added dropdown menu

export drop down menu doesnt disappear when exporttype is selected
added dropdown menu for export
2025-12-01 06:55:45 +01:00 · 2025-11-05 14:18:18 +01:00 · 2025-11-05 13:22:00 +01:00 · 2025-11-05 11:32:40 +01:00 · 2025-11-05 09:43:28 +01:00 · 2025-11-05 09:40:26 +01:00
41 changed files with 2329 additions and 5944 deletions
--- a/.env.template
+++ b/.env.template
@@ -1,16 +1,29 @@
-# === SCHICHTPLANER DOCKER COMPOSE ENVIRONMENT VARIABLES ===
+# .env.template
-# Diese Datei wird von docker-compose automatisch geladen
+# ============================================
 # DOCKER COMPOSE ENVIRONMENT TEMPLATE
 # Copy this file to .env and adjust values
 # ============================================
-# Security
+# Application settings
-JWT_SECRET=${JWT_SECRET:-your-secret-key-please-change}
+NODE_ENV=production
-NODE_ENV=${NODE_ENV:-production}
+JWT_SECRET=your-secret-key-please-change
 HOSTNAME=localhost
 # Security & Network
 TRUST_PROXY_ENABLED=false
 TRUSTED_PROXY_IPS=127.0.0.1,::1
 FORCE_HTTPS=false
 # Database
-DB_PATH=${DB_PATH:-/app/data/database.db}
+DATABASE_PATH=/app/data/schichtplaner.db
-# Server
+# Optional features
-PORT=${PORT:-3002}
+ENABLE_PRO=false
 DEBUG=false
-# App Configuration
+# Port configuration
-APP_TITLE="Shift Planning App"
+APP_PORT=3002
-ENABLE_PRO=${ENABLE_PRO:-false}
+
 # ============================================
 # END OF TEMPLATE
 # ============================================
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -83,9 +83,13 @@ jobs:
        with:
          node-version: '20'
      - name: Create package-lock.json
        working-directory: .
        run: npm i --package-lock-only
      - name: Install backend dependencies
        working-directory: ./backend
-        run: npm install
+        run: npm ci
      - name: Run TypeScript check
        working-directory: ./backend
--- a/.gitignore
+++ b/.gitignore
@@ -57,6 +57,7 @@ yarn-error.log*
 # Build outputs
 dist/
 build/
 package-lock.json
 # Environment variables
 .env
--- a/33
+++ b/33
@@ -1,22 +1,17 @@
 # Single stage build for workspaces
-FROM node:20-bullseye AS builder
+FROM node:20-bookworm AS builder
 WORKDIR /app
 # Install Python + OR-Tools
 RUN apt-get update && apt-get install -y python3 python3-pip build-essential \
  && pip install --no-cache-dir ortools
 # Create symlink so python3 is callable as python
 RUN ln -sf /usr/bin/python3 /usr/bin/python
 # Copy root package files first
 COPY package*.json ./
 COPY tsconfig.base.json ./
 COPY ecosystem.config.cjs ./
 # Install root dependencies
-RUN npm install --only=production
+#RUN npm install --only=production
 RUN npm i --package-lock-only
 RUN npm ci
 # Copy workspace files
 COPY backend/ ./backend/
@@ -30,10 +25,7 @@ RUN npm install --workspace=frontend
 RUN npm run build --only=production --workspace=backend
 # Build frontend
-RUN npm run build --workspace=frontend
+RUN npm run build --only=production --workspace=frontend
 # Verify Python and OR-Tools installation
 RUN python -c "from ortools.sat.python import cp_model; print('OR-Tools installed successfully')"
 # Production stage
 FROM node:20-bookworm
@@ -57,7 +49,20 @@ COPY --from=builder /app/frontend/dist/ ./frontend-build/
 COPY --from=builder /app/ecosystem.config.cjs ./
 COPY --from=builder /app/backend/src/database/ ./dist/database/
-COPY --from=builder /app/backend/src/database/ ./database/
+# should be obsolete with the line above
 #COPY --from=builder /app/backend/src/database/ ./database/
 COPY --from=builder /app/backend/src/python-scripts/ ./python-scripts/
 # Install Python + OR-Tools
 RUN apt-get update && apt-get install -y python3 python3-pip build-essential \
  && pip install --no-cache-dir --break-system-packages ortools
 # Create symlink so python3 is callable as python
 RUN ln -sf /usr/bin/python3 /usr/bin/python
 # Verify Python and OR-Tools installation
 RUN python -c "from ortools.sat.python import cp_model; print('OR-Tools installed successfully')"
 # Copy init script and env template
 COPY docker-init.sh /usr/local/bin/
--- a/backend/package.json
+++ b/backend/package.json
@@ -4,6 +4,7 @@
  "type": "module",
  "scripts": {
    "dev": "npm run build && npx tsx src/server.ts",
    "dev:single": "cross-env NODE_ENV=development TRUST_PROXY_ENABLED=false npx tsx src/server.ts",
    "build": "tsc",
    "start": "node dist/server.js",
    "prestart": "npm run build",
@@ -14,6 +15,8 @@
  },
  "dependencies": {
    "@types/bcrypt": "^6.0.0",
    "@types/node": "24.9.2",
    "vite": "7.1.12",
    "bcrypt": "^6.0.0",
    "bcryptjs": "^2.4.3",
    "express": "^4.18.2",
@@ -22,7 +25,9 @@
    "uuid": "^9.0.0",
    "express-rate-limit": "8.1.0",
    "helmet": "8.1.0",
-    "express-validator": "7.3.0"
+    "express-validator": "7.3.0",
    "exceljs": "4.4.0",
    "playwright": "^1.37.0"
  },
  "devDependencies": {
    "@types/bcryptjs": "^2.4.2",
@@ -32,6 +37,7 @@
    "@types/jest": "^29.5.0",
    "ts-node": "^10.9.0",
    "typescript": "^5.0.0",
-    "tsx": "^4.0.0"
+    "tsx": "^4.0.0",
    "cross-env": "10.1.0"
  }
 }
--- a/backend/src/controllers/authController.ts
+++ b/backend/src/controllers/authController.ts
@@ -64,7 +64,7 @@ export const login = async (req: Request, res: Response) => {
      return res.status(400).json({ error: 'E-Mail und Passwort sind erforderlich' });
    }
-    // UPDATED: Get user from database with role from employee_roles table
+    // Get user from database with role from employee_roles table
    const user = await db.get<any>(
      `SELECT 
        e.id, e.email, e.password, e.firstname, e.lastname, 
@@ -155,7 +155,7 @@ export const getCurrentUser = async (req: Request, res: Response) => {
      return res.status(401).json({ error: 'Nicht authentifiziert' });
    }
-    // UPDATED: Get user with role from employee_roles table
+    // Get user with role from employee_roles table
    const user = await db.get<any>(
      `SELECT 
        e.id, e.email, e.firstname, e.lastname,
--- a/backend/src/controllers/shiftPlanController.ts
+++ b/backend/src/controllers/shiftPlanController.ts
@@ -8,6 +8,8 @@ import {
 } from '../models/ShiftPlan.js';
 import { AuthRequest } from '../middleware/auth.js';
 import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults.js';
 import ExcelJS from 'exceljs';
 import { chromium } from 'playwright';
 async function getPlanWithDetails(planId: string) {
  const plan = await db.get<any>(`
@@ -592,6 +594,26 @@ async function getShiftPlanById(planId: string): Promise<any> {
    `, [planId]);
  }
  // Load employees without role column + join with employee_roles
  const employees = await db.all<any>(`
    SELECT 
      e.id, 
      e.firstname, 
      e.lastname, 
      e.email, 
      e.employee_type,
      e.contract_type,
      e.can_work_alone,
      e.is_trainee,
      e.is_active as isActive,
      GROUP_CONCAT(er.role) as roles
    FROM employees e
    LEFT JOIN employee_roles er ON e.id = er.employee_id
    WHERE e.is_active = 1
    GROUP BY e.id
    ORDER BY e.firstname, e.lastname
  `, []);
  return {
    ...plan,
    isTemplate: plan.is_template === 1,
@@ -629,12 +651,25 @@ async function getShiftPlanById(planId: string): Promise<any> {
      requiredEmployees: shift.required_employees,
      assignedEmployees: JSON.parse(shift.assigned_employees || '[]'),
      timeSlotName: shift.time_slot_name
    })),
    // Include employees with proper role handling
    employees: employees.map(emp => ({
      id: emp.id,
      firstname: emp.firstname,
      lastname: emp.lastname,
      email: emp.email,
      employeeType: emp.employee_type,
      contractType: emp.contract_type,
      canWorkAlone: emp.can_work_alone === 1,
      isTrainee: emp.is_trainee === 1,
      isActive: emp.isActive === 1,
      roles: emp.roles ? emp.roles.split(',') : [] // Convert comma-separated roles to array
    }))
  };
 }
 // Helper function to generate scheduled shifts from template
-export const generateScheduledShifts = async(planId: string, startDate: string, endDate: string): Promise<void> => {
+export const generateScheduledShifts = async (planId: string, startDate: string, endDate: string): Promise<void> => {
  try {
    console.log(`🔄 Generating scheduled shifts for Plan ${planId} from ${startDate} to ${endDate}`);
@@ -933,3 +968,831 @@ export const clearAssignments = async (req: Request, res: Response): Promise<voi
    res.status(500).json({ error: 'Internal server error' });
  }
 };
 // Helper interfaces for export
 interface ExportDay {
  id: number;
  name: string;
 }
 interface ExportTimeSlot {
  id: string;
  name: string;
  startTime: string;
  endTime: string;
  shiftsByDay: { [dayId: number]: any };
 }
 interface ExportTimetableData {
  days: ExportDay[];
  allTimeSlots: ExportTimeSlot[];
 }
 function getTimetableDataForExport(plan: any): ExportTimetableData {
  const weekdays = [
    { id: 1, name: 'Montag' },
    { id: 2, name: 'Dienstag' },
    { id: 3, name: 'Mittwoch' },
    { id: 4, name: 'Donnerstag' },
    { id: 5, name: 'Freitag' },
    { id: 6, name: 'Samstag' },
    { id: 7, name: 'Sonntag' }
  ];
  if (!plan.shifts || !plan.timeSlots) {
    return { days: [], allTimeSlots: [] };
  }
  // Create a map for quick time slot lookups with proper typing
  const timeSlotMap = new Map<string, any>();
  plan.timeSlots.forEach((ts: any) => {
    timeSlotMap.set(ts.id, ts);
  });
  // Group shifts by day
  const shiftsByDay: { [dayId: number]: any[] } = plan.shifts.reduce((acc: any, shift: any) => {
    if (!acc[shift.dayOfWeek]) {
      acc[shift.dayOfWeek] = [];
    }
    const timeSlot = timeSlotMap.get(shift.timeSlotId);
    const enhancedShift = {
      ...shift,
      timeSlotName: timeSlot?.name,
      startTime: timeSlot?.startTime,
      endTime: timeSlot?.endTime
    };
    acc[shift.dayOfWeek].push(enhancedShift);
    return acc;
  }, {});
  // Sort shifts within each day by start time
  Object.keys(shiftsByDay).forEach(day => {
    const dayNum = parseInt(day);
    shiftsByDay[dayNum].sort((a: any, b: any) => {
      const timeA = a.startTime || '';
      const timeB = b.startTime || '';
      return timeA.localeCompare(timeB);
    });
  });
  // Get unique days that have shifts
  const days: ExportDay[] = Array.from(new Set(plan.shifts.map((shift: any) => shift.dayOfWeek)))
    .sort()
    .map(dayId => {
      return weekdays.find(day => day.id === dayId) || { id: dayId as number, name: `Tag ${dayId}` };
    });
  // Get all unique time slots (rows) by collecting from all shifts
  const allTimeSlotsMap = new Map<string, ExportTimeSlot>();
  days.forEach(day => {
    shiftsByDay[day.id]?.forEach((shift: any) => {
      const timeSlot = timeSlotMap.get(shift.timeSlotId);
      if (timeSlot && !allTimeSlotsMap.has(timeSlot.id)) {
        const exportTimeSlot: ExportTimeSlot = {
          id: timeSlot.id,
          name: timeSlot.name,
          startTime: timeSlot.startTime,
          endTime: timeSlot.endTime,
          shiftsByDay: {}
        };
        allTimeSlotsMap.set(timeSlot.id, exportTimeSlot);
      }
    });
  });
  // Populate shifts for each time slot by day
  days.forEach(day => {
    shiftsByDay[day.id]?.forEach((shift: any) => {
      const timeSlot = allTimeSlotsMap.get(shift.timeSlotId);
      if (timeSlot) {
        timeSlot.shiftsByDay[day.id] = shift;
      }
    });
  });
  // Convert to array and sort by start time
  const allTimeSlots = Array.from(allTimeSlotsMap.values()).sort((a: ExportTimeSlot, b: ExportTimeSlot) => {
    return (a.startTime || '').localeCompare(b.startTime || '');
  });
  return { days, allTimeSlots };
 }
 // Export shift plan to Excel
 // Export shift plan to Excel
 export const exportShiftPlanToExcel = async (req: Request, res: Response): Promise<void> => {
  try {
    const { id } = req.params;
    console.log('📊 Starting Excel export for plan:', id);
    const plan = await getShiftPlanById(id);
    if (!plan) {
      res.status(404).json({ error: 'Shift plan not found' });
      return;
    }
    if (plan.status !== 'published') {
      res.status(400).json({ error: 'Can only export published shift plans' });
      return;
    }
    // Create workbook
    const workbook = new ExcelJS.Workbook();
    workbook.creator = 'Schichtplaner System';
    workbook.created = new Date();
    /* -------------------------------------------------------------------------- */
    /*                           📋 1. Summary Sheet                              */
    /* -------------------------------------------------------------------------- */
    const summarySheet = workbook.addWorksheet('Planübersicht');
    summarySheet.columns = [
      { header: 'Eigenschaft', key: 'property', width: 25 },
      { header: 'Wert', key: 'value', width: 35 }
    ];
    summarySheet.addRows([
      { property: 'Plan Name', value: plan.name },
      { property: 'Beschreibung', value: plan.description || 'Keine' },
      { property: 'Zeitraum', value: `${plan.startDate} bis ${plan.endDate}` },
      { property: 'Status', value: plan.status },
      { property: 'Erstellt von', value: plan.created_by_name || 'Unbekannt' },
      { property: 'Erstellt am', value: new Date(plan.createdAt).toLocaleString('de-DE') },
      { property: 'Anzahl Schichten', value: plan.scheduledShifts?.length || 0 },
      { property: 'Anzahl Mitarbeiter', value: plan.employees?.length || 0 }
    ]);
    // Style header
    const header1 = summarySheet.getRow(1);
    header1.font = { bold: true, color: { argb: 'FFFFFFFF' } };
    header1.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF2C3E50' } };
    summarySheet.columns.forEach(col => (col.alignment = { vertical: 'middle', wrapText: true }));
    /* -------------------------------------------------------------------------- */
    /*                        📅 2. Timetable / Schichtplan Sheet                 */
    /* -------------------------------------------------------------------------- */
    const timetableSheet = workbook.addWorksheet('Schichtplan');
    const timetableData = getTimetableDataForExport(plan);
    const { days, allTimeSlots } = timetableData;
    // Calculate max employees per shift to determine row structure
    let maxEmployeesPerShift = 1;
    for (const timeSlot of allTimeSlots) {
      for (const day of days) {
        const scheduledShift = plan.scheduledShifts?.find(
          (s: any) => getDayOfWeek(s.date) === day.id && s.timeSlotId === timeSlot.id
        );
        if (scheduledShift && scheduledShift.assignedEmployees?.length > maxEmployeesPerShift) {
          maxEmployeesPerShift = scheduledShift.assignedEmployees.length;
        }
      }
    }
    // Header
    const headerRow = ['Schicht (Zeit)', ...days.map(d => d.name)];
    const header = timetableSheet.addRow(headerRow);
    header.eachCell(cell => {
      cell.font = { bold: true, color: { argb: 'FFFFFFFF' } };
      cell.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF2C3E50' } };
      cell.alignment = { horizontal: 'center', vertical: 'middle' };
      cell.border = {
        top: { style: 'thin' },
        left: { style: 'thin' },
        bottom: { style: 'thin' },
        right: { style: 'thin' }
      };
    });
    // Content rows - each time slot can have multiple employee rows
    for (const timeSlot of allTimeSlots) {
      // Find max employees for this time slot across all days
      let maxEmployeesInTimeSlot = 0;
      for (const day of days) {
        const scheduledShift = plan.scheduledShifts?.find(
          (s: any) => getDayOfWeek(s.date) === day.id && s.timeSlotId === timeSlot.id
        );
        if (scheduledShift && scheduledShift.assignedEmployees?.length > maxEmployeesInTimeSlot) {
          maxEmployeesInTimeSlot = scheduledShift.assignedEmployees.length;
        }
      }
      // If no employees assigned, show at least one row with requirement count
      const rowsToCreate = Math.max(maxEmployeesInTimeSlot, 1);
      for (let empIndex = 0; empIndex < rowsToCreate; empIndex++) {
        const rowData: any[] = [];
        // First cell: time slot name (only in first row, merged for others)
        if (empIndex === 0) {
          rowData.push(`${timeSlot.name}\n${timeSlot.startTime} - ${timeSlot.endTime}`);
        } else {
          rowData.push(''); // Empty for merged cells
        }
        // Day cells
        for (const day of days) {
          const shift = timeSlot.shiftsByDay[day.id];
          if (!shift) {
            rowData.push(empIndex === 0 ? 'Keine Schicht' : '');
            continue;
          }
          const scheduledShift = plan.scheduledShifts?.find(
            (s: any) => getDayOfWeek(s.date) === day.id && s.timeSlotId === timeSlot.id
          );
          if (scheduledShift && scheduledShift.assignedEmployees?.length > 0) {
            if (empIndex < scheduledShift.assignedEmployees.length) {
              const empId = scheduledShift.assignedEmployees[empIndex];
              const emp = plan.employees?.find((e: any) => e.id === empId);
              if (!emp) {
                rowData.push({ text: 'Unbekannt', color: 'FF888888' });
              } else if (emp.isTrainee) {
                rowData.push({
                  text: `${emp.firstname} ${emp.lastname} (T)`,
                  color: 'FFCDA8F0'
                });
              } else if (emp.employeeType === 'manager') {
                rowData.push({
                  text: `${emp.firstname} ${emp.lastname} (M)`,
                  color: 'FFCC0000'
                });
              } else {
                rowData.push({
                  text: `${emp.firstname} ${emp.lastname}`,
                  color: 'FF642AB5'
                });
              }
            } else {
              rowData.push(''); // Empty cell if no more employees
            }
          } else {
            // No employees assigned, show requirement count only in first row
            if (empIndex === 0) {
              const shiftsForSlot = plan.shifts?.filter(
                (s: any) => s.dayOfWeek === day.id && s.timeSlotId === timeSlot.id
              ) || [];
              const totalRequired = shiftsForSlot.reduce(
                (sum: number, s: any) => sum + s.requiredEmployees,
                0
              );
              rowData.push(totalRequired === 0 ? '-' : `0/${totalRequired}`);
            } else {
              rowData.push('');
            }
          }
        }
        const row = timetableSheet.addRow(rowData);
        row.eachCell((cell, colNumber) => {
          cell.border = {
            top: { style: 'thin' },
            left: { style: 'thin' },
            bottom: { style: 'thin' },
            right: { style: 'thin' }
          };
          cell.alignment = { vertical: 'middle', wrapText: true, horizontal: 'center' };
          // Handle colored employee names
          if (typeof cell.value === 'object' && cell.value !== null && 'text' in cell.value) {
            const employeeData = cell.value as unknown as { text: string; color: string };
            cell.value = employeeData.text;
            cell.font = { color: { argb: employeeData.color } };
            cell.alignment = { vertical: 'middle', horizontal: 'left' };
          }
          if (cell.value === 'Keine Schicht') {
            cell.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FFEDEDED' } };
            cell.font = { color: { argb: 'FF888888' }, italic: true };
          }
          if (colNumber === 1) {
            cell.alignment = { horizontal: 'left', vertical: 'middle', wrapText: true };
          }
        });
        row.height = 25;
      }
      // Merge time slot cells vertically if multiple rows were created
      if (rowsToCreate > 1) {
        const currentRow = timetableSheet.lastRow!.number;
        const startRow = currentRow - rowsToCreate + 1;
        timetableSheet.mergeCells(startRow, 1, currentRow, 1);
      }
    }
    // Adjust column widths
    timetableSheet.getColumn(1).width = 25; // Time slot column
    for (let i = 2; i <= days.length + 1; i++) {
      timetableSheet.getColumn(i).width = 30;
    }
    // Add legend row at bottom
    const legendRow = timetableSheet.addRow([
      'Legende:',
      '■ Manager',
      '■ Trainee',
      '■ Mitarbeiter',
      '■ Keine Schicht'
    ]);
    // Style each square with its respective color
    legendRow.getCell(1).font = { bold: true };
    legendRow.getCell(2).font = { color: { argb: 'FFCC0000' } };   // Red = Manager
    legendRow.getCell(3).font = { color: { argb: 'FFCDA8F0' } };   // Purple = Trainee
    legendRow.getCell(4).font = { color: { argb: 'FF642AB5' } };   // Blue = Mitarbeiter
    legendRow.getCell(5).font = { color: { argb: 'FF888888' } };   // Gray = Keine Schicht
    legendRow.eachCell(cell => {
      cell.alignment = { vertical: 'middle', horizontal: 'left' };
      cell.font = { ...cell.font, italic: true };
    });
    /* -------------------------------------------------------------------------- */
    /*                        👥 3. Employee Overview Sheet                       */
    /* -------------------------------------------------------------------------- */
    const employeeSheet = workbook.addWorksheet('Mitarbeiterübersicht');
    employeeSheet.columns = [
      { header: 'Name', key: 'name', width: 25 },
      { header: 'E-Mail', key: 'email', width: 25 },
      { header: 'Rolle', key: 'role', width: 18 },
      { header: 'Mitarbeiter Typ', key: 'type', width: 15 },
      { header: 'Vertragstyp', key: 'contract', width: 18 },
      { header: 'Trainee', key: 'trainee', width: 10 }
    ];
    plan.employees?.forEach((e: any) =>
      employeeSheet.addRow({
        name: `${e.firstname} ${e.lastname}`,
        email: e.email,
        role: e.roles?.join(', ') || 'Benutzer',
        type: e.employeeType || 'Unbekannt',
        contract: e.contractType || 'Nicht angegeben',
        trainee: e.isTrainee ? 'Ja' : 'Nein'
      })
    );
    const empHeader = employeeSheet.getRow(1);
    empHeader.font = { bold: true, color: { argb: 'FFFFFFFF' } };
    empHeader.fill = { type: 'pattern', pattern: 'solid', fgColor: { argb: 'FF34495E' } };
    empHeader.alignment = { horizontal: 'center', vertical: 'middle' };
    /* -------------------------------------------------------------------------- */
    /*                            📤 4. Send Response                             */
    /* -------------------------------------------------------------------------- */
    const fileName = `Schichtplan_${plan.name}_${new Date().toISOString().split('T')[0]}.xlsx`;
    res.setHeader('Content-Type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
    res.setHeader('Content-Disposition', `attachment; filename="${fileName}"`);
    await workbook.xlsx.write(res);
    console.log('✅ Excel export completed for plan:', id);
  } catch (error) {
    console.error('❌ Error exporting to Excel:', error);
    res.status(500).json({ error: 'Internal server error during Excel export' });
  }
 };
 export const exportShiftPlanToPDF = async (req: Request, res: Response): Promise<void> => {
  let browser;
  try {
    const { id } = req.params;
    console.log('📄 Starting PDF export for plan:', id);
    const plan = await getShiftPlanById(id);
    if (!plan) {
      res.status(404).json({ error: 'Shift plan not found' });
      return;
    }
    if (plan.status !== 'published') {
      res.status(400).json({ error: 'Can only export published shift plans' });
      return;
    }
    // Get timetable data (same as Excel)
    const timetableData = getTimetableDataForExport(plan);
    const { days, allTimeSlots } = timetableData;
    // Generate HTML content
    const html = `
 <!DOCTYPE html>
 <html lang="de">
 <head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Schichtplan - ${plan.name}</title>
  <style>
    * { margin: 0; padding: 0; box-sizing: border-box; }
    body { 
      font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
      font-size: 10pt;
      line-height: 1.4;
      color: #2c3e50;
      padding: 20px;
    }
    .header { 
      margin-bottom: 30px; 
      padding-bottom: 20px;
      border-bottom: 3px solid #2c3e50;
    }
    h1 { 
      font-size: 24pt; 
      color: #2c3e50; 
      margin-bottom: 10px;
    }
    .subtitle { 
      font-size: 11pt; 
      color: #7f8c8d; 
      margin-bottom: 5px;
    }
    .info-section {
      background: #f8f9fa;
      padding: 15px;
      border-radius: 5px;
      margin-bottom: 30px;
      page-break-inside: avoid;
    }
    .info-section h2 {
      font-size: 14pt;
      margin-bottom: 12px;
      color: #34495e;
      border-bottom: 2px solid #34495e;
      padding-bottom: 5px;
    }
    .info-grid {
      display: grid;
      grid-template-columns: 1fr 1fr;
      gap: 10px;
    }
    .info-item {
      display: flex;
      gap: 8px;
    }
    .info-label {
      font-weight: 600;
      color: #34495e;
    }
    .info-value {
      color: #555;
    }
    /* Timetable styles */
    .timetable-section {
      margin-top: 30px;
      page-break-before: always;
    }
    .timetable-section h2 {
      font-size: 16pt;
      margin-bottom: 15px;
      color: #2c3e50;
    }
    table {
      width: 100%;
      border-collapse: collapse;
      margin-bottom: 20px;
      page-break-inside: auto;
    }
    thead {
      background: #2c3e50;
      color: white;
    }
    thead th {
      padding: 12px 8px;
      text-align: center;
      font-weight: 600;
      border: 1px solid #2c3e50;
      font-size: 10pt;
    }
    tbody tr {
      page-break-inside: avoid;
      page-break-after: auto;
    }
    tbody tr:nth-child(even) {
      background: #f8f9fa;
    }
    td {
      padding: 10px 8px;
      border: 1px solid #dee2e6;
      vertical-align: top;
    }
    .time-slot-cell {
      font-weight: 600;
      background: #ecf0f1;
      white-space: nowrap;
      min-width: 120px;
    }
    .time-slot-name {
      font-size: 10pt;
      color: #2c3e50;
      margin-bottom: 3px;
    }
    .time-slot-time {
      font-size: 9pt;
      color: #7f8c8d;
      font-weight: normal;
    }
    .employee-list {
      list-style: none;
      padding: 0;
    }
    .employee-list li {
      margin-bottom: 4px;
      font-size: 9pt;
    }
    .employee-manager { color: #CC0000; font-weight: 600; }
    .employee-trainee { color: #CDA8F0; font-weight: 600; }
    .employee-regular { color: #642AB5; }
    .no-shift {
      color: #999;
      font-style: italic;
      text-align: center;
    }
    .required-count {
      color: #666;
      font-style: italic;
      text-align: center;
    }
    /* Legend */
    .legend {
      margin-top: 15px;
      padding: 10px;
      background: #f8f9fa;
      border-radius: 5px;
      display: flex;
      gap: 20px;
      flex-wrap: wrap;
      page-break-inside: avoid;
    }
    .legend-item {
      display: flex;
      align-items: center;
      gap: 5px;
      font-size: 9pt;
    }
    .legend-square {
      width: 12px;
      height: 12px;
      border-radius: 2px;
    }
    /* Employee section */
    .employee-section {
      margin-top: 30px;
      page-break-before: always;
    }
    .employee-section h2 {
      font-size: 16pt;
      margin-bottom: 15px;
      color: #2c3e50;
    }
    .employee-table {
      width: 100%;
    }
    .employee-table thead {
      background: #34495e;
    }
    .employee-table td {
      font-size: 9pt;
    }
    /* Footer */
    .footer {
      position: fixed;
      bottom: 15px;
      left: 20px;
      right: 20px;
      text-align: center;
      font-size: 8pt;
      color: #7f8c8d;
      border-top: 1px solid #dee2e6;
      padding-top: 8px;
    }
    @media print {
      body { padding: 15px; }
      .header { page-break-after: avoid; }
      .info-section { page-break-after: avoid; }
    }
  </style>
 </head>
 <body>
  <div class="header">
    <h1>Schichtplan: ${plan.name}</h1>
    <div class="subtitle">Erstellt am: ${new Date().toLocaleDateString('de-DE', {
      year: 'numeric',
      month: 'long',
      day: 'numeric'
    })}</div>
  </div>
  <div class="info-section">
    <h2>Plan Informationen</h2>
    <div class="info-grid">
      <div class="info-item">
        <span class="info-label">Plan Name:</span>
        <span class="info-value">${plan.name}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Status:</span>
        <span class="info-value">${plan.status}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Beschreibung:</span>
        <span class="info-value">${plan.description || 'Keine'}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Erstellt von:</span>
        <span class="info-value">${plan.created_by_name || 'Unbekannt'}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Zeitraum:</span>
        <span class="info-value">${plan.startDate} bis ${plan.endDate}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Erstellt am:</span>
        <span class="info-value">${new Date(plan.createdAt).toLocaleString('de-DE')}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Anzahl Schichten:</span>
        <span class="info-value">${plan.scheduledShifts?.length || 0}</span>
      </div>
      <div class="info-item">
        <span class="info-label">Anzahl Mitarbeiter:</span>
        <span class="info-value">${plan.employees?.length || 0}</span>
      </div>
    </div>
  </div>
  <div class="timetable-section">
    <h2>Schichtplan Timetable</h2>
    <table>
      <thead>
        <tr>
          <th>Schicht (Zeit)</th>
          ${days.map(day => `<th>${day.name}</th>`).join('')}
        </tr>
      </thead>
      <tbody>
        ${allTimeSlots.map(timeSlot => `
          <tr>
            <td class="time-slot-cell">
              <div class="time-slot-name">${timeSlot.name}</div>
              <div class="time-slot-time">${timeSlot.startTime} - ${timeSlot.endTime}</div>
            </td>
            ${days.map(day => {
      const shift = timeSlot.shiftsByDay[day.id];
      if (!shift) {
        return '<td class="no-shift">Keine Schicht</td>';
      }
      const scheduledShift = plan.scheduledShifts?.find((s: any) =>
        getDayOfWeek(s.date) === day.id && s.timeSlotId === timeSlot.id
      );
      if (scheduledShift && scheduledShift.assignedEmployees?.length > 0) {
        const employeeItems = scheduledShift.assignedEmployees.map((empId: string) => {
          const emp = plan.employees?.find((e: any) => e.id === empId);
          if (!emp) return '<li>Unbekannt</li>';
          let cssClass = 'employee-regular';
          let suffix = '';
          if (emp.isTrainee) {
            cssClass = 'employee-trainee';
            suffix = ' (T)';
          } else if (emp.employeeType === 'manager') {
            cssClass = 'employee-manager';
            suffix = ' (M)';
          }
          return `<li class="${cssClass}">${emp.firstname} ${emp.lastname}${suffix}</li>`;
        }).join('');
        return `<td><ul class="employee-list">${employeeItems}</ul></td>`;
      } else {
        const shiftsForSlot = plan.shifts?.filter((s: any) =>
          s.dayOfWeek === day.id && s.timeSlotId === timeSlot.id
        ) || [];
        const totalRequired = shiftsForSlot.reduce((sum: number, s: any) =>
          sum + s.requiredEmployees, 0
        );
        const displayText = totalRequired === 0 ? '-' : `0/${totalRequired}`;
        return `<td class="required-count">${displayText}</td>`;
      }
    }).join('')}
          </tr>
        `).join('')}
      </tbody>
    </table>
    <div class="legend">
      <div class="legend-item">
        <div class="legend-square" style="background: #CC0000;"></div>
        <span>Manager</span>
      </div>
      <div class="legend-item">
        <div class="legend-square" style="background: #CDA8F0;"></div>
        <span>Trainee</span>
      </div>
      <div class="legend-item">
        <div class="legend-square" style="background: #642AB5;"></div>
        <span>Mitarbeiter</span>
      </div>
      <div class="legend-item">
        <div class="legend-square" style="background: #ededed;"></div>
        <span>Keine Schicht</span>
      </div>
    </div>
  </div>
  <div class="employee-section">
    <h2>Mitarbeiterübersicht</h2>
    <table class="employee-table">
      <thead>
        <tr>
          <th>Name</th>
          <th>E-Mail</th>
          <th>Rolle</th>
          <th>Mitarbeiter Typ</th>
          <th>Vertragstyp</th>
          <th>Trainee</th>
        </tr>
      </thead>
      <tbody>
        ${plan.employees?.map((emp: any) => `
          <tr>
            <td>${emp.firstname} ${emp.lastname}</td>
            <td>${emp.email}</td>
            <td>${emp.roles?.join(', ') || 'Benutzer'}</td>
            <td>${emp.employeeType || 'Unbekannt'}</td>
            <td>${emp.contractType || 'Nicht angegeben'}</td>
            <td>${emp.isTrainee ? 'Ja' : 'Nein'}</td>
          </tr>
        `).join('') || '<tr><td colspan="6" style="text-align: center; color: #999;">Keine Mitarbeiter</td></tr>'}
      </tbody>
    </table>
  </div>
  <div class="footer">
    Erstellt am: ${new Date().toLocaleString('de-DE')} • Schichtplaner System
  </div>
 </body>
 </html>
    `;
    // Launch browser and generate PDF
    browser = await chromium.launch({ headless: true });
    const context = await browser.newContext();
    const page = await context.newPage();
    await page.setContent(html, { waitUntil: 'networkidle' });
    const pdfBuffer = await page.pdf({
      format: 'A4',
      printBackground: true,
      margin: {
        top: '20mm',
        right: '15mm',
        bottom: '20mm',
        left: '15mm'
      },
      displayHeaderFooter: true,
      headerTemplate: '<div></div>',
      footerTemplate: `
        <div style="font-size: 8pt; text-align: center; width: 100%; color: #7f8c8d; padding-top: 5px;">
          <span class="pageNumber"></span> / <span class="totalPages"></span>
        </div>
      `
    });
    await browser.close();
    // Set response headers and send PDF
    const fileName = `Schichtplan_${plan.name}_${new Date().toISOString().split('T')[0]}.pdf`;
    res.setHeader('Content-Type', 'application/pdf');
    res.setHeader('Content-Disposition', `attachment; filename="${fileName}"`);
    res.send(pdfBuffer);
    console.log('✅ PDF export completed for plan:', id);
  } catch (error) {
    console.error('❌ Error exporting to PDF:', error);
    if (browser) {
      await browser.close();
    }
    res.status(500).json({ error: 'Internal server error during PDF export' });
  }
 };
 // Helper function to get day of week from date string
 function getDayOfWeek(dateString: string): number {
  const date = new Date(dateString);
  return date.getDay() === 0 ? 7 : date.getDay();
 }
--- a/backend/src/middleware/auth.ts
+++ b/backend/src/middleware/auth.ts
@@ -52,3 +52,35 @@ export const requireRole = (roles: string[]) => {
    next();
  };
 };
 export const getClientIP = (req: Request): string => {
  const trustedHeader = process.env.TRUSTED_PROXY_HEADER || 'x-forwarded-for';
  const forwarded = req.headers[trustedHeader];
  const realIp = req.headers['x-real-ip'];
  if (forwarded) {
    if (Array.isArray(forwarded)) {
      return forwarded[0].split(',')[0].trim();
    } else if (typeof forwarded === 'string') {
      return forwarded.split(',')[0].trim();
    }
  }
  if (realIp) {
    return realIp.toString();
  }
  return req.socket.remoteAddress || req.ip || 'unknown';
 };
 export const ipSecurityCheck = (req: AuthRequest, res: Response, next: NextFunction): void => {
  const clientIP = getClientIP(req);
  // Log suspicious activity
  const suspiciousPaths = ['/api/auth/login', '/api/auth/register'];
  if (suspiciousPaths.includes(req.path)) {
    console.log(`🔐 Auth attempt from IP: ${clientIP}, Path: ${req.path}`);
  }
  next();
 }
--- a/backend/src/middleware/rateLimit.ts
+++ b/backend/src/middleware/rateLimit.ts
@@ -1,6 +1,46 @@
 import rateLimit from 'express-rate-limit';
 import { Request } from 'express';
 // Secure IP extraction that works with proxy settings
 const getClientIP = (req: Request): string => {
  // Read from environment which header to trust
  const trustedHeader = process.env.TRUSTED_PROXY_HEADER || 'x-forwarded-for';
  const forwarded = req.headers[trustedHeader];
  const realIp = req.headers['x-real-ip'];
  const cfConnectingIp = req.headers['cf-connecting-ip']; // Cloudflare
  // If we have a forwarded header and trust proxy is configured
  if (forwarded) {
    if (Array.isArray(forwarded)) {
      const firstIP = forwarded[0].split(',')[0].trim();
      console.log(`🔍 Extracted IP from ${trustedHeader}: ${firstIP} (from: ${forwarded[0]})`);
      return firstIP;
    } else if (typeof forwarded === 'string') {
      const firstIP = forwarded.split(',')[0].trim();
      console.log(`🔍 Extracted IP from ${trustedHeader}: ${firstIP} (from: ${forwarded})`);
      return firstIP;
    }
  }
  // Cloudflare support
  if (cfConnectingIp) {
    console.log(`🔍 Using Cloudflare IP: ${cfConnectingIp}`);
    return cfConnectingIp.toString();
  }
  // Fallback to x-real-ip
  if (realIp) {
    console.log(`🔍 Using x-real-ip: ${realIp}`);
    return realIp.toString();
  }
  // Final fallback to connection remote address
  const remoteAddress = req.socket.remoteAddress || req.ip || 'unknown';
  console.log(`🔍 Using remote address: ${remoteAddress}`);
  return remoteAddress;
 };
 // Helper to check if request should be limited
 const shouldSkipLimit = (req: Request): boolean => {
  const skipPaths = [
@@ -14,35 +54,92 @@ const shouldSkipLimit = (req: Request): boolean => {
    return true;
  }
  // Skip for whitelisted IPs from environment
  const whitelist = process.env.RATE_LIMIT_WHITELIST?.split(',') || [];
  const clientIP = getClientIP(req);
  if (whitelist.includes(clientIP)) {
    console.log(`✅ IP whitelisted: ${clientIP}`);
    return true;
  }
  return skipPaths.includes(req.path);
 };
 // Environment-based configuration
 const getRateLimitConfig = () => {
  const isProduction = process.env.NODE_ENV === 'production';
  return {
    windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '900000'), // 15 minutes default
    max: isProduction 
      ? parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '1000')  // Stricter in production
      : parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '5000'), // More lenient in development
    // Development-specific relaxations
    skip: (req: Request) => {
      // Skip all GET requests in development for easier testing
      if (!isProduction && req.method === 'GET') {
        return true;
      }
      return shouldSkipLimit(req);
    }
  };
 };
 // Main API limiter - nur für POST/PUT/DELETE
 export const apiLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000, // 15 minutes
+  ...getRateLimitConfig(),
  max: 200, // 200 non-GET requests per 15 minutes
  message: { 
    error: 'Zu viele Anfragen, bitte verlangsamen Sie Ihre Aktionen' 
  },
  standardHeaders: true,
  legacyHeaders: false,
-  skip: (req) => {
+  keyGenerator: (req) => getClientIP(req),
-    // ✅ Skip für GET requests (Data Fetching)
+  handler: (req, res) => {
-    if (req.method === 'GET') return true;
+    const clientIP = getClientIP(req);
    console.warn(`🚨 Rate limit exceeded for IP: ${clientIP}, Path: ${req.path}, Method: ${req.method}`);
-    // ✅ Skip für Health/Status Checks
+    res.status(429).json({ 
-    return shouldSkipLimit(req);
+      error: 'Zu viele Anfragen',
      message: 'Bitte versuchen Sie es später erneut',
      retryAfter: '15 Minuten',
      clientIP: process.env.NODE_ENV === 'development' ? clientIP : undefined // Only expose IP in dev
    });
  }
 });
 // Strict limiter for auth endpoints
 export const authLimiter = rateLimit({
  windowMs: 15 * 60 * 1000,
-  max: 5,
+  max: parseInt(process.env.AUTH_RATE_LIMIT_MAX_REQUESTS || '100'),
  message: { 
    error: 'Zu viele Login-Versuche, bitte versuchen Sie es später erneut' 
  },
  standardHeaders: true,
  legacyHeaders: false,
  skipSuccessfulRequests: true,
  keyGenerator: (req) => getClientIP(req),
  handler: (req, res) => {
    const clientIP = getClientIP(req);
    console.warn(`🚨 Auth rate limit exceeded for IP: ${clientIP}`);
    res.status(429).json({ 
      error: 'Zu viele Login-Versuche',
      message: 'Aus Sicherheitsgründen wurde Ihr Konto temporär gesperrt',
      retryAfter: '15 Minuten'
    });
  }
 });
 // Separate limiter for expensive endpoints
 export const expensiveEndpointLimiter = rateLimit({
  windowMs: 15 * 60 * 1000,
  max: parseInt(process.env.EXPENSIVE_ENDPOINT_LIMIT || '100'),
  message: {
    error: 'Zu viele Anfragen für diese Ressource'
  },
  standardHeaders: true,
  legacyHeaders: false,
  keyGenerator: (req) => getClientIP(req)
 });
--- a/backend/src/models/helpers/employeeHelpers.ts
+++ b/backend/src/models/helpers/employeeHelpers.ts
@@ -18,7 +18,7 @@ function generateEmail(firstname: string, lastname: string): string {
  return `${cleanFirstname}.${cleanLastname}@sp.de`;
 }
-// UPDATED: Validation for new employee model with employee types
+// Validation for new employee model with employee types
 export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
  const errors: string[] = [];
@@ -71,7 +71,7 @@ export function generateEmployeeEmail(firstname: string, lastname: string): stri
  return generateEmail(firstname, lastname);
 }
-// UPDATED: Business logic helpers for new employee types
+// Business logic helpers for new employee types
 export const isManager = (employee: Employee): boolean =>
  employee.employeeType === 'manager';
@@ -90,7 +90,7 @@ export const isInternal = (employee: Employee): boolean =>
 export const isExternal = (employee: Employee): boolean =>
  employee.employeeType === 'guest';
-// UPDATED: Trainee logic - now based on isTrainee field for personell type
+// Trainee logic - now based on isTrainee field for personell type
 export const isTrainee = (employee: Employee): boolean =>
  employee.employeeType === 'personell' && employee.isTrainee;
@@ -107,7 +107,7 @@ export const isMaintenance = (employee: Employee): boolean =>
 export const isUser = (employee: Employee): boolean =>
  employee.roles?.includes('user') || false;
-// UPDATED: Work alone permission - managers and experienced personell can work alone
+// Work alone permission - managers and experienced personell can work alone
 export const canEmployeeWorkAlone = (employee: Employee): boolean =>
  employee.canWorkAlone && (isManager(employee) || isExperienced(employee));
@@ -134,7 +134,7 @@ export function validateAvailabilityData(availability: Omit<EmployeeAvailability
  return errors;
 }
-// UPDATED: Helper to get employee type category
+// Helper to get employee type category
 export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => {
  return isInternal(employee) ? 'internal' : 'external';
 };
--- a/backend/src/models/helpers/shiftPlanHelpers.ts
+++ b/backend/src/models/helpers/shiftPlanHelpers.ts
@@ -78,7 +78,7 @@ export function calculateTotalRequiredEmployees(plan: ShiftPlan): number {
  return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0);
 }
-// UPDATED: Get scheduled shift by date and time slot
+// Get scheduled shift by date and time slot
 export function getScheduledShiftByDateAndTime(
  plan: ShiftPlan, 
  date: string, 
--- a/backend/src/models/scheduling.ts
+++ b/backend/src/models/scheduling.ts
@@ -2,7 +2,7 @@
 import { Employee } from './Employee.js';
 import { ShiftPlan } from './ShiftPlan.js';
-// Updated Availability interface to match new schema
+// Availability interface
 export interface Availability {
  id: string;
  employeeId: string;
--- a/backend/src/routes/shiftPlans.ts
+++ b/backend/src/routes/shiftPlans.ts
@@ -7,7 +7,9 @@ import {
  updateShiftPlan, 
  deleteShiftPlan,
  createFromPreset,
-  clearAssignments
+  clearAssignments,
  exportShiftPlanToExcel,
  exportShiftPlanToPDF
 } from '../controllers/shiftPlanController.js';
 import { 
  validateShiftPlan, 
@@ -30,4 +32,7 @@ router.put('/:id', validateId, validateShiftPlanUpdate, handleValidationErrors,
 router.delete('/:id', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), deleteShiftPlan);
 router.post('/:id/clear-assignments', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), clearAssignments);
 router.get('/:id/export/excel', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), exportShiftPlanToExcel);
 router.get('/:id/export/pdf', validateId, handleValidationErrors, requireRole(['admin', 'maintenance']), exportShiftPlanToPDF);
 export default router;
--- a/backend/src/scripts/applyMigration.ts
+++ b/backend/src/scripts/applyMigration.ts
@@ -53,7 +53,7 @@ async function markMigrationAsApplied(migrationName: string) {
  );
 }
-// UPDATED: Function to handle schema changes for the new employee type system
+// Function to handle schema changes for the new employee type system
 async function applySchemaUpdates() {
  console.log('🔄 Applying schema updates for new employee type system...');
@@ -80,7 +80,7 @@ async function applySchemaUpdates() {
      PRAGMA table_info(employees)
    `);
-    // FIXED: Check for employee_type column (not roles column)
+    // Check for employee_type column (not roles column)
    const hasEmployeeType = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'employee_type');
    const hasIsTrainee = employeesTableInfo.some((col: TableColumnInfo) => col.name === 'is_trainee');
--- a/backend/src/server.ts
+++ b/backend/src/server.ts
@@ -5,6 +5,7 @@ import { fileURLToPath } from 'url';
 import { initializeDatabase } from './scripts/initializeDatabase.js';
 import fs from 'fs';
 import helmet from 'helmet';
 import type { ViteDevServer } from 'vite';
 // Route imports
 import authRoutes from './routes/auth.js';
@@ -13,7 +14,12 @@ import shiftPlanRoutes from './routes/shiftPlans.js';
 import setupRoutes from './routes/setup.js';
 import scheduledShifts from './routes/scheduledShifts.js';
 import schedulingRoutes from './routes/scheduling.js';
-import { authLimiter, apiLimiter } from './middleware/rateLimit.js';
+import { 
  apiLimiter, 
  authLimiter, 
  expensiveEndpointLimiter
 } from './middleware/rateLimit.js';
 import { ipSecurityCheck as authIpCheck } from './middleware/auth.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -22,7 +28,50 @@ const app = express();
 const PORT = 3002;
 const isDevelopment = process.env.NODE_ENV === 'development';
-app.set('trust proxy', true);
+app.use(authIpCheck);
 let vite: ViteDevServer | undefined;
 if (isDevelopment) {
  // Dynamically import and setup Vite middleware
  const setupViteDevServer = async () => {
    try {
      const { createServer } = await import('vite');
      vite = await createServer({
        server: { middlewareMode: true },
        appType: 'spa'
      });
      app.use(vite.middlewares);
      console.log('🔧 Vite dev server integrated with Express');
    } catch (error) {
      console.warn('⚠️ Vite integration failed, using static files:', error);
    }
  };
  setupViteDevServer();
 }
 const configureStaticFiles = () => {
  const staticConfig = {
    maxAge: '1y',
    etag: false,
    immutable: true,
    index: false
  };
  // Serve frontend build
  const frontendPath = '/app/frontend-build';
  if (fs.existsSync(frontendPath)) {
    console.log('✅ Serving frontend from:', frontendPath);
    app.use(express.static(frontendPath, staticConfig));
  }
  // Serve premium assets if available
  const premiumPath = '/app/premium-dist';
  if (fs.existsSync(premiumPath)) {
    console.log('✅ Serving premium assets from:', premiumPath);
    app.use('/premium-assets', express.static(premiumPath, staticConfig));
  }
 };
 // Security configuration
 if (process.env.NODE_ENV === 'production') {
@@ -34,6 +83,51 @@ if (process.env.NODE_ENV === 'production') {
  }
 }
 const configureTrustProxy = (): string | string[] | boolean | number => {
  const trustedProxyIps = process.env.TRUSTED_PROXY_IPS;
  const trustProxyEnabled = process.env.TRUST_PROXY_ENABLED !== 'false';
  // If explicitly disabled
  if (!trustProxyEnabled) {
    console.log('🔒 Trust proxy: Disabled');
    return false;
  }
  // If specific IPs are provided via environment variable
  if (trustedProxyIps) {
    console.log('🔒 Trust proxy: Using configured IPs:', trustedProxyIps);
    // Handle comma-separated list of IPs/CIDR ranges
    if (trustedProxyIps.includes(',')) {
      return trustedProxyIps.split(',').map(ip => ip.trim());
    }
    // Handle single IP/CIDR
    return trustedProxyIps.trim();
  }
  // Default behavior for reverse proxy setup
  console.log('🔒 Trust proxy: Using reverse proxy defaults (trust all)');
  return true; // Trust all proxies when behind nginx
 };
 app.set('trust proxy', configureTrustProxy());
 app.use((req, res, next) => {
  const protocol = req.headers['x-forwarded-proto'] || req.protocol;
  const isHttps = protocol === 'https';
  // Add security warning for HTTP requests
  if (!isHttps && process.env.NODE_ENV === 'production') {
    res.setHeader('X-Security-Warning', 'This application is being accessed over HTTP. For secure communication, please use HTTPS.');
    // Log HTTP access in production
    console.warn(`⚠️  HTTP access detected: ${req.method} ${req.path} from ${req.ip}`);
  }
  next();
 });
 // Security headers
 app.use(helmet({
  contentSecurityPolicy: {
@@ -47,9 +141,14 @@ app.use(helmet({
      objectSrc: ["'none'"],
      mediaSrc: ["'self'"],
      frameSrc: ["'none'"],
      upgradeInsecureRequests: process.env.FORCE_HTTPS === 'true' ? [] : null
    },
  },
-  hsts: false,
+  hsts: {
    maxAge: 31536000,
    includeSubDomains: true,
    preload: true
  }, // Enable HSTS for HTTPS
  crossOriginEmbedderPolicy: false
 }));
@@ -66,9 +165,12 @@ app.use(express.json());
 // Rate limiting - weniger restriktiv in Development
 if (process.env.NODE_ENV === 'production') {
  console.log('🔒 Applying production rate limiting');
  app.use('/api/', apiLimiter);
 } else {
-  console.log('🔧 Development: Rate limiting relaxed');
+  console.log('🔧 Development: Relaxed rate limiting applied');
  // In development, you might want to be more permissive
  app.use('/api/', apiLimiter);
 }
 // API Routes
@@ -77,7 +179,7 @@ app.use('/api/auth', authLimiter, authRoutes);
 app.use('/api/employees', employeeRoutes);
 app.use('/api/shift-plans', shiftPlanRoutes);
 app.use('/api/scheduled-shifts', scheduledShifts);
-app.use('/api/scheduling', schedulingRoutes);
+app.use('/api/scheduling', expensiveEndpointLimiter, schedulingRoutes);
 // Health route
 app.get('/api/health', (req: express.Request, res: express.Response) => {
@@ -118,6 +220,7 @@ const findFrontendBuildPath = (): string | null => {
 };
 const frontendBuildPath = findFrontendBuildPath();
 configureStaticFiles();
 if (frontendBuildPath) {
  app.use(express.static(frontendBuildPath));
@@ -130,12 +233,25 @@ if (frontendBuildPath) {
 }
 // Root route
-app.get('/', (req, res) => {
+app.get('/', async (req, res) => {
-  if (!frontendBuildPath) {
+  // In development with Vite middleware
-    if (isDevelopment) {
+  if (vite) {
-      return res.redirect('http://localhost:3003');
+    try {
      const template = fs.readFileSync(
        path.resolve(__dirname, '../../frontend/index.html'),
        'utf-8'
      );
      const html = await vite.transformIndexHtml(req.url, template);
      res.send(html);
    } catch (error) {
      res.status(500).send('Vite dev server error');
    }
-    return res.status(500).send('Frontend build not found');
+    return;
  }
  // Fallback to static file serving
  if (!frontendBuildPath) {
    return res.status(500).send('Frontend not available');
  }
  const indexPath = path.join(frontendBuildPath, 'index.html');
@@ -143,20 +259,26 @@ app.get('/', (req, res) => {
 });
 // Client-side routing fallback
-app.get('*', (req, res) => {
+app.get('*', (req, res, next) => {
  // Skip API routes
  if (req.path.startsWith('/api/')) {
-    return res.status(404).json({ error: 'API endpoint not found' });
+    return next();
  }
-  if (!frontendBuildPath) {
+  // Skip file extensions (assets)
-    if (isDevelopment) {
+  if (req.path.match(/\.[a-z0-9]+$/i)) {
-      return res.redirect(`http://localhost:3003${req.path}`);
+    return next();
    }
    return res.status(500).json({ error: 'Frontend application not available' });
  }
-  const indexPath = path.join(frontendBuildPath, 'index.html');
+  // Serve React app for all other routes
  const frontendPath = '/app/frontend-build';
  const indexPath = path.join(frontendPath, 'index.html');
  if (fs.existsSync(indexPath)) {
    res.sendFile(indexPath);
  } else {
    res.status(404).send('Frontend not available');
  }
 });
 // Error handling
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,17 +6,22 @@ services:
    image: ghcr.io/donpat1to/schichtenplaner:v1.0.0
    environment:
      - NODE_ENV=production
-      - JWT_SECRET=${JWT_SECRET:-your-secret-key-please-change}
+      - JWT_SECRET=${JWT_SECRET}
-    ports:
+      - TRUST_PROXY_ENABLED=true
-      - "3002:3002"
+      - TRUSTED_PROXY_IPS=nginx-proxy,172.0.0.0/8,10.0.0.0/8,192.168.0.0/16
      - FORCE_HTTPS=${FORCE_HTTPS:-false}
    networks:
      - app-network
    volumes:
      - app_data:/app/data
    restart: unless-stopped
    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:3002/api/health"]
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/api/health"]
      interval: 30s
      timeout: 10s
      retries: 3
    expose:
      - "3002"
 volumes:
  app_data:
--- a/docker-init.sh
+++ b/docker-init.sh
@@ -3,17 +3,15 @@ set -e
 echo "🚀 Container Initialisierung gestartet..."
 # Funktion zum Generieren eines sicheren Secrets
 generate_secret() {
    length=$1
    tr -dc 'A-Za-z0-9!@#$%^&*()_+-=' < /dev/urandom | head -c $length
 }
-# Prüfe ob .env existiert
+# Create .env if it doesn't exist
 if [ ! -f /app/.env ]; then
    echo "📝 Erstelle .env Datei..."
    # Verwende vorhandenes JWT_SECRET oder generiere ein neues
    if [ -z "$JWT_SECRET" ] || [ "$JWT_SECRET" = "your-secret-key-please-change" ]; then
        export JWT_SECRET=$(generate_secret 64)
        echo "🔑 Automatisch sicheres JWT Secret generiert"
@@ -21,30 +19,37 @@ if [ ! -f /app/.env ]; then
        echo "🔑 Verwende vorhandenes JWT Secret aus Umgebungsvariable"
    fi
-    # Erstelle .env aus Template mit envsubst
+    # Create .env with all proxy settings
-    envsubst < /app/.env.template > /app/.env
+    cat > /app/.env << EOF
-    echo "✅ .env Datei erstellt"
+NODE_ENV=production
 JWT_SECRET=${JWT_SECRET}
 TRUST_PROXY_ENABLED=${TRUST_PROXY_ENABLED:-true}
 TRUSTED_PROXY_IPS=${TRUSTED_PROXY_IPS:-172.0.0.0/8,10.0.0.0/8,192.168.0.0/16}
 HOSTNAME=${HOSTNAME:-localhost}
 EOF
    echo "✅ .env Datei erstellt"
 else
    echo "ℹ️  .env Datei existiert bereits"
-    # Wenn .env existiert, aber JWT_SECRET Umgebungsvariable gesetzt ist, aktualisiere sie
+    # Update JWT_SECRET if provided
    if [ -n "$JWT_SECRET" ] && [ "$JWT_SECRET" != "your-secret-key-please-change" ]; then
        echo "🔑 Aktualisiere JWT Secret in .env Datei"
        # Aktualisiere nur das JWT_SECRET in der .env Datei
        sed -i "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_SECRET/" /app/.env
    fi
 fi
-# Validiere dass JWT_SECERT nicht der Standardwert ist
+# Validate JWT_SECRET
 if grep -q "JWT_SECRET=your-secret-key-please-change" /app/.env; then
    echo "❌ FEHLER: Standard JWT Secret in .env gefunden!"
    echo "❌ Bitte setzen Sie JWT_SECRET Umgebungsvariable"
    exit 1
 fi
 # Setze sichere Berechtigungen
 chmod 600 /app/.env
 echo "🔧 Proxy Configuration:"
 echo "   - TRUST_PROXY_ENABLED: ${TRUST_PROXY_ENABLED:-true}"
 echo "   - TRUSTED_PROXY_IPS: ${TRUSTED_PROXY_IPS:-172.0.0.0/8,10.0.0.0/8,192.168.0.0/16}"
 echo "🔧 Starte Anwendung..."
 exec "$@"
--- a/frontend/donpat1to.svg
+++ b/frontend/donpat1to.svg
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -2,7 +2,7 @@
 <html lang="en">
  <head>
    <meta charset="UTF-8" />
-    <link rel="icon" type="image/svg+xml" href="/vite.svg" />
+    <link rel="icon" type="image/svg+xml" href="/donpat1to.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Shift Planning App</title>
  </head>
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -7,7 +7,9 @@
    "react": "^19.0.0",
    "react-dom": "^19.0.0",
    "react-router-dom": "^6.28.0",
-    "date-fns": "4.1.0"
+    "date-fns": "4.1.0",
    "@vitejs/plugin-react": "^4.3.3",
    "vite": "^6.0.7"
  },
  "devDependencies": {
    "@types/node": "20.19.23",
@@ -25,10 +27,12 @@
    "esbuild": "^0.21.0",
    "terser": "5.44.0",
    "babel-plugin-transform-remove-console": "6.9.4",
-    "framer-motion": "12.23.24"
+    "framer-motion": "12.23.24",
    "file-saver": "2.0.5",
    "@types/file-saver": "2.0.5"
  },
  "scripts": {
-    "dev": "vite",
+    "dev": "vite dev",
    "build": "tsc && vite build",
    "preview": "vite preview"
  }
--- a/frontend/src/App.tsx
+++ b/frontend/src/App.tsx
@@ -15,6 +15,8 @@ import EmployeeManagement from './pages/Employees/EmployeeManagement';
 import Settings from './pages/Settings/Settings';
 import Help from './pages/Help/Help';
 import Setup from './pages/Setup/Setup';
 import ErrorBoundary from './components/ErrorBoundary/ErrorBoundary';
 import SecurityWarning from './components/SecurityWarning/SecurityWarning';
 // Free Footer Link Pages (always available)
 import FAQ from './components/Layout/FooterLinks/FAQ/FAQ';
@@ -160,14 +162,17 @@ const AppContent: React.FC = () => {
 function App() {
  return (
    <ErrorBoundary>
      <NotificationProvider>
        <AuthProvider>
          <Router>
            <SecurityWarning />
            <NotificationContainer />
            <AppContent />
          </Router>
        </AuthProvider>
      </NotificationProvider>
    </ErrorBoundary>
  );
 }
--- a/frontend/src/components/ErrorBoundary/ErrorBoundary.tsx
+++ b/frontend/src/components/ErrorBoundary/ErrorBoundary.tsx
@@ -0,0 +1,101 @@
 // src/components/ErrorBoundary/ErrorBoundary.tsx
 import React from 'react';
 interface Props {
  children: React.ReactNode;
  fallback?: React.ReactNode;
 }
 interface State {
  hasError: boolean;
  error?: Error;
 }
 class ErrorBoundary extends React.Component<Props, State> {
  constructor(props: Props) {
    super(props);
    this.state = { hasError: false };
  }
  static getDerivedStateFromError(error: Error): State {
    return { hasError: true, error };
  }
  componentDidCatch(error: Error, errorInfo: React.ErrorInfo) {
    console.error('🚨 Application Error:', error);
    console.error('📋 Error Details:', errorInfo);
    // In production, send to your error reporting service
    // logErrorToService(error, errorInfo);
  }
  render() {
    if (this.state.hasError) {
      // You can render any custom fallback UI
      return this.props.fallback || (
        <div style={{ 
          padding: '40px', 
          textAlign: 'center',
          fontFamily: 'Arial, sans-serif'
        }}>
          <div style={{ fontSize: '48px', marginBottom: '20px' }}>⚠️</div>
          <h2>Oops! Something went wrong</h2>
          <p style={{ margin: '20px 0', color: '#666' }}>
            We encountered an unexpected error. Please try refreshing the page.
          </p>
          <div style={{ marginTop: '30px' }}>
            <button
              onClick={() => window.location.reload()}
              style={{
                padding: '10px 20px',
                backgroundColor: '#007bff',
                color: 'white',
                border: 'none',
                borderRadius: '4px',
                cursor: 'pointer',
                marginRight: '10px'
              }}
            >
              Refresh Page
            </button>
            <button
              onClick={() => this.setState({ hasError: false })}
              style={{
                padding: '10px 20px',
                backgroundColor: '#6c757d',
                color: 'white',
                border: 'none',
                borderRadius: '4px',
                cursor: 'pointer'
              }}
            >
              Try Again
            </button>
          </div>
          {process.env.NODE_ENV === 'development' && this.state.error && (
            <details style={{ 
              marginTop: '20px', 
              textAlign: 'left',
              background: '#f8f9fa',
              padding: '15px',
              borderRadius: '4px'
            }}>
              <summary>Error Details (Development)</summary>
              <pre style={{ 
                whiteSpace: 'pre-wrap',
                fontSize: '12px',
                color: '#dc3545'
              }}>
                {this.state.error.stack}
              </pre>
            </details>
          )}
        </div>
      );
    }
    return this.props.children;
  }
 }
 export default ErrorBoundary;
--- a/frontend/src/components/SecurityWarning/SecurityWarning.tsx
+++ b/frontend/src/components/SecurityWarning/SecurityWarning.tsx
@@ -0,0 +1,59 @@
 // src/components/SecurityWarning/SecurityWarning.tsx
 import React, { useState, useEffect } from 'react';
 const SecurityWarning: React.FC = () => {
  const [isHttp, setIsHttp] = useState(false);
  const [isDismissed, setIsDismissed] = useState(false);
  useEffect(() => {
    // Check if current protocol is HTTP
    const checkProtocol = () => {
      setIsHttp(window.location.protocol === 'http:');
    };
    checkProtocol();
    window.addEventListener('load', checkProtocol);
    return () => window.removeEventListener('load', checkProtocol);
  }, []);
  if (!isHttp || isDismissed) {
    return null;
  }
  return (
    <div style={{
      position: 'fixed',
      top: 0,
      left: 0,
      right: 0,
      backgroundColor: '#ff6b35',
      color: 'white',
      padding: '10px 20px',
      textAlign: 'center',
      zIndex: 10000,
      fontSize: '14px',
      fontWeight: 'bold',
      boxShadow: '0 2px 4px rgba(0,0,0,0.2)'
    }}>
      ⚠️ SECURITY WARNING: This site is being accessed over HTTP. 
      For secure communication, please use HTTPS.
      <button 
        onClick={() => setIsDismissed(true)}
        style={{
          marginLeft: '15px',
          background: 'rgba(255,255,255,0.2)',
          border: '1px solid white',
          color: 'white',
          padding: '2px 8px',
          borderRadius: '3px',
          cursor: 'pointer'
        }}
      >
        Dismiss
      </button>
    </div>
  );
 };
 export default SecurityWarning;
--- a/frontend/src/contexts/AuthContext.tsx
+++ b/frontend/src/contexts/AuthContext.tsx
@@ -49,12 +49,21 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
  const checkSetupStatus = async (): Promise<void> => {
    try {
      console.log('🔍 Checking setup status...');
-      const response = await fetch(`${API_BASE_URL}/setup/status`);
+      const startTime = Date.now();
      const response = await fetch(`${API_BASE_URL}/setup/status`, {
        signal: AbortSignal.timeout(5000)
      });
      console.log(`✅ Setup status response received in ${Date.now() - startTime}ms`);
      if (!response.ok) {
        console.error('❌ Setup status response not OK:', response.status, response.statusText);
        throw new Error('Setup status check failed');
      }
      const data = await response.json();
-      console.log('✅ Setup status response:', data);
+      console.log('✅ Setup status response data:', data);
      setNeedsSetup(data.needsSetup === true);
    } catch (error) {
      console.error('❌ Error checking setup status:', error);
@@ -95,7 +104,6 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
    }
  };
  // Add the updateUser function
  const updateUser = (userData: Employee) => {
    console.log('🔄 Updating user in auth context:', userData);
    setUser(userData);
@@ -161,6 +169,8 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
    initializeAuth();
  }, []);
  const calculatedNeedsSetup = needsSetup === null ? true : needsSetup;
  const value: AuthContextType = {
    user,
    login,
@@ -168,7 +178,7 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
    hasRole,
    loading,
    refreshUser,
-    needsSetup: needsSetup === null ? true : needsSetup,
+    needsSetup: calculatedNeedsSetup,
    checkSetupStatus,
    updateUser,
  };
--- a/frontend/src/design/DesignSystem.txt
+++ b/frontend/src/design/DesignSystem.txt
@@ -20,6 +20,8 @@ export const designTokens = {
      10: '#ebd7fa',
    },
    manager: '#CC0000',
    // Semantic Colors
    primary: '#51258f',
    secondary: '#642ab5',
--- a/frontend/src/models/defaults/employeeDefaults.ts
+++ b/frontend/src/models/defaults/employeeDefaults.ts
@@ -102,7 +102,7 @@ export const AVAILABILITY_PREFERENCES = {
 } as const;
 // Default availability for new employees (all shifts unavailable as level 3)
-// UPDATED: Now uses shiftId instead of timeSlotId + dayOfWeek
+// Now uses shiftId instead of timeSlotId + dayOfWeek
 export function createDefaultAvailabilities(employeeId: string, planId: string, shiftIds: string[]): Omit<EmployeeAvailability, 'id'>[] {
  const availabilities: Omit<EmployeeAvailability, 'id'>[] = [];
--- a/frontend/src/models/helpers/employeeHelpers.ts
+++ b/frontend/src/models/helpers/employeeHelpers.ts
@@ -18,7 +18,7 @@ function generateEmail(firstname: string, lastname: string): string {
  return `${cleanFirstname}.${cleanLastname}@sp.de`;
 }
-// UPDATED: Validation for new employee model with employee types
+// Validation for new employee model with employee types
 export function validateEmployeeData(employee: CreateEmployeeRequest): string[] {
  const errors: string[] = [];
@@ -71,7 +71,7 @@ export function generateEmployeeEmail(firstname: string, lastname: string): stri
  return generateEmail(firstname, lastname);
 }
-// UPDATED: Business logic helpers for new employee types
+// Business logic helpers for new employee types
 export const isManager = (employee: Employee): boolean =>
  employee.employeeType === 'manager';
@@ -90,7 +90,7 @@ export const isInternal = (employee: Employee): boolean =>
 export const isExternal = (employee: Employee): boolean =>
  employee.employeeType === 'guest';
-// UPDATED: Trainee logic - now based on isTrainee field for personell type
+// Trainee logic - now based on isTrainee field for personell type
 export const isTrainee = (employee: Employee): boolean =>
  employee.employeeType === 'personell' && employee.isTrainee;
@@ -107,7 +107,7 @@ export const isMaintenance = (employee: Employee): boolean =>
 export const isUser = (employee: Employee): boolean =>
  employee.roles?.includes('user') || false;
-// UPDATED: Work alone permission - managers and experienced personell can work alone
+// Work alone permission - managers and experienced personell can work alone
 export const canEmployeeWorkAlone = (employee: Employee): boolean =>
  employee.canWorkAlone && (isManager(employee) || isExperienced(employee));
@@ -134,7 +134,7 @@ export function validateAvailabilityData(availability: Omit<EmployeeAvailability
  return errors;
 }
-// UPDATED: Helper to get employee type category
+// Helper to get employee type category
 export const getEmployeeCategory = (employee: Employee): 'internal' | 'external' => {
  return isInternal(employee) ? 'internal' : 'external';
 };
--- a/frontend/src/models/helpers/shiftPlanHelpers.ts
+++ b/frontend/src/models/helpers/shiftPlanHelpers.ts
@@ -78,7 +78,7 @@ export function calculateTotalRequiredEmployees(plan: ShiftPlan): number {
  return plan.shifts.reduce((total, shift) => total + shift.requiredEmployees, 0);
 }
-// UPDATED: Get scheduled shift by date and time slot
+// Get scheduled shift by date and time slot
 export function getScheduledShiftByDateAndTime(
  plan: ShiftPlan, 
  date: string, 
--- a/frontend/src/models/scheduling.ts
+++ b/frontend/src/models/scheduling.ts
@@ -2,7 +2,7 @@
 import { Employee } from './Employee.js';
 import { ShiftPlan } from './ShiftPlan.js';
-// Updated Availability interface to match new schema
+// Availability interface to match
 export interface Availability {
  id: string;
  employeeId: string;
--- a/frontend/src/pages/Auth/Login.tsx
+++ b/frontend/src/pages/Auth/Login.tsx
@@ -1,4 +1,4 @@
-// frontend/src/pages/Auth/Login.tsx - UPDATED PASSWORD SECTION
+// frontend/src/pages/Auth/Login.tsx
 import React, { useState, useEffect, useRef } from 'react';
 import { useNavigate } from 'react-router-dom';
 import { useAuth } from '../../contexts/AuthContext';
--- a/frontend/src/pages/Employees/components/EmployeeList.tsx
+++ b/frontend/src/pages/Employees/components/EmployeeList.tsx
@@ -15,7 +15,7 @@ interface EmployeeListProps {
 type SortField = 'name' | 'employeeType' | 'canWorkAlone' | 'role' | 'lastLogin';
 type SortDirection = 'asc' | 'desc';
-// FIXED: Use the actual employee types from the Employee interface
+// Use the actual employee types from the Employee interface
 type EmployeeType = 'manager' | 'personell' | 'apprentice' | 'guest';
 const EmployeeList: React.FC<EmployeeListProps> = ({
@@ -130,7 +130,7 @@ const EmployeeList: React.FC<EmployeeListProps> = ({
  const getEmployeeTypeBadge = (type: EmployeeType, isTrainee: boolean = false) => {
    const config = EMPLOYEE_TYPE_CONFIG[type];
-    // FIXED: Updated color mapping for actual employee types
+    // Color mapping for actual employee types
    const bgColor =
      type === 'manager'
        ? '#fadbd8' // light red
@@ -326,7 +326,7 @@ const EmployeeList: React.FC<EmployeeListProps> = ({
        </div>
        {sortedEmployees.map(employee => {
-          // FIXED: Type assertion to ensure type safety
+          // Type assertion to ensure type safety
          const employeeType = getEmployeeTypeBadge(employee.employeeType as EmployeeType, employee.isTrainee);
          const independence = getIndependenceBadge(employee.canWorkAlone);
          const roleInfo = getRoleBadge(employee.roles);
--- a/frontend/src/pages/ShiftPlans/ShiftPlanView.tsx
+++ b/frontend/src/pages/ShiftPlans/ShiftPlanView.tsx
@@ -1,5 +1,5 @@
-// frontend/src/pages/ShiftPlans/ShiftPlanView.tsx - UPDATED
+// frontend/src/pages/ShiftPlans/ShiftPlanView.tsx
-import React, { useState, useEffect } from 'react';
+import React, { useState, useEffect, useRef } from 'react';
 import { useParams, useNavigate } from 'react-router-dom';
 import { useAuth } from '../../contexts/AuthContext';
 import { shiftPlanService } from '../../services/shiftPlanService';
@@ -10,6 +10,7 @@ import { ShiftPlan, TimeSlot, ScheduledShift } from '../../models/ShiftPlan';
 import { Employee, EmployeeAvailability } from '../../models/Employee';
 import { useNotification } from '../../contexts/NotificationContext';
 import { formatDate, formatTime } from '../../utils/foramatters';
 import { saveAs } from 'file-saver';
 // Local interface extensions (same as AvailabilityManager)
 interface ExtendedTimeSlot extends TimeSlot {
@@ -54,6 +55,10 @@ const ShiftPlanView: React.FC = () => {
  const [scheduledShifts, setScheduledShifts] = useState<ScheduledShift[]>([]);
  const [showAssignmentPreview, setShowAssignmentPreview] = useState(false);
  const [recreating, setRecreating] = useState(false);
  const [exporting, setExporting] = useState(false);
  const [exportType, setExportType] = useState<'pdf' | 'excel' | null>(null);
  const [dropdownWidth, setDropdownWidth] = useState(0);
  const dropdownRef = useRef<HTMLDivElement>(null);
  useEffect(() => {
    loadShiftPlanData();
@@ -119,6 +124,12 @@ const ShiftPlanView: React.FC = () => {
    }
  }, [availabilities]);
  useEffect(() => {
    if (dropdownRef.current) {
      setDropdownWidth(dropdownRef.current.offsetWidth);
    }
  }, [exportType]);
  // Create a data structure that maps days to their shifts with time slot info - SAME AS AVAILABILITYMANAGER
  const getTimetableData = () => {
    if (!shiftPlan || !shiftPlan.shifts || !shiftPlan.timeSlots) {
@@ -240,6 +251,39 @@ const ShiftPlanView: React.FC = () => {
    };
  };
  const handleExport = async () => {
    if (!shiftPlan || !exportType) return;
    try {
      setExporting(true);
      let blob: Blob;
      if (exportType === 'excel') {
        blob = await shiftPlanService.exportShiftPlanToExcel(shiftPlan.id);
        saveAs(blob, `Schichtplan_${shiftPlan.name}_${new Date().toISOString().split('T')[0]}.xlsx`);
      } else {
        blob = await shiftPlanService.exportShiftPlanToPDF(shiftPlan.id);
        saveAs(blob, `Schichtplan_${shiftPlan.name}_${new Date().toISOString().split('T')[0]}.pdf`);
      }
      showNotification({
        type: 'success',
        title: 'Export erfolgreich',
        message: `Der Schichtplan wurde als ${exportType === 'excel' ? 'Excel' : 'PDF'} exportiert.`
      });
    } catch (error) {
      console.error(`Error exporting to ${exportType}:`, error);
      showNotification({
        type: 'error',
        title: 'Export fehlgeschlagen',
        message: `Der ${exportType === 'excel' ? 'Excel' : 'PDF'}-Export konnte nicht durchgeführt werden.`
      });
    } finally {
      setExporting(false);
    }
  };
  const loadShiftPlanData = async () => {
    if (!id) return;
@@ -399,12 +443,12 @@ const ShiftPlanView: React.FC = () => {
      console.log('- Scheduled Shifts:', scheduledShifts.length);
      // DEBUG: Show shift pattern IDs
-      if (shiftPlan.shifts) {
+      /*if (shiftPlan.shifts) {
        console.log('📋 SHIFT PATTERN IDs:');
        shiftPlan.shifts.forEach((shift, index) => {
          console.log(`   ${index + 1}. ${shift.id} (Day ${shift.dayOfWeek}, TimeSlot ${shift.timeSlotId})`);
        });
-      }
+      }*/
      const constraints = {
        enforceNoTraineeAlone: true,
@@ -650,6 +694,20 @@ const ShiftPlanView: React.FC = () => {
    return employeesWithoutAvailabilities.length === 0;
  };
  const canPublishAssignment = (): boolean => {
    if (!assignmentResult) return false;
    // Check if assignment was successful
    if (assignmentResult.success === false) return false;
    // Check if there are any critical violations
    const hasCriticalViolations = assignmentResult.violations.some(v =>
      v.includes('ERROR:') || v.includes('KRITISCH:')
    );
    return !hasCriticalViolations;
  };
  const getAvailabilityStatus = () => {
    const totalEmployees = employees.length;
    const employeesWithAvailabilities = new Set(
@@ -820,9 +878,6 @@ const ShiftPlanView: React.FC = () => {
                    <div style={{ fontSize: '14px', color: '#666' }}>
                      {formatTime(timeSlot.startTime)} - {formatTime(timeSlot.endTime)}
                    </div>
                    <div style={{ fontSize: '11px', color: '#999', marginTop: '4px' }}>
                      ID: {timeSlot.id.substring(0, 8)}...
                    </div>
                  </td>
                  {days.map(weekday => {
                    const shift = timeSlot.shiftsByDay[weekday.id];
@@ -846,7 +901,55 @@ const ShiftPlanView: React.FC = () => {
                    const isValidShift = shift.timeSlotId === timeSlot.id && shift.dayOfWeek === weekday.id;
                    let assignedEmployees: string[] = [];
-                    let displayText = '';
+                    let displayContent: React.ReactNode = null;
                    // Helper function to create employee boxes
                    const createEmployeeBoxes = (employeeIds: string[]) => {
                      return employeeIds.map(empId => {
                        const employee = employees.find(emp => emp.id === empId);
                        if (!employee) return null;
                        // Determine background color based on employee role
                        let backgroundColor = '#642ab5'; // Default: non-trainee personnel (purple)
                        if (employee.isTrainee) {
                          backgroundColor = '#cda8f0'; // Trainee
                        } else if (employee.employeeType === 'manager') {
                          backgroundColor = '#CC0000'; // Manager
                        }
                        return (
                          <div
                            key={empId}
                            style={{
                              backgroundColor,
                              color: 'white',
                              padding: '4px 8px',
                              borderRadius: '4px',
                              marginBottom: '2px',
                              fontSize: '12px',
                              textAlign: 'center',
                              whiteSpace: 'nowrap',
                              overflow: 'hidden',
                              textOverflow: 'ellipsis'
                            }}
                            title={`${employee.firstname} ${employee.lastname}${employee.isTrainee ? ' (Trainee)' : ''}`}
                          >
                            {employee.firstname} {employee.lastname}
                          </div>
                        );
                      }).filter(Boolean);
                    };
                    // Helper function to get fallback content
                    const getFallbackContent = () => {
                      const shiftsForSlot = shiftPlan?.shifts?.filter(s =>
                        s.dayOfWeek === weekday.id &&
                        s.timeSlotId === timeSlot.id
                      ) || [];
                      const totalRequired = shiftsForSlot.reduce((sum, s) => sum + s.requiredEmployees, 0);
                      return totalRequired === 0 ? '-' : `0/${totalRequired}`;
                    };
                    if (shiftPlan?.status === 'published') {
                      // For published plans, use actual assignments from scheduled shifts
@@ -859,15 +962,21 @@ const ShiftPlanView: React.FC = () => {
                      if (scheduledShift) {
                        assignedEmployees = scheduledShift.assignedEmployees || [];
-                        // DEBUG: Log if we're still seeing old data
+                        // Log if we're still seeing old data
                        if (assignedEmployees.length > 0) {
                          console.warn(`⚠️ Found non-empty assignments for ${weekday.name} ${timeSlot.name}:`, assignedEmployees);
                        }
-                        displayText = assignedEmployees.map(empId => {
+                        const employeeBoxes = createEmployeeBoxes(assignedEmployees);
-                          const employee = employees.find(emp => emp.id === empId);
+                        displayContent = employeeBoxes.length > 0 ? (
-                          return employee ? `${employee.firstname} ${employee.lastname}` : 'Unbekannt';
+                          <div style={{ display: 'flex', flexDirection: 'column', gap: '2px' }}>
-                        }).join(', ');
+                            {employeeBoxes}
                          </div>
                        ) : (
                          <div style={{ color: '#666', fontStyle: 'italic' }}>
                            {getFallbackContent()}
                          </div>
                        );
                      }
                    } else if (assignmentResult) {
                      // For draft with preview, use assignment result
@@ -879,30 +988,26 @@ const ShiftPlanView: React.FC = () => {
                      if (scheduledShift) {
                        assignedEmployees = getAssignmentsForScheduledShift(scheduledShift);
-                        displayText = assignedEmployees.map(empId => {
+                        const employeeBoxes = createEmployeeBoxes(assignedEmployees);
-                          const employee = employees.find(emp => emp.id === empId);
+                        displayContent = employeeBoxes.length > 0 ? (
-                          return employee ? `${employee.firstname} ${employee.lastname}` : 'Unbekannt';
+                          <div style={{ display: 'flex', flexDirection: 'column', gap: '2px' }}>
-                        }).join(', ');
+                            {employeeBoxes}
                          </div>
                        ) : (
                          <div style={{ color: '#666', fontStyle: 'italic' }}>
                            {getFallbackContent()}
                          </div>
                        );
                      }
                    }
-                    // If no assignments yet, show empty or required count
+                    // If no display content set yet, use fallback
-                    if (!displayText) {
+                    if (!displayContent) {
-                      const shiftsForSlot = shiftPlan?.shifts?.filter(s => 
+                      displayContent = (
-                        s.dayOfWeek === weekday.id && 
+                        <div style={{ color: '#666', fontStyle: 'italic' }}>
-                        s.timeSlotId === timeSlot.id
+                          {getFallbackContent()}
-                      ) || [];
+                        </div>
-                      
+                      );
                      const totalRequired = shiftsForSlot.reduce((sum, s) => 
                        sum + s.requiredEmployees, 0);
                      // Show "0/2" instead of just "0" to indicate it's empty
                      displayText = `0/${totalRequired}`;
                      // Optional: Show empty state more clearly
                      if (totalRequired === 0) {
                        displayText = '-';
                      }
                    }
                    return (
@@ -937,7 +1042,7 @@ const ShiftPlanView: React.FC = () => {
                          </div>
                        )}
-                        {displayText}
+                        {displayContent}
                        {/* Shift debug info - SAME AS AVAILABILITYMANAGER */}
                        <div style={{
@@ -947,8 +1052,6 @@ const ShiftPlanView: React.FC = () => {
                          textAlign: 'left',
                          fontFamily: 'monospace'
                        }}>
                          <div>Shift: {shift.id.substring(0, 6)}...</div>
                          <div>Day: {shift.dayOfWeek}</div>
                          {!isValidShift && (
                            <div style={{ color: '#e74c3c', fontWeight: 'bold' }}>
                              VALIDATION ERROR
@@ -963,7 +1066,6 @@ const ShiftPlanView: React.FC = () => {
            </tbody>
          </table>
        </div>
      </div>
    );
  };
@@ -1005,6 +1107,7 @@ const ShiftPlanView: React.FC = () => {
          </div>
        </div>
        <div style={{ display: 'flex', gap: '10px', alignItems: 'center' }}>
          {/* "Zuweisungen neu berechnen" button */}
          {shiftPlan.status === 'published' && hasRole(['admin', 'maintenance']) && (
            <button
              onClick={handleRecreateAssignments}
@@ -1118,7 +1221,7 @@ const ShiftPlanView: React.FC = () => {
        </div>
      )}
-      {/* Assignment Preview Modal - FIXED CONDITION */}
+      {/* Assignment Preview Modal */}
      {(showAssignmentPreview || assignmentResult) && (
        <div style={{
          position: 'fixed',
@@ -1197,15 +1300,13 @@ const ShiftPlanView: React.FC = () => {
              </div>
            )}
-            {/* KORRIGIERTE ZUSAMMENFASSUNG */}
+            {/* ZUSAMMENFASSUNG */}
            {assignmentResult && (
              <div style={{ marginBottom: '20px' }}>
                <h4>Zusammenfassung:</h4>
                {/* Entscheidung basierend auf tatsächlichen kritischen Problemen */}
-                {assignmentResult.violations.filter(v => 
+                {(assignmentResult.violations.length === 0) || assignmentResult.success == true ? (
                  v.includes('ERROR:') || v.includes('❌ KRITISCH:')
                ).length === 0 ? (
                  <div style={{
                    padding: '15px',
                    backgroundColor: '#d4edda',
@@ -1288,32 +1389,24 @@ const ShiftPlanView: React.FC = () => {
                Abbrechen
              </button>
-              {/* KORRIGIERTER BUTTON MIT TYPESCRIPT-FIX */}
+              {/* BUTTON zum publishen */}
              <button
                onClick={handlePublish}
-                disabled={publishing || (assignmentResult ? assignmentResult.violations.filter(v => 
+                disabled={publishing || !canPublishAssignment()}
                  v.includes('ERROR:') || v.includes('❌ KRITISCH:')
                ).length > 0 : true)}
                style={{
                  padding: '10px 20px',
-                  backgroundColor: assignmentResult ? (assignmentResult.violations.filter(v => 
+                  backgroundColor: canPublishAssignment() ? '#2ecc71' : '#95a5a6',
                    v.includes('ERROR:') || v.includes('❌ KRITISCH:')
                  ).length === 0 ? '#2ecc71' : '#95a5a6') : '#95a5a6',
                  color: 'white',
                  border: 'none',
                  borderRadius: '4px',
-                  cursor: assignmentResult ? (assignmentResult.violations.filter(v => 
+                  cursor: canPublishAssignment() ? 'pointer' : 'not-allowed',
                    v.includes('ERROR:') || v.includes('❌ KRITISCH:')
                  ).length === 0 ? 'pointer' : 'not-allowed') : 'not-allowed',
                  fontWeight: 'bold',
                  fontSize: '16px'
                }}
              >
                {publishing ? 'Veröffentliche...' : (
                  assignmentResult ? (
-                    assignmentResult.violations.filter(v => 
+                    canPublishAssignment()
                      v.includes('ERROR:') || v.includes('❌ KRITISCH:')
                    ).length === 0 
                      ? 'Schichtplan veröffentlichen'
                      : 'Kritische Probleme müssen behoben werden'
                  ) : 'Lade Zuordnungen...'
@@ -1339,6 +1432,65 @@ const ShiftPlanView: React.FC = () => {
        {renderTimetable()}
        {shiftPlan.status === 'published' && hasRole(['admin', 'maintenance']) && (
          <div style={{
            display: 'flex',
            alignItems: 'center',
            position: 'relative',
            marginLeft: '10px'
          }}>
            {/* Export Dropdown */}
            <div
              ref={dropdownRef}
              style={{
                transform: exportType ? `translateX(-${dropdownWidth}px)` : 'translateX(0)',
                transition: 'transform 0.3s ease-in-out',
                position: exportType ? 'absolute' : 'relative',
                right: exportType ? `-${dropdownWidth}px` : '0'
              }}
            >
              <select
                value={exportType || ''}
                onChange={(e) => setExportType(e.target.value as 'pdf' | 'excel' | null)}
                style={{
                  padding: '10px 20px',
                  backgroundColor: 'white',
                  border: '1px solid #ddd',
                  borderRadius: '4px',
                  cursor: 'pointer',
                  minWidth: '120px'
                }}
              >
                <option value="">Export</option>
                <option value="pdf">PDF</option>
                <option value="excel">Excel</option>
              </select>
            </div>
            {/* Export Button */}
            {exportType && (
              <button
                onClick={handleExport}
                disabled={exporting}
                style={{
                  padding: '10px 20px',
                  backgroundColor: '#51258f',
                  color: 'white',
                  border: 'none',
                  borderRadius: '4px',
                  cursor: exporting ? 'not-allowed' : 'pointer',
                  fontWeight: 'bold',
                  marginLeft: '10px',
                  opacity: exporting ? 0.7 : 1,
                  transition: 'opacity 0.2s ease'
                }}
              >
                {exporting ? '🔄 Exportiert...' : 'EXPORT'}
              </button>
            )}
          </div>
        )}
        {/* Summary */}
        {days.length > 0 && (
          <div style={{
--- a/frontend/src/services/apiClient.ts
+++ b/frontend/src/services/apiClient.ts
@@ -0,0 +1,135 @@
 import { ValidationError, ErrorService } from './errorService';
 export class ApiError extends Error {
  public validationErrors: ValidationError[];
  public statusCode: number;
  public originalError?: any;
  constructor(message: string, validationErrors: ValidationError[] = [], statusCode: number = 0, originalError?: any) {
    super(message);
    this.name = 'ApiError';
    this.validationErrors = validationErrors;
    this.statusCode = statusCode;
    this.originalError = originalError;
  }
 }
 export class ApiClient {
  private baseURL: string;
  constructor() {
    this.baseURL = import.meta.env.VITE_API_URL || '/api';
  }
  private getAuthHeaders(): HeadersInit {
    const token = localStorage.getItem('token');
    return token ? { 'Authorization': `Bearer ${token}` } : {};
  }
  private async handleApiResponse<T>(response: Response, responseType: 'json' | 'blob' = 'json'): Promise<T> {
    if (!response.ok) {
      let errorData;
      try {
        // Try to parse error response as JSON
        const responseText = await response.text();
        errorData = responseText ? JSON.parse(responseText) : {};
      } catch {
        // If not JSON, create a generic error object
        errorData = { error: `HTTP ${response.status}: ${response.statusText}` };
      }
      // Extract validation errors using your existing ErrorService
      const validationErrors = ErrorService.extractValidationErrors(errorData);
      if (validationErrors.length > 0) {
        // Throw error with validationErrors property for useBackendValidation hook
        throw new ApiError(
          errorData.error || 'Validation failed',
          validationErrors,
          response.status,
          errorData
        );
      }
      // Throw regular error for non-validation errors
      throw new ApiError(
        errorData.error || errorData.message || `HTTP error! status: ${response.status}`,
        [],
        response.status,
        errorData
      );
    }
    // Handle blob responses (for file downloads)
    if (responseType === 'blob') {
      return response.blob() as Promise<T>;
    }
    // For successful JSON responses, try to parse as JSON
    try {
      const responseText = await response.text();
      return responseText ? JSON.parse(responseText) : {} as T;
    } catch (error) {
      // If response is not JSON but request succeeded (e.g., 204 No Content)
      return {} as T;
    }
  }
  async request<T>(endpoint: string, options: RequestInit = {}, responseType: 'json' | 'blob' = 'json'): Promise<T> {
    const url = `${this.baseURL}${endpoint}`;
    const config: RequestInit = {
      headers: {
        'Content-Type': 'application/json',
        ...this.getAuthHeaders(),
        ...options.headers,
      },
      ...options,
    };
    try {
      const response = await fetch(url, config);
      return await this.handleApiResponse<T>(response, responseType);
    } catch (error) {
      // Re-throw the error to be caught by useBackendValidation
      if (error instanceof ApiError) {
        throw error;
      }
      // Wrap non-ApiError errors
      throw new ApiError(
        error instanceof Error ? error.message : 'Unknown error occurred',
        [],
        0,
        error
      );
    }
  }
  // Standardized HTTP methods
  get = <T>(endpoint: string) => this.request<T>(endpoint);
  post = <T>(endpoint: string, data?: any) => 
    this.request<T>(endpoint, { 
      method: 'POST', 
      body: data ? JSON.stringify(data) : undefined 
    });
  put = <T>(endpoint: string, data?: any) => 
    this.request<T>(endpoint, { 
      method: 'PUT', 
      body: data ? JSON.stringify(data) : undefined 
    });
  patch = <T>(endpoint: string, data?: any) => 
    this.request<T>(endpoint, { 
      method: 'PATCH', 
      body: data ? JSON.stringify(data) : undefined 
    });
  delete = <T>(endpoint: string) => 
    this.request<T>(endpoint, { method: 'DELETE' });
 }
 export const apiClient = new ApiClient();
--- a/frontend/src/services/authService.ts
+++ b/frontend/src/services/authService.ts
@@ -1,8 +1,5 @@
 // frontend/src/services/authService.ts - UPDATED
 import { Employee } from '../models/Employee';
-import { ErrorService } from './errorService';
+import { apiClient } from './apiClient';
 const API_BASE_URL = import.meta.env.VITE_API_URL || '/api';
 export interface LoginRequest {
  email: string;
@@ -25,31 +22,8 @@ export interface AuthResponse {
 class AuthService {
  private token: string | null = null;
  private async handleApiResponse<T>(response: Response): Promise<T> {
    if (!response.ok) {
      const errorData = await response.json().catch(() => ({}));
      const validationErrors = ErrorService.extractValidationErrors(errorData);
      if (validationErrors.length > 0) {
        const error = new Error('Validation failed');
        (error as any).validationErrors = validationErrors;
        throw error;
      }
      throw new Error(errorData.error || errorData.message || 'Authentication failed');
    }
    return response.json();
  }
  async login(credentials: LoginRequest): Promise<AuthResponse> {
-    const response = await fetch(`${API_BASE_URL}/auth/login`, {
+    const data = await apiClient.post<AuthResponse>('/auth/login', credentials);
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(credentials)
    });
    const data = await this.handleApiResponse<AuthResponse>(response);
    this.token = data.token;
    localStorage.setItem('token', data.token);
    localStorage.setItem('employee', JSON.stringify(data.employee));
@@ -57,13 +31,7 @@ class AuthService {
  }
  async register(userData: RegisterRequest): Promise<AuthResponse> {
-    const response = await fetch(`${API_BASE_URL}/employees`, {
+    await apiClient.post('/employees', userData);
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(userData)
    });
    const data = await this.handleApiResponse<AuthResponse>(response);
    return this.login({
      email: userData.email,
      password: userData.password
@@ -77,29 +45,17 @@ class AuthService {
  async fetchCurrentEmployee(): Promise<Employee | null> {
    const token = this.getToken();
-    if (!token) {
+    if (!token) return null;
      return null;
    }
    try {
-      const response = await fetch(`${API_BASE_URL}/auth/me`, {
+      const data = await apiClient.get<{ user: Employee }>('/auth/me');
-        headers: {
+      localStorage.setItem('user', JSON.stringify(data.user));
-          'Authorization': `Bearer ${token}`
+      return data.user;
        }
      });
      if (response.ok) {
        const data = await response.json();
        const user = data.user;
        localStorage.setItem('user', JSON.stringify(user));
        return user;
      }
    } catch (error) {
      console.error('Error fetching current user:', error);
    }
      return null;
    }
  }
  logout(): void {
    this.token = null;
--- a/frontend/src/services/employeeService.ts
+++ b/frontend/src/services/employeeService.ts
@@ -1,138 +1,58 @@
 // frontend/src/services/employeeService.ts
 import { Employee, CreateEmployeeRequest, UpdateEmployeeRequest, EmployeeAvailability } from '../models/Employee';
-import { ErrorService, ValidationError } from './errorService';
+import { apiClient } from './apiClient';
 const API_BASE_URL = '/api';
 const getAuthHeaders = () => {
  const token = localStorage.getItem('token');
  return {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${token}`
  };
 };
 export class EmployeeService {
  private async handleApiResponse<T>(response: Response): Promise<T> {
    if (!response.ok) {
      const errorData = await response.json().catch(() => ({}));
      const validationErrors = ErrorService.extractValidationErrors(errorData);
      if (validationErrors.length > 0) {
        const error = new Error('Validation failed');
        (error as any).validationErrors = validationErrors;
        throw error;
      }
      throw new Error(errorData.error || errorData.message || `HTTP error! status: ${response.status}`);
    }
    return response.json();
  }
  async getEmployees(includeInactive: boolean = false): Promise<Employee[]> {
    console.log('🔄 Fetching employees from API...');
-    const token = localStorage.getItem('token');
+    try {
-    console.log('🔑 Token exists:', !!token);
+      const employees = await apiClient.get<Employee[]>(`/employees?includeInactive=${includeInactive}`);
    const response = await fetch(`${API_BASE_URL}/employees?includeInactive=${includeInactive}`, {
      headers: getAuthHeaders(),
    });
    console.log('📡 Response status:', response.status);
    if (!response.ok) {
      const errorText = await response.text();
      console.error('❌ API Error:', errorText);
      throw new Error('Failed to fetch employees');
    }
    const employees = await response.json();
      console.log('✅ Employees received:', employees.length);
      return employees;
    } catch (error) {
      console.error('❌ Error fetching employees:', error);
      throw error; // Let useBackendValidation handle this
    }
  }
  async getEmployee(id: string): Promise<Employee> {
-    const response = await fetch(`${API_BASE_URL}/employees/${id}`, {
+    return apiClient.get<Employee>(`/employees/${id}`);
      headers: getAuthHeaders(),
    });
    return this.handleApiResponse<Employee>(response);
  }
  async createEmployee(employee: CreateEmployeeRequest): Promise<Employee> {
-    const response = await fetch(`${API_BASE_URL}/employees`, {
+    return apiClient.post<Employee>('/employees', employee);
      method: 'POST',
      headers: getAuthHeaders(),
      body: JSON.stringify(employee),
    });
    return this.handleApiResponse<Employee>(response);
  }
  async updateEmployee(id: string, employee: UpdateEmployeeRequest): Promise<Employee> {
-    const response = await fetch(`${API_BASE_URL}/employees/${id}`, {
+    return apiClient.put<Employee>(`/employees/${id}`, employee);
      method: 'PUT',
      headers: getAuthHeaders(),
      body: JSON.stringify(employee),
    });
    return this.handleApiResponse<Employee>(response);
  }
  async deleteEmployee(id: string): Promise<void> {
-    const response = await fetch(`${API_BASE_URL}/employees/${id}`, {
+    await apiClient.delete(`/employees/${id}`);
      method: 'DELETE',
      headers: getAuthHeaders(),
    });
    if (!response.ok) {
      const error = await response.json();
      throw new Error(error.error || 'Failed to delete employee');
    }
  }
  async getAvailabilities(employeeId: string): Promise<EmployeeAvailability[]> {
-    const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/availabilities`, {
+    return apiClient.get<EmployeeAvailability[]>(`/employees/${employeeId}/availabilities`);
      headers: getAuthHeaders(),
    });
    return this.handleApiResponse<EmployeeAvailability[]>(response);
  }
-  async updateAvailabilities(employeeId: string, data: { planId: string, availabilities: Omit<EmployeeAvailability, 'id' | 'employeeId'>[] }): Promise<EmployeeAvailability[]> {
+  async updateAvailabilities(
    employeeId: string, 
    data: { planId: string, availabilities: Omit<EmployeeAvailability, 'id' | 'employeeId'>[] }
  ): Promise<EmployeeAvailability[]> {
    console.log('🔄 Updating availabilities for employee:', employeeId);
-    const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/availabilities`, {
+    return apiClient.put<EmployeeAvailability[]>(`/employees/${employeeId}/availabilities`, data);
      method: 'PUT',
      headers: getAuthHeaders(),
      body: JSON.stringify(data),
    });
    return this.handleApiResponse<EmployeeAvailability[]>(response);
  }
-  async changePassword(id: string, data: { currentPassword: string, newPassword: string, confirmPassword: string }): Promise<void> {
+  async changePassword(
-    const response = await fetch(`${API_BASE_URL}/employees/${id}/password`, {
+    id: string, 
-      method: 'PUT',
+    data: { currentPassword: string, newPassword: string, confirmPassword: string }
-      headers: getAuthHeaders(),
+  ): Promise<void> {
-      body: JSON.stringify(data),
+    return apiClient.put<void>(`/employees/${id}/password`, data);
    });
    return this.handleApiResponse<void>(response);
  }
  async updateLastLogin(employeeId: string): Promise<void> {
    try {
-      const response = await fetch(`${API_BASE_URL}/employees/${employeeId}/last-login`, {
+      await apiClient.patch(`/employees/${employeeId}/last-login`);
        method: 'PATCH',
        headers: getAuthHeaders(),
      });
      if (!response.ok) {
        throw new Error('Failed to update last login');
      }
    } catch (error) {
      console.error('Error updating last login:', error);
      throw error;
--- a/frontend/src/services/shiftAssignmentService.ts
+++ b/frontend/src/services/shiftAssignmentService.ts
@@ -1,65 +1,15 @@
 // frontend/src/services/shiftAssignmentService.ts - WEEKLY PATTERN VERSION
 import { ShiftPlan, ScheduledShift } from '../models/ShiftPlan';
 import { Employee, EmployeeAvailability } from '../models/Employee';
 import { authService } from './authService';
 import { AssignmentResult, ScheduleRequest } from '../models/scheduling';
-
+import { apiClient } from './apiClient';
 const API_BASE_URL = '/api';
 // Helper function to get auth headers
 const getAuthHeaders = () => {
  const token = localStorage.getItem('token');
  return {
    'Content-Type': 'application/json',
    ...(token && { 'Authorization': `Bearer ${token}` })
  };
 };
 export class ShiftAssignmentService {
  async updateScheduledShift(id: string, updates: { assignedEmployees: string[] }): Promise<void> {
    try {
-      //console.log('🔄 Updating scheduled shift via API:', { id, updates });
+      console.log('🔄 Updating scheduled shift via API:', { id, updates });
-      const response = await fetch(`${API_BASE_URL}/scheduled-shifts/${id}`, {
+      await apiClient.put(`/scheduled-shifts/${id}`, updates);
-        method: 'PUT',
+      console.log('✅ Scheduled shift updated successfully');
        headers: {
          'Content-Type': 'application/json',
          ...authService.getAuthHeaders()
        },
        body: JSON.stringify(updates)
      });
      // First, check if we got any response
      if (!response.ok) {
        // Try to get error message from response
        const responseText = await response.text();
        console.error('❌ Server response:', responseText);
        let errorMessage = `HTTP ${response.status}: ${response.statusText}`;
        // Try to parse as JSON if possible
        try {
          const errorData = JSON.parse(responseText);
          errorMessage = errorData.error || errorMessage;
        } catch (e) {
          // If not JSON, use the text as is
          errorMessage = responseText || errorMessage;
        }
        throw new Error(errorMessage);
      }
      // Try to parse successful response
      const responseText = await response.text();
      let result;
      try {
        result = responseText ? JSON.parse(responseText) : {};
      } catch (e) {
        console.warn('⚠️ Response was not JSON, but request succeeded');
        result = { message: 'Update successful' };
      }
      console.log('✅ Scheduled shift updated successfully:', result);
    } catch (error) {
      console.error('❌ Error updating scheduled shift:', error);
@@ -69,48 +19,16 @@ export class ShiftAssignmentService {
  async getScheduledShift(id: string): Promise<any> {
    try {
-      const response = await fetch(`${API_BASE_URL}/scheduled-shifts/${id}`, {
+      return await apiClient.get(`/scheduled-shifts/${id}`);
        headers: {
          'Authorization': `Bearer ${localStorage.getItem('token')}`
        }
      });
      if (!response.ok) {
        const responseText = await response.text();
        let errorMessage = `HTTP ${response.status}: ${response.statusText}`;
        try {
          const errorData = JSON.parse(responseText);
          errorMessage = errorData.error || errorMessage;
        } catch (e) {
          errorMessage = responseText || errorMessage;
        }
        throw new Error(errorMessage);
      }
      const responseText = await response.text();
      return responseText ? JSON.parse(responseText) : {};
    } catch (error) {
      console.error('Error fetching scheduled shift:', error);
      throw error;
    }
  }
  // New method to get all scheduled shifts for a plan
  async getScheduledShiftsForPlan(planId: string): Promise<ScheduledShift[]> {
    try {
-      const response = await fetch(`${API_BASE_URL}/scheduled-shifts/plan/${planId}`, {
+      const shifts = await apiClient.get<ScheduledShift[]>(`/scheduled-shifts/plan/${planId}`);
        headers: {
          'Authorization': `Bearer ${localStorage.getItem('token')}`
        }
      });
      if (!response.ok) {
        throw new Error(`Failed to fetch scheduled shifts: ${response.status}`);
      }
      const shifts = await response.json();
      // DEBUG: Check the structure of returned shifts
      console.log('🔍 SCHEDULED SHIFTS STRUCTURE:', shifts.slice(0, 3));
@@ -132,21 +50,7 @@ export class ShiftAssignmentService {
  }
  private async callSchedulingAPI(request: ScheduleRequest): Promise<AssignmentResult> {
-    const response = await fetch(`${API_BASE_URL}/scheduling/generate-schedule`, {
+    return await apiClient.post<AssignmentResult>('/scheduling/generate-schedule', request);
      method: 'POST',
      headers: {
          'Content-Type': 'application/json',
          ...authService.getAuthHeaders()
        },
      body: JSON.stringify(request)
    });
    if (!response.ok) {
      const errorData = await response.json();
      throw new Error(errorData.error || 'Scheduling failed');
    }
    return response.json();
  }
  async assignShifts(
--- a/frontend/src/services/shiftPlanService.ts
+++ b/frontend/src/services/shiftPlanService.ts
@@ -1,198 +1,114 @@
 // frontend/src/services/shiftPlanService.ts
 import { authService } from './authService';
 import { ShiftPlan, CreateShiftPlanRequest } from '../models/ShiftPlan';
 import { TEMPLATE_PRESETS } from '../models/defaults/shiftPlanDefaults';
-
+import { apiClient } from './apiClient';
 const API_BASE_URL = '/api/shift-plans';
 // Helper function to get auth headers
 const getAuthHeaders = () => {
  const token = localStorage.getItem('token');
  return {
    'Content-Type': 'application/json',
    ...(token && { 'Authorization': `Bearer ${token}` })
  };
 };
 // Helper function to handle responses
 const handleResponse = async (response: Response) => {
  if (!response.ok) {
    const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
    throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
  }
  return response.json();
 };
 export const shiftPlanService = {
  async getShiftPlans(): Promise<ShiftPlan[]> {
-    const response = await fetch(API_BASE_URL, {
+    try {
-      headers: {
+      const plans = await apiClient.get<ShiftPlan[]>('/shift-plans');
        'Content-Type': 'application/json',
        ...authService.getAuthHeaders()
      }
    });
    if (!response.ok) {
      if (response.status === 401) {
        authService.logout();
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Fehler beim Laden der Schichtpläne');
    }
    const plans = await response.json();
      // Ensure scheduledShifts is always an array
      return plans.map((plan: any) => ({
        ...plan,
        scheduledShifts: plan.scheduledShifts || []
      }));
    } catch (error: any) {
      if (error.statusCode === 401) {
        // You might want to import and use authService here if needed
        localStorage.removeItem('token');
        localStorage.removeItem('employee');
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Fehler beim Laden der Schichtpläne');
    }
  },
  async getShiftPlan(id: string): Promise<ShiftPlan> {
-    const response = await fetch(`${API_BASE_URL}/${id}`, {
+    try {
-      headers: {
+      return await apiClient.get<ShiftPlan>(`/shift-plans/${id}`);
-        'Content-Type': 'application/json',
+    } catch (error: any) {
-        ...authService.getAuthHeaders()
+      if (error.statusCode === 401) {
-      }
+        localStorage.removeItem('token');
-    });
+        localStorage.removeItem('employee');
    if (!response.ok) {
      if (response.status === 401) {
        authService.logout();
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Schichtplan nicht gefunden');
    }
    return await response.json();
  },
  async createShiftPlan(plan: CreateShiftPlanRequest): Promise<ShiftPlan> {
-    const response = await fetch(API_BASE_URL, {
+    try {
-      method: 'POST',
+      return await apiClient.post<ShiftPlan>('/shift-plans', plan);
-      headers: {
+    } catch (error: any) {
-        'Content-Type': 'application/json',
+      if (error.statusCode === 401) {
-        ...authService.getAuthHeaders()
+        localStorage.removeItem('token');
-      },
+        localStorage.removeItem('employee');
      body: JSON.stringify(plan)
    });
    if (!response.ok) {
      if (response.status === 401) {
        authService.logout();
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Fehler beim Erstellen des Schichtplans');
    }
    return response.json();
  },
  async updateShiftPlan(id: string, plan: Partial<ShiftPlan>): Promise<ShiftPlan> {
-    const response = await fetch(`${API_BASE_URL}/${id}`, {
+    try {
-      method: 'PUT',
+      return await apiClient.put<ShiftPlan>(`/shift-plans/${id}`, plan);
-      headers: {
+    } catch (error: any) {
-        'Content-Type': 'application/json',
+      if (error.statusCode === 401) {
-        ...authService.getAuthHeaders()
+        localStorage.removeItem('token');
-      },
+        localStorage.removeItem('employee');
      body: JSON.stringify(plan)
    });
    if (!response.ok) {
      if (response.status === 401) {
        authService.logout();
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Fehler beim Aktualisieren des Schichtplans');
    }
    return response.json();
  },
  async deleteShiftPlan(id: string): Promise<void> {
-    const response = await fetch(`${API_BASE_URL}/${id}`, {
+    try {
-      method: 'DELETE',
+      await apiClient.delete(`/shift-plans/${id}`);
-      headers: {
+    } catch (error: any) {
-        'Content-Type': 'application/json',
+      if (error.statusCode === 401) {
-        ...authService.getAuthHeaders()
+        localStorage.removeItem('token');
-      }
+        localStorage.removeItem('employee');
    });
    if (!response.ok) {
      if (response.status === 401) {
        authService.logout();
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      throw new Error('Fehler beim Löschen des Schichtplans');
    }
  },
-  // Get specific template or plan
+  async getTemplate(id: string): Promise<ShiftPlan> {
-  getTemplate: async (id: string): Promise<ShiftPlan> => {
+    return await apiClient.get<ShiftPlan>(`/shift-plans/${id}`);
    const response = await fetch(`${API_BASE_URL}/${id}`, {
      headers: getAuthHeaders()
    });
    return handleResponse(response);
  },
-
+  async regenerateScheduledShifts(planId: string): Promise<void> {
  async regenerateScheduledShifts(planId: string):Promise<void> {
    try {
      console.log('🔄 Attempting to regenerate scheduled shifts...');
-        
+      await apiClient.post(`/shift-plans/${planId}/regenerate-shifts`);
        // You'll need to add this API endpoint to your backend
        const response = await fetch(`${API_BASE_URL}/${planId}/regenerate-shifts`, {
        method: 'POST',
        headers: {
            'Content-Type': 'application/json',
            'Authorization': `Bearer ${localStorage.getItem('token')}`
        }
        });
        if (response.ok) {
      console.log('✅ Scheduled shifts regenerated');
        } else {
        console.error('❌ Failed to regenerate shifts');
        }
    } catch (error) {
      console.error('❌ Error regenerating shifts:', error);
      throw error;
    }
  },
-  // Create new plan
+  async createPlan(data: CreateShiftPlanRequest): Promise<ShiftPlan> {
-  createPlan: async (data: CreateShiftPlanRequest): Promise<ShiftPlan> => {
+    return await apiClient.post<ShiftPlan>('/shift-plans', data);
    const response = await fetch(`${API_BASE_URL}`, {
      method: 'POST',
      headers: getAuthHeaders(),
      body: JSON.stringify(data),
    });
    return handleResponse(response);
  },
-  createFromPreset: async (data: {
+  async createFromPreset(data: {
    presetName: string;
    name: string;
    startDate: string;
    endDate: string;
    isTemplate?: boolean;
-  }): Promise<ShiftPlan> => {
+  }): Promise<ShiftPlan> {
-    const response = await fetch(`${API_BASE_URL}/from-preset`, {
+    try {
-      method: 'POST',
+      return await apiClient.post<ShiftPlan>('/shift-plans/from-preset', data);
-      headers: getAuthHeaders(),
+    } catch (error: any) {
-      body: JSON.stringify(data),
+      throw new Error(error.message || `HTTP error! status: ${error.statusCode}`);
    });
    if (!response.ok) {
      const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
      throw new Error(errorData.error || `HTTP error! status: ${response.status}`);
    }
    return response.json();
  },
-  getTemplatePresets: async (): Promise<{name: string, label: string, description: string}[]> => {
+  async getTemplatePresets(): Promise<{name: string, label: string, description: string}[]> {
    // name = label
    return Object.entries(TEMPLATE_PRESETS).map(([key, preset]) => ({
      name: key,
      label: preset.name,
@@ -203,25 +119,67 @@ export const shiftPlanService = {
  async clearAssignments(planId: string): Promise<void> {
    try {
      console.log('🔄 Clearing assignments for plan:', planId);
-      
+      await apiClient.post(`/shift-plans/${planId}/clear-assignments`);
      const response = await fetch(`${API_BASE_URL}/${planId}/clear-assignments`, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
          ...authService.getAuthHeaders()
        }
      });
      if (!response.ok) {
        const errorData = await response.json().catch(() => ({ error: 'Unknown error' }));
        throw new Error(errorData.error || `Failed to clear assignments: ${response.status}`);
      }
      console.log('✅ Assignments cleared successfully');
    } catch (error) {
      console.error('❌ Error clearing assignments:', error);
      throw error;
    }
  },
  async exportShiftPlanToExcel(planId: string): Promise<Blob> {
    try {
      console.log('📊 Exporting shift plan to Excel:', planId);
      // Use the apiClient with blob response handling
      const blob = await apiClient.request<Blob>(`/shift-plans/${planId}/export/excel`, {
        method: 'GET',
      }, 'blob');
      console.log('✅ Excel export successful');
      return blob;
    } catch (error: any) {
      console.error('❌ Error exporting to Excel:', error);
      if (error.statusCode === 401) {
        localStorage.removeItem('token');
        localStorage.removeItem('employee');
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      if (error.statusCode === 404) {
        throw new Error('Schichtplan nicht gefunden');
      }
      throw new Error('Fehler beim Excel-Export des Schichtplans');
    }
  },
  async exportShiftPlanToPDF(planId: string): Promise<Blob> {
    try {
      console.log('📄 Exporting shift plan to PDF:', planId);
      // Use the apiClient with blob response handling
      const blob = await apiClient.request<Blob>(`/shift-plans/${planId}/export/pdf`, {
        method: 'GET',
      }, 'blob');
      console.log('✅ PDF export successful');
      return blob;
    } catch (error: any) {
      console.error('❌ Error exporting to PDF:', error);
      if (error.statusCode === 401) {
        localStorage.removeItem('token');
        localStorage.removeItem('employee');
        throw new Error('Nicht authorisiert - bitte erneut anmelden');
      }
      if (error.statusCode === 404) {
        throw new Error('Schichtplan nicht gefunden');
      }
      throw new Error('Fehler beim PDF-Export des Schichtplans');
    }
  },
 };
--- a/frontend/vite.config.ts
+++ b/frontend/vite.config.ts
@@ -1,29 +1,18 @@
 // vite.config.ts
 import { defineConfig, loadEnv } from 'vite'
 import react from '@vitejs/plugin-react'
 import { resolve } from 'path'
 export default defineConfig(({ mode }) => {
  const isProduction = mode === 'production'
  const isDevelopment = mode === 'development'
  const env = loadEnv(mode, process.cwd(), '')
  // 🆕 WICHTIG: Relative Pfade für Production
  const clientEnv = {
    NODE_ENV: mode,
    ENABLE_PRO: env.ENABLE_PRO || 'false',
    VITE_APP_TITLE: env.APP_TITLE || 'Shift Planning App',
    VITE_API_URL: isProduction ? '/api' : '/api',
  }
  return {
    plugins: [react()],
-    server: {
+    // Development proxy
    server: isProduction ? undefined : {
      port: 3003,
      host: true,
      //open: isDevelopment,
      proxy: {
        '/api': {
          target: 'http://localhost:3002',
@@ -33,25 +22,38 @@ export default defineConfig(({ mode }) => {
      }
    },
    // Production build optimized for Express serving
    build: {
      outDir: 'dist',
-      sourcemap: isDevelopment,
+      sourcemap: false, // Disable in production
-      base: isProduction ? '/' : '/',
+      minify: 'terser',
      // Bundle optimization
      rollupOptions: {
        output: {
          // Efficient chunking
          manualChunks: {
            vendor: ['react', 'react-dom', 'react-router-dom'],
            utils: ['date-fns']
          },
          // Cache-friendly naming
          chunkFileNames: 'assets/[name]-[hash].js',
          entryFileNames: 'assets/[name]-[hash].js',
          assetFileNames: 'assets/[name]-[hash].[ext]',
        }
      },
-      minify: isProduction ? 'terser' : false,
+      
-      terserOptions: isProduction ? {
+      // Performance optimizations
      terserOptions: {
        compress: {
          drop_console: true,
          drop_debugger: true,
-          pure_funcs: ['console.log', 'console.debug', 'console.info']
+          pure_funcs: ['console.log', 'console.debug']
        }
-      } : undefined,
+      },
      // Reduce chunking overhead
      chunkSizeWarningLimit: 800
    },
    resolve: {
@@ -67,9 +69,11 @@ export default defineConfig(({ mode }) => {
      }
    },
-    define: Object.keys(clientEnv).reduce((acc, key) => {
+    // Environment variables
-      acc[`import.meta.env.${key}`] = JSON.stringify(clientEnv[key])
+    define: {
-      return acc
+      'import.meta.env.VITE_API_URL': JSON.stringify(isProduction ? '/api' : '/api'),
-    }, {} as Record<string, string>)
+      'import.meta.env.ENABLE_PRO': JSON.stringify(env.ENABLE_PRO || 'false'),
      'import.meta.env.NODE_ENV': JSON.stringify(mode)
    }
  }
 })
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -9,9 +9,13 @@
  "scripts": {
    "docker:build": "docker build -t schichtplan-app .",
    "docker:run": "docker run -p 3002:3002 schichtplan-app",
-    "build:all": "npm run build --workspace=backend && npm run build --workspace=frontend"
+    "build:all": "npm run build --workspace=backend && npm run build --workspace=frontend",
    "dev": "concurrently \"npm run dev:backend\" \"npm run dev:frontend\"",
    "dev:frontend": "cd frontend && npm run dev",
    "dev:backend": "cd backend && npm run dev:single"
  },
  "devDependencies": {
-    "typescript": "^5.3.3"
+    "typescript": "^5.3.3",
    "concurrently": "9.2.1"
  }
 }
Author	SHA1	Message	Date
donpat1to	f6e19bc1ed	added dropdown menu	2025-11-05 14:18:18 +01:00
donpat1to	e66c0f9e28	export drop down menu doesnt disappear when exporttype is selected	2025-11-05 13:22:00 +01:00
donpat1to	822b170920	added dropdown menu for export	2025-11-05 11:32:40 +01:00
donpat1to	c6dfa5b4c6	fixed manager detection	2025-11-05 09:43:28 +01:00
donpat1to	d0be1b4a61	excel timetable with employee with each cell	2025-11-05 09:40:26 +01:00
donpat1to	b337fd0e0a	using playwright for pdf export instead of pdfkit	2025-11-05 09:20:24 +01:00
donpat1to	badccb4f55	more fancy excel export	2025-11-05 08:31:39 +01:00
donpat1to	9eb9afce1e	added timetable export to the export funciton	2025-11-04 23:25:26 +01:00
donpat1to	17d68c2426	Merge branch 'staging' of https://github.com/donpat1to/Schichtenplaner into staging	2025-11-04 22:31:23 +01:00
donpat1to	cff2374f41	fixed klammer usage	2025-11-04 22:28:39 +01:00
donpat1to	3a787875e6	implemented export with pdf and excel library	2025-11-04 15:33:51 +01:00
donpat1to	0b46919e46	fixed role handling in getshiftplanbyid	2025-11-03 23:16:53 +01:00
donpat1to	65cb3e72ba	added backend for shiftplan export	2025-11-03 22:50:02 +01:00
donpat1to	dab5164704	added exporting files	2025-11-03 22:07:32 +01:00
donpat1to	7c63bee1b3	updated python installation to break system packages	2025-11-03 10:55:07 +01:00
donpat1to	4c275993e6	changing debian versions from bookworm to bullseye	2025-11-03 10:40:46 +01:00
donpat1to	5c925e3b54	copying python files seperate for scheduling mechanism	2025-11-03 10:33:07 +01:00
donpat1to	11b6ee7672	moved python installation from builder to image	2025-11-03 09:39:42 +01:00
donpat1to	19357d12c1	changed ci to create its own pakcage-lock	2025-11-02 21:14:34 +01:00
donpat1to	8ccd506b7d	changed ci to create its own pakcage-lock	2025-11-02 21:13:32 +01:00
donpat1to	e09979aa77	put package-lock.json into the .gitignore	2025-11-02 21:09:25 +01:00
donpat1to	0eda1ac125	creating package lock package on every ci seperate	2025-11-02 20:59:35 +01:00
donpat1to	6aa9511fbe	brought package.json back from the grave	2025-11-02 20:57:34 +01:00
donpat1to	ab24f5cf35	npm ci install for prod	2025-11-02 20:48:43 +01:00
donpat1to	2e81ed48c4	more lenient api rate limit	2025-11-02 20:40:59 +01:00
donpat1to	da2b3b0126	pushed new svg	2025-11-01 18:25:36 +01:00
donpat1to	7a87c49703	added configuration over https / http	2025-11-01 17:54:12 +01:00
donpat1to	52f559199d	added configuration over https / http	2025-11-01 17:20:45 +01:00
donpat1to	ebe9d4aa19	added vite dependency to the backend	2025-11-01 15:58:14 +01:00
donpat1to	07ab9586cc	removed unnecessary comments	2025-11-01 15:22:47 +01:00
donpat1to	72430462f6	fixed ipSecurityCheck	2025-11-01 15:17:09 +01:00
donpat1to	c7016b5d04	added simulatnously starting frontend backend dev	2025-11-01 14:29:55 +01:00
donpat1to	41ddad6fa9	added apiClient class handling api auth and validation response from backend	2025-11-01 13:47:29 +01:00
donpat1to	29c66f0228	cleaned up vite.config.ts	2025-11-01 12:06:55 +01:00
donpat1to	0614b2f3f8	updated network for proxy use	2025-11-01 11:28:16 +01:00
donpat1to	00b48c1f41	changed dev routing away from faulty proxy	2025-10-31 14:24:56 +01:00