string().optional()
 });
 
 export const zDtoModuleResponse = z.object({
-    alias: z.optional(z.string()),
-    id: z.optional(z.string()),
-    name: z.optional(z.string()),
-    program_id: z.optional(z.string())
+    alias: z.string().optional(),
+    id: z.string().optional(),
+    name: z.string().optional(),
+    program_id: z.string().optional()
 });
 
 export const zDtoNotificationResponse = z.object({
-    created_at: z.optional(z.string()),
-    id: z.optional(z.string()),
-    link: z.optional(z.string()),
-    message: z.optional(z.string()),
-    read: z.optional(z.boolean()),
-    title: z.optional(z.string()),
-    type: z.optional(z.string()),
-    user_id: z.optional(z.string())
+    created_at: z.string().optional(),
+    id: z.string().optional(),
+    link: z.string().optional(),
+    message: z.string().optional(),
+    read: z.boolean().optional(),
+    title: z.string().optional(),
+    type: z.string().optional(),
+    user_id: z.string().optional()
 });
 
 export const zDtoOfficeStatusResponse = z.object({
-    occupied: z.optional(z.boolean())
+    occupied: z.boolean().optional()
 });
 
 export const zDtoPostProgramResponse = z.object({
-    id: z.optional(z.string()),
-    name: z.optional(z.string())
+    id: z.string().optional(),
+    name: z.string().optional()
 });
 
 export const zDtoDiscussionPostResponse = z.object({
-    body: z.optional(z.string()),
-    comment_count: z.optional(z.int()),
-    created_at: z.optional(z.string()),
-    event_date: z.optional(z.string()),
-    id: z.optional(z.string()),
-    image_url: z.optional(z.string()),
-    links: z.optional(z.array(zDtoLink)),
-    location: z.optional(z.string()),
-    pinned: z.optional(z.int()),
-    programs: z.optional(z.array(zDtoPostProgramResponse)),
-    tags: z.optional(z.array(z.string())),
-    title: z.optional(z.string()),
-    type: z.optional(z.string()),
-    updated_at: z.optional(z.string()),
-    user_avatar_url: z.optional(z.string()),
-    user_id: z.optional(z.string()),
-    user_name: z.optional(z.string()),
-    user_vote: z.optional(z.int()),
-    votes: z.optional(z.int())
+    body: z.string().optional(),
+    comment_count: z.int().optional(),
+    created_at: z.string().optional(),
+    event_date: z.string().optional(),
+    id: z.string().optional(),
+    image_url: z.string().optional(),
+    links: z.array(zDtoLink).optional(),
+    location: z.string().optional(),
+    pinned: z.int().optional(),
+    programs: z.array(zDtoPostProgramResponse).optional(),
+    tags: z.array(z.string()).optional(),
+    title: z.string().optional(),
+    type: z.string().optional(),
+    updated_at: z.string().optional(),
+    user_avatar_url: z.string().optional(),
+    user_id: z.string().optional(),
+    user_name: z.string().optional(),
+    user_vote: z.int().optional(),
+    votes: z.int().optional()
 });
 
 export const zDtoProgramDistributionItem = z.object({
-    name: z.optional(z.string()),
-    value: z.optional(z.int())
+    name: z.string().optional(),
+    value: z.int().optional()
 });
 
 export const zDtoAdminDashboardResponse = z.object({
-    activity_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    discussion_growth_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    exam_growth_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    module_growth_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    program_distribution: z.optional(z.array(zDtoProgramDistributionItem)),
-    program_growth_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    recent_activities: z.optional(z.array(zDtoActivityResponse)),
-    session_trend: z.optional(z.array(zDtoDashboardTrendItem)),
-    stats: z.optional(zDtoAdminStatsResponse),
-    user_growth_trend: z.optional(z.array(zDtoDashboardTrendItem))
+    activity_trend: z.array(zDtoDashboardTrendItem).optional(),
+    discussion_growth_trend: z.array(zDtoDashboardTrendItem).optional(),
+    exam_growth_trend: z.array(zDtoDashboardTrendItem).optional(),
+    module_growth_trend: z.array(zDtoDashboardTrendItem).optional(),
+    program_distribution: z.array(zDtoProgramDistributionItem).optional(),
+    program_growth_trend: z.array(zDtoDashboardTrendItem).optional(),
+    recent_activities: z.array(zDtoActivityResponse).optional(),
+    session_trend: z.array(zDtoDashboardTrendItem).optional(),
+    stats: zDtoAdminStatsResponse.optional(),
+    user_growth_trend: z.array(zDtoDashboardTrendItem).optional()
 });
 
 export const zDtoProgramResponse = z.object({
-    id: z.optional(z.string()),
-    name: z.optional(z.string()),
-    versions: z.optional(z.array(z.string()))
+    id: z.string().optional(),
+    name: z.string().optional(),
+    versions: z.array(z.string()).optional()
 });
 
 export const zDtoPublicUserResponse = z.object({
-    active: z.optional(z.int()),
-    avatar_url: z.optional(z.string()),
-    created_at: z.optional(z.string()),
-    id: z.optional(z.string()),
-    name: z.optional(z.string()),
-    private: z.optional(z.int()),
-    program_id: z.optional(z.string()),
-    role: z.optional(z.string()),
-    theme: z.optional(z.string()),
-    verified: z.optional(z.int())
+    active: z.int().optional(),
+    avatar_url: z.string().optional(),
+    created_at: z.string().optional(),
+    id: z.string().optional(),
+    name: z.string().optional(),
+    private: z.int().optional(),
+    program_id: z.string().optional(),
+    role: z.string().optional(),
+    theme: z.string().optional(),
+    verified: z.int().optional()
 });
 
 export const zDtoRegisterRequest = z.object({
     email: z.string(),
     name: z.string().min(2).max(64),
     password: z.string().min(8).max(72),
-    program_id: z.optional(z.string())
+    program_id: z.string().optional()
 });
 
 export const zDtoResetPasswordRequest = z.object({
@@ -214,28 +214,28 @@ export const zDtoResetPasswordRequest = z.object({
 });
 
 export const zDtoSearchResult = z.object({
-    id: z.optional(z.string()),
-    subtitle: z.optional(z.string()),
-    title: z.optional(z.string()),
-    type: z.optional(z.string()),
-    url: z.optional(z.string())
+    id: z.string().optional(),
+    subtitle: z.string().optional(),
+    title: z.string().optional(),
+    type: z.string().optional(),
+    url: z.string().optional()
 });
 
 export const zDtoUpdateArchiveEntryRequest = z.object({
-    comment: z.optional(z.string().max(1000)),
+    comment: z.string().max(1000).optional(),
     date: z.string(),
     module_id: z.string(),
     version: z.string().min(2).max(32)
 });
 
 export const zDtoUpdateOfficeStatusRequest = z.object({
-    occupied: z.optional(z.boolean())
+    occupied: z.boolean().optional()
 });
 
 export const zDtoUpdateProfileRequest = z.object({
     name: z.string().min(2).max(64),
-    private: z.optional(z.boolean()),
-    program_id: z.optional(z.string()),
+    private: z.boolean().optional(),
+    program_id: z.string().optional(),
     theme: z.enum([
         'light',
         'dark',
@@ -244,34 +244,34 @@ export const zDtoUpdateProfileRequest = z.object({
 });
 
 export const zDtoUserResponse = z.object({
-    active: z.optional(z.int()),
-    avatar_url: z.optional(z.string()),
-    created_at: z.optional(z.string()),
-    email: z.optional(z.string()),
-    id: z.optional(z.string()),
-    name: z.optional(z.string()),
-    private: z.optional(z.int()),
-    program_id: z.optional(z.string()),
-    role: z.optional(z.string()),
-    theme: z.optional(z.string()),
-    verified: z.optional(z.int())
+    active: z.int().optional(),
+    avatar_url: z.string().optional(),
+    created_at: z.string().optional(),
+    email: z.string().optional(),
+    id: z.string().optional(),
+    name: z.string().optional(),
+    private: z.int().optional(),
+    program_id: z.string().optional(),
+    role: z.string().optional(),
+    theme: z.string().optional(),
+    verified: z.int().optional()
 });
 
 export const zDtoVoteRequest = z.object({
-    vote: z.optional(z.union([
+    vote: z.union([
         z.literal(1),
         z.literal(-1),
         z.literal(0)
-    ]))
+    ]).optional()
 });
 
 export const zGetActivitiesData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.object({
-        limit: z.optional(z.int()),
-        offset: z.optional(z.int())
-    }))
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.object({
+        limit: z.int().optional(),
+        offset: z.int().optional()
+    }).optional()
 });
 
 /**
@@ -280,9 +280,9 @@ export const zGetActivitiesData = z.object({
 export const zGetActivitiesResponse = z.array(zDtoActivityResponse);
 
 export const zGetAdminDashboardData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -292,8 +292,8 @@ export const zGetAdminDashboardResponse = zDtoAdminDashboardResponse;
 
 export const zPostAdminModulesData = z.object({
     body: zDtoModuleResponse,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -303,8 +303,8 @@ export const zPostAdminModulesResponse = zDtoModuleResponse;
 
 export const zPostAdminProgramsData = z.object({
     body: zDtoProgramResponse,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -313,9 +313,9 @@ export const zPostAdminProgramsData = z.object({
 export const zPostAdminProgramsResponse = zDtoProgramResponse;
 
 export const zGetAdminRefDiscussionTypesData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -324,9 +324,9 @@ export const zGetAdminRefDiscussionTypesData = z.object({
 export const zGetAdminRefDiscussionTypesResponse = z.array(z.string());
 
 export const zGetAdminRefRolesData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -335,9 +335,9 @@ export const zGetAdminRefRolesData = z.object({
 export const zGetAdminRefRolesResponse = z.array(z.string());
 
 export const zGetAdminStatsData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -346,13 +346,13 @@ export const zGetAdminStatsData = z.object({
 export const zGetAdminStatsResponse = zDtoAdminStatsResponse;
 
 export const zGetArchiveData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.object({
-        program_id: z.optional(z.string()),
-        version: z.optional(z.string()),
-        module_id: z.optional(z.string())
-    }))
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.object({
+        program_id: z.string().optional(),
+        version: z.string().optional(),
+        module_id: z.string().optional()
+    }).optional()
 });
 
 /**
@@ -363,14 +363,14 @@ export const zGetArchiveResponse = z.array(zDtoArchiveEntryResponse);
 export const zPostArchiveData = z.object({
     body: z.object({
         file: z.string(),
-        date: z.optional(z.string()),
-        module_id: z.optional(z.string()),
-        version: z.optional(z.string()),
-        group_id: z.optional(z.string()),
-        comment: z.optional(z.string())
+        date: z.string().optional(),
+        module_id: z.string().optional(),
+        version: z.string().optional(),
+        group_id: z.string().optional(),
+        comment: z.string().optional()
     }),
-    path: z.optional(z.never()),
-    query: z.optional(z.never()),
+    path: z.never().optional(),
+    query: z.never().optional(),
     headers: z.object({
         'X-CSRF-Token': z.string()
     })
@@ -382,19 +382,19 @@ export const zPostArchiveData = z.object({
 export const zPostArchiveResponse = zDtoArchiveEntryResponse;
 
 export const zDeleteArchiveIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         entryId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zGetArchiveIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         entryId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -407,7 +407,7 @@ export const zPutArchiveIdData = z.object({
     path: z.object({
         entryId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -416,21 +416,21 @@ export const zPutArchiveIdData = z.object({
 export const zPutArchiveIdResponse = zDtoArchiveEntryResponse;
 
 export const zGetArchiveFileData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         entryId: z.string()
     }),
-    query: z.optional(z.object({
-        file_id: z.optional(z.string())
-    }))
+    query: z.object({
+        file_id: z.string().optional()
+    }).optional()
 });
 
 export const zGetArchiveVersionsData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         entryId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -439,34 +439,34 @@ export const zGetArchiveVersionsData = z.object({
 export const zGetArchiveVersionsResponse = z.array(zDtoArchiveEntryResponse);
 
 export const zDeleteArchiveFileData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         fileId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zGetAuthAvatarsByUserIdByFilenameData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         userId: z.string(),
         filename: z.string()
     }),
-    query: z.optional(z.object({
-        size: z.optional(z.int())
-    }))
+    query: z.object({
+        size: z.int().optional()
+    }).optional()
 });
 
 export const zPostAuthForgotData = z.object({
     body: zDtoForgotPasswordRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 export const zPostAuthLoginData = z.object({
     body: zDtoLoginRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -475,9 +475,9 @@ export const zPostAuthLoginData = z.object({
 export const zPostAuthLoginResponse = zDtoUserResponse;
 
 export const zGetAuthMeData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -487,8 +487,8 @@ export const zGetAuthMeResponse = zDtoUserResponse;
 
 export const zPutAuthMeData = z.object({
     body: zDtoUpdateProfileRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -500,8 +500,8 @@ export const zPostAuthMeAvatarData = z.object({
     body: z.object({
         file: z.string()
     }),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -510,9 +510,9 @@ export const zPostAuthMeAvatarData = z.object({
 export const zPostAuthMeAvatarResponse = zDtoUserResponse;
 
 export const zGetAuthNotificationsData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -521,11 +521,11 @@ export const zGetAuthNotificationsData = z.object({
 export const zGetAuthNotificationsResponse = z.array(zDtoNotificationResponse);
 
 export const zPutAuthNotificationsIdReadData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         notificationId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -534,15 +534,15 @@ export const zPutAuthNotificationsIdReadData = z.object({
 export const zPutAuthNotificationsIdReadResponse = zDtoNotificationResponse;
 
 export const zPutAuthNotificationsReadAllData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 export const zPostAuthRegisterData = z.object({
     body: zDtoRegisterRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -552,8 +552,8 @@ export const zPostAuthRegisterResponse = zDtoUserResponse;
 
 export const zPostAuthResetData = z.object({
     body: zDtoResetPasswordRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -562,24 +562,24 @@ export const zPostAuthResetData = z.object({
 export const zPostAuthResetResponse = zDtoUserResponse;
 
 export const zGetAuthVerifyData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
+    body: z.never().optional(),
+    path: z.never().optional(),
     query: z.object({
         token: z.string()
     })
 });
 
 export const zGetDiscussionsData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.object({
-        type: z.optional(z.string()),
-        program_id: z.optional(z.string()),
-        query: z.optional(z.string()),
-        sort: z.optional(z.string()),
-        limit: z.optional(z.int()),
-        offset: z.optional(z.int())
-    }))
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.object({
+        type: z.string().optional(),
+        program_id: z.string().optional(),
+        query: z.string().optional(),
+        sort: z.string().optional(),
+        limit: z.int().optional(),
+        offset: z.int().optional()
+    }).optional()
 });
 
 /**
@@ -589,8 +589,8 @@ export const zGetDiscussionsResponse = z.array(zDtoDiscussionPostResponse);
 
 export const zPostDiscussionsData = z.object({
     body: zDtoCreateDiscussionPostRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -599,19 +599,19 @@ export const zPostDiscussionsData = z.object({
 export const zPostDiscussionsResponse = zDtoDiscussionPostResponse;
 
 export const zDeleteDiscussionsByPostIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zGetDiscussionsByPostIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -624,7 +624,7 @@ export const zPutDiscussionsByPostIdData = z.object({
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -633,11 +633,11 @@ export const zPutDiscussionsByPostIdData = z.object({
 export const zPutDiscussionsByPostIdResponse = zDtoDiscussionPostResponse;
 
 export const zGetDiscussionsByPostIdCommentsData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -650,7 +650,7 @@ export const zPostDiscussionsByPostIdCommentsData = z.object({
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -663,7 +663,7 @@ export const zPostDiscussionsByPostIdVoteData = z.object({
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zPutDiscussionsCommentsByCommentIdData = z.object({
@@ -671,7 +671,7 @@ export const zPutDiscussionsCommentsByCommentIdData = z.object({
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -684,13 +684,13 @@ export const zPostDiscussionsCommentsByCommentIdVoteData = z.object({
     path: z.object({
         id: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zGetEventsData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -701,10 +701,10 @@ export const zGetEventsResponse = z.array(zDtoEventResponse);
 export const zPostEventsData = z.object({
     body: z.object({
         title: z.string(),
-        file: z.optional(z.string())
+        file: z.string().optional()
     }),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -713,11 +713,11 @@ export const zPostEventsData = z.object({
 export const zPostEventsResponse = zDtoEventResponse;
 
 export const zGetEventsByEventIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         eventId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -726,21 +726,21 @@ export const zGetEventsByEventIdData = z.object({
 export const zGetEventsByEventIdResponse = zDtoEventResponse;
 
 export const zGetEventsByEventIdCoverData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         eventId: z.string()
     }),
-    query: z.optional(z.object({
-        size: z.optional(z.int())
-    }))
+    query: z.object({
+        size: z.int().optional()
+    }).optional()
 });
 
 export const zGetEventsByEventIdMediaData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         eventId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -750,14 +750,14 @@ export const zGetEventsByEventIdMediaResponse = z.array(zDtoMediaResponse);
 
 export const zPostEventsByEventIdMediaData = z.object({
     body: z.object({
-        title: z.optional(z.string()),
-        description: z.optional(z.string()),
+        title: z.string().optional(),
+        description: z.string().optional(),
         file: z.string()
     }),
     path: z.object({
         eventId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -766,11 +766,11 @@ export const zPostEventsByEventIdMediaData = z.object({
 export const zPostEventsByEventIdMediaResponse = zDtoMediaResponse;
 
 export const zGetMediaByMediaIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         mediaId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -779,27 +779,27 @@ export const zGetMediaByMediaIdData = z.object({
 export const zGetMediaByMediaIdResponse = zDtoMediaResponse;
 
 export const zGetMediaByMediaIdFileData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         mediaId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 export const zGetMediaByMediaIdPreviewData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         mediaId: z.string()
     }),
-    query: z.optional(z.object({
-        size: z.optional(z.int())
-    }))
+    query: z.object({
+        size: z.int().optional()
+    }).optional()
 });
 
 export const zGetOfficeStatusData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -809,8 +809,8 @@ export const zGetOfficeStatusResponse = zDtoOfficeStatusResponse;
 
 export const zPutOfficeStatusData = z.object({
     body: zDtoUpdateOfficeStatusRequest,
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -819,9 +819,9 @@ export const zPutOfficeStatusData = z.object({
 export const zPutOfficeStatusResponse = zDtoOfficeStatusResponse;
 
 export const zGetProgramsData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.never())
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.never().optional()
 });
 
 /**
@@ -830,11 +830,11 @@ export const zGetProgramsData = z.object({
 export const zGetProgramsResponse = z.array(zDtoProgramResponse);
 
 export const zGetProgramsIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         programId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -843,11 +843,11 @@ export const zGetProgramsIdData = z.object({
 export const zGetProgramsIdResponse = zDtoProgramResponse;
 
 export const zGetProgramModulesData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         programId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -856,8 +856,8 @@ export const zGetProgramModulesData = z.object({
 export const zGetProgramModulesResponse = z.array(zDtoModuleResponse);
 
 export const zGetSearchData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
+    body: z.never().optional(),
+    path: z.never().optional(),
     query: z.object({
         q: z.string()
     })
@@ -869,12 +869,12 @@ export const zGetSearchData = z.object({
 export const zGetSearchResponse = z.array(zDtoSearchResult);
 
 export const zGetUsersData = z.object({
-    body: z.optional(z.never()),
-    path: z.optional(z.never()),
-    query: z.optional(z.object({
-        limit: z.optional(z.int()),
-        offset: z.optional(z.int())
-    }))
+    body: z.never().optional(),
+    path: z.never().optional(),
+    query: z.object({
+        limit: z.int().optional(),
+        offset: z.int().optional()
+    }).optional()
 });
 
 /**
@@ -883,11 +883,11 @@ export const zGetUsersData = z.object({
 export const zGetUsersResponse = z.array(zDtoUserResponse);
 
 export const zGetUsersByUserIdData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         userId: z.string()
     }),
-    query: z.optional(z.never())
+    query: z.never().optional()
 });
 
 /**
@@ -896,14 +896,14 @@ export const zGetUsersByUserIdData = z.object({
 export const zGetUsersByUserIdResponse = zDtoPublicUserResponse;
 
 export const zGetUsersByUserIdActivitiesData = z.object({
-    body: z.optional(z.never()),
+    body: z.never().optional(),
     path: z.object({
         userId: z.string()
     }),
-    query: z.optional(z.object({
-        limit: z.optional(z.int()),
-        offset: z.optional(z.int())
-    }))
+    query: z.object({
+        limit: z.int().optional(),
+        offset: z.int().optional()
+    }).optional()
 });
 
 /**