Power Outage Recovery, PrintBroz Security and Dashboard Work

When the Lights Go Out

A power outage corrupted the Claude Code settings file with 107 malformed entries - including hardcoded JWT tokens and plaintext passwords that had leaked in from shell history. No backup existed. Rebuilt from scratch with 53 clean entries and added it to git tracking for future disaster recovery.

PrintBroz Security Reviews

Completed four security-focused reviews, all previously identified issues that had been fixed:

• CORS restriction - Domain allowlist implemented
• Server-side price recalculation - Backend validates all prices against the pricing database
• CSRF tokens - Proper hash_equals validation with token invalidation
• IP-based rate limiting - File-based implementation with Cloudflare header support

Also found and fixed a critical JWT_SECRET fallback value - changed from a hardcoded fallback to an explicit requirement that throws on missing environment variable.

Dashboard Address Modal

Built an add/edit address modal for the customer dashboard with full CRUD operations, toast notifications, and XSS protection. The single modal pattern reuses one component for both add and edit operations, with an address cache to avoid redundant API calls.

Shopping Basket Verification

Verified the existing shopping basket and checkout implementation was complete - vanilla JS state manager with localStorage, a four-section checkout form with UK validation, and API integration creating Planka cards for order tracking.