Address code review findings from reuse, quality, and efficiency agents:
- Cache manifest JSON and service worker JS at init (was rebuilt per
request with allocations and JSON encoding on every hit)
- Add ImagePathsByUser store method for targeted image cleanup (was
loading 100k full fave objects just to read image_path)
- Add missing aria-label on privacy toggle in fave_list.html (inline
copy had drifted from the partial — accessibility bug)
- Fix comment/function name mismatch in pwa.go
- Remove redundant user nil-check in handleShare (requireLogin guards)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fave cards in the list and profile views now show edit, delete, and
privacy toggle buttons directly — no need to open the detail page first.
- New POST /faves/{id}/privacy route with HTMX privacy toggle partial
- New UpdatePrivacy store method for single-column update
- fave_list.html: edit link, HTMX delete, privacy toggle on every card
- profile.html: edit/delete for owner's own cards
- privacy_toggle.html: new HTMX partial that swaps inline on toggle
- CSS: compact .fave-card-actions styles
The existing handleFaveDelete already returns empty 200 for HTMX
requests, so hx-target="closest article" hx-swap="outerHTML" removes
the card from DOM seamlessly.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Make Favoritter installable as a Progressive Web App with offline
static asset caching and Web Share Target API for Android.
New files:
- internal/handler/pwa.go: handlers for manifest, service worker,
and share target
- web/static/sw.js: service worker (cache-first static, network-first
HTML) with {{BASE_PATH}} placeholder for subpath deployments
- web/static/icons/: placeholder PWA icons (192, 512, 512-maskable)
Key design decisions:
- Share target uses GET (not POST) to avoid CSRF token issues — Android
apps cannot provide CSRF tokens
- Manifest is generated dynamically to inject BasePath into start_url,
scope, icon paths, and share_target action
- Service worker served at /sw.js with Cache-Control: no-cache and
BasePath injected via string replacement
- handleShare extracts URLs from Android's "text" field as fallback
(many apps put the URL there instead of "url")
- handleFaveNew replaced with handleFaveNewPreFill that reads url,
description, notes from query params (enables share + bookmarklets)
- SW registration in app.js reads base-path from <meta> tag (CSP-safe)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bugs fixed:
- Renderer.Error set WriteHeader before Content-Type, causing
the header to be silently dropped. Now sets Content-Type first.
- truncate template function operated on bytes, not runes — could
split multi-byte UTF-8 characters (Norwegian æøå). Now uses
[]rune for correct Unicode handling.
Performance:
- Skip session DB lookup (2 queries) on /static/ and /uploads/
requests — these never use user context.
UX consistency:
- Replace all http.NotFound and http.Error("Forbidden") in
handler layer with styled error pages via Renderer.Error.
- Add notFound/forbidden helper methods on Handler.
Deployment fixes:
- Remove false libc6/glibc deps from nfpm.yaml (binary is
statically linked with CGO_ENABLED=0).
- Add CGO_ENABLED=0 to Makefile build target for consistency.
- Add .dockerignore to exclude .git, dist/, data/ from build
context.
- Remove phantom 'lint' from Makefile .PHONY.
- Document ProtectSystem=strict constraint in systemd service.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Phase 5 — Feeds & Import/Export:
- Atom feeds: global (/feed.xml), per-user (/u/{name}/feed.xml),
per-tag (/tags/{name}/feed.xml). Uses gorilla/feeds.
- JSON export: all user's faves with tags, pretty-printed
- CSV export: standard format with header row
- JSON import: validates and creates faves with tags
- CSV import: flexible column mapping from header row
- Import/export pages with format documentation
- Feed items include enclosure for images, author info
- Limited-visibility profiles excluded from feeds
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Phase 4 — Admin Panel:
- Admin dashboard with user/fave/pending-request counts
- User management: create with temp password, reset password,
enable/disable accounts (prevents self-disable)
- Tag management: rename and delete tags
- Signup request management: approve (creates user with
must-reset-password) and reject pending requests
- Site settings: site name, description, signup mode
(open/requests/closed)
- All admin routes require both login and admin role
- SignupRequest model and full store (create, list pending,
approve with user creation, reject)
- SetMustResetPassword method on UserStore for admin password resets
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
