The Secure flag was tied to NODE_ENV=production, which broke sessions
on HTTP staging servers. Using a dedicated COOKIE_SECURE env var
allows production-mode Next.js to run over HTTP for staging while
still enabling Secure cookies in production (HTTPS).
Made-with: Cursor
- Remove all MongoDB and Firebase dependencies
- Add Odoo proxy layer (src/lib/odoo.ts) for JWT-authenticated API forwarding
- Rewrite auth routes (login, logout, register, reset) to use Odoo endpoints
- Add catch-all API route ([...path].ts) to proxy remaining endpoints to Odoo
- Rewrite special-case routes for file uploads and binary responses
- Delete ~85 legacy API routes now handled by catch-all proxy
- Replace *.be.ts MongoDB utilities with stub implementations for SSR compat
- Update Dockerfile: remove MONGODB_URI, switch from yarn to npm
- Update session.ts to store Odoo JWT token
Made-with: Cursor