Next.js middleware buffers the entire request body (10MB default limit)
before the route handler runs. middlewareClientMaxBodySize experimental
flag doesn't work reliably with standalone output.
Solution: exclude api/compress-pdf from middleware matcher so the body
streams directly to the route handler. Auth check moved to a shared
helper (auth-check.ts) called at the start of each route.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use NEXTAUTH_URL instead of request.url for callbackUrl (was 0.0.0.0:3000)
- Add custom /auth/signin page that auto-calls signIn("authentik")
- Skip the intermediate "Sign in with Authentik" button page
- Exclude /auth/signin from middleware matcher
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Auth:
- Add middleware.ts that redirects unauthenticated users to Authentik SSO
- Extract authOptions to shared auth-options.ts
- Add getAuthSession() helper for API route protection
- Add loading spinner during session validation
- Dev mode bypasses auth (stub user still works)
ManicTime:
- Fix hardcoded companyId="beletage" — now uses group context from Tags.txt
- Fix extended project format label parsing (extracts name after year)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
AI Assistant