fix: build stabilitesi için wasm-opt ve bulk-memory ayarları geri alındı

- console_log::init_with_level() now uses expect()
- web_sys::window() now uses expect() with helpful message
- window.document() now uses expect()
- document.body() now uses expect()

This provides meaningful error messages if WASM initialization fails.

.gitignore

@@ -6,3 +6,5 @@ result.xml
 frontend/dist
 backend.log
 .runner
+.env
+backend/.env

Cargo.lock

@@ -300,6 +300,7 @@ dependencies = [
  "clap",
  "dotenvy",
  "futures",
+ "governor",
  "mime_guess",
  "openssl",
  "quick-xml",
@@ -316,6 +317,7 @@ dependencies = [
  "tokio-util",
  "tower 0.4.13",
  "tower-http",
+ "tower_governor",
  "tracing",
  "tracing-subscriber",
  "utoipa",
@@ -801,6 +803,20 @@ dependencies = [
  "parking_lot_core",
 ]
 
+[[package]]
+name = "dashmap"
+version = "6.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5041cc499144891f3790297212f32a74fb938e5136a14943f338ef9e0ae276cf"
+dependencies = [
+ "cfg-if",
+ "crossbeam-utils",
+ "hashbrown 0.14.5",
+ "lock_api",
+ "once_cell",
+ "parking_lot_core",
+]
+
 [[package]]
 name = "data-encoding"
 version = "2.10.0"
@@ -1084,6 +1100,12 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
+[[package]]
+name = "foldhash"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77ce24cb58228fbb8aa041425bb1050850ac19177686ea6e0f41a70416f56fdb"
+
 [[package]]
 name = "foreign-types"
 version = "0.3.2"
@@ -1108,6 +1130,16 @@ dependencies = [
  "percent-encoding",
 ]
 
+[[package]]
+name = "forwarded-header-value"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8835f84f38484cc86f110a805655697908257fb9a7af005234060891557198e9"
+dependencies = [
+ "nonempty",
+ "thiserror 1.0.69",
+]
+
 [[package]]
 name = "frontend"
 version = "0.1.0"
@@ -1214,6 +1246,12 @@ version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988"
 
+[[package]]
+name = "futures-timer"
+version = "3.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f288b0a4f20f9a56b5d1da57e2227c661b7b16168e2f72365f57b63326e29b24"
+
 [[package]]
 name = "futures-util"
 version = "0.3.31"
@@ -1337,6 +1375,29 @@ dependencies = [
  "web-sys",
 ]
 
+[[package]]
+name = "governor"
+version = "0.10.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9efcab3c1958580ff1f25a2a41be1668f7603d849bb63af523b208a3cc1223b8"
+dependencies = [
+ "cfg-if",
+ "dashmap 6.1.0",
+ "futures-sink",
+ "futures-timer",
+ "futures-util",
+ "getrandom 0.3.4",
+ "hashbrown 0.16.1",
+ "nonzero_ext",
+ "parking_lot",
+ "portable-atomic",
+ "quanta",
+ "rand 0.9.2",
+ "smallvec",
+ "spinning_top",
+ "web-time",
+]
+
 [[package]]
 name = "group"
 version = "0.13.0"
@@ -1348,6 +1409,25 @@ dependencies = [
  "subtle",
 ]
 
+[[package]]
+name = "h2"
+version = "0.4.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f44da3a8150a6703ed5d34e164b875fd14c2cdab9af1252a9a1020bde2bdc54"
+dependencies = [
+ "atomic-waker",
+ "bytes",
+ "fnv",
+ "futures-core",
+ "futures-sink",
+ "http 1.4.0",
+ "indexmap",
+ "slab",
+ "tokio",
+ "tokio-util",
+ "tracing",
+]
+
 [[package]]
 name = "half"
 version = "2.7.1"
@@ -1373,7 +1453,7 @@ checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1"
 dependencies = [
  "allocator-api2",
  "equivalent",
- "foldhash",
+ "foldhash 0.1.5",
 ]
 
 [[package]]
@@ -1381,6 +1461,11 @@ name = "hashbrown"
 version = "0.16.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100"
+dependencies = [
+ "allocator-api2",
+ "equivalent",
+ "foldhash 0.2.0",
+]
 
 [[package]]
 name = "hashlink"
@@ -1569,6 +1654,7 @@ dependencies = [
  "bytes",
  "futures-channel",
  "futures-core",
+ "h2",
  "http 1.4.0",
  "http-body 1.0.1",
  "httparse",
@@ -1578,6 +1664,20 @@ dependencies = [
  "pin-utils",
  "smallvec",
  "tokio",
+ "want",
+]
+
+[[package]]
+name = "hyper-timeout"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2b90d566bffbce6a75bd8b09a05aa8c2cb1fabb6cb348f8840c9e4c90a0d83b0"
+dependencies = [
+ "hyper 1.8.1",
+ "hyper-util",
+ "pin-project-lite",
+ "tokio",
+ "tower-service",
 ]
 
 [[package]]
@@ -1600,13 +1700,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "727805d60e7938b76b826a6ef209eb70eaa1812794f9424d4a4e2d740662df5f"
 dependencies = [
  "bytes",
+ "futures-channel",
  "futures-core",
+ "futures-util",
  "http 1.4.0",
  "http-body 1.0.1",
  "hyper 1.8.1",
+ "libc",
  "pin-project-lite",
+ "socket2 0.6.2",
  "tokio",
  "tower-service",
+ "tracing",
 ]
 
 [[package]]
@@ -2229,6 +2334,18 @@ dependencies = [
  "minimal-lexical",
 ]
 
+[[package]]
+name = "nonempty"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e9e591e719385e6ebaeb5ce5d3887f7d5676fceca6411d1925ccc95745f3d6f7"
+
+[[package]]
+name = "nonzero_ext"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21"
+
 [[package]]
 name = "nu-ansi-term"
 version = "0.50.3"
@@ -2700,6 +2817,21 @@ dependencies = [
  "yansi",
 ]
 
+[[package]]
+name = "quanta"
+version = "0.12.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f3ab5a9d756f0d97bdc89019bd2e4ea098cf9cde50ee7564dde6b81ccc8f06c7"
+dependencies = [
+ "crossbeam-utils",
+ "libc",
+ "once_cell",
+ "raw-cpuid",
+ "wasi",
+ "web-sys",
+ "winapi",
+]
+
 [[package]]
 name = "quick-xml"
 version = "0.31.0"
@@ -2806,6 +2938,15 @@ dependencies = [
  "getrandom 0.3.4",
 ]
 
+[[package]]
+name = "raw-cpuid"
+version = "11.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "498cd0dc59d73224351ee52a95fee0f1a617a2eae0e7d9d720cc622c73a54186"
+dependencies = [
+ "bitflags",
+]
+
 [[package]]
 name = "redox_syscall"
 version = "0.5.18"
@@ -3196,7 +3337,7 @@ dependencies = [
  "bytes",
  "ciborium",
  "const_format",
- "dashmap",
+ "dashmap 5.5.3",
  "futures",
  "gloo-net 0.6.0",
  "http 1.4.0",
@@ -3375,6 +3516,15 @@ dependencies = [
  "lock_api",
 ]
 
+[[package]]
+name = "spinning_top"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d96d2d1d716fb500937168cc09353ffdc7a012be8475ac7308e1bdf0e3923300"
+dependencies = [
+ "lock_api",
+]
+
 [[package]]
 name = "spki"
 version = "0.6.0"
@@ -3917,6 +4067,35 @@ version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801"
 
+[[package]]
+name = "tonic"
+version = "0.14.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a286e33f82f8a1ee2df63f4fa35c0becf4a85a0cb03091a15fd7bf0b402dc94a"
+dependencies = [
+ "async-trait",
+ "axum",
+ "base64 0.22.1",
+ "bytes",
+ "h2",
+ "http 1.4.0",
+ "http-body 1.0.1",
+ "http-body-util",
+ "hyper 1.8.1",
+ "hyper-timeout",
+ "hyper-util",
+ "percent-encoding",
+ "pin-project",
+ "socket2 0.6.2",
+ "sync_wrapper",
+ "tokio",
+ "tokio-stream",
+ "tower 0.5.3",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
 [[package]]
 name = "tower"
 version = "0.4.13"
@@ -3941,9 +4120,12 @@ checksum = "ebe5ef63511595f1344e2d5cfa636d973292adc0eec1f0ad45fae9f0851ab1d4"
 dependencies = [
  "futures-core",
  "futures-util",
+ "indexmap",
  "pin-project-lite",
+ "slab",
  "sync_wrapper",
  "tokio",
+ "tokio-util",
  "tower-layer",
  "tower-service",
  "tracing",
@@ -3988,6 +4170,23 @@ version = "0.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3"
 
+[[package]]
+name = "tower_governor"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44de9b94d849d3c46e06a883d72d408c2de6403367b39df2b1c9d9e7b6736fe6"
+dependencies = [
+ "axum",
+ "forwarded-header-value",
+ "governor",
+ "http 1.4.0",
+ "pin-project",
+ "thiserror 2.0.18",
+ "tonic",
+ "tower 0.5.3",
+ "tracing",
+]
+
 [[package]]
 name = "tracing"
 version = "0.1.44"
@@ -4404,6 +4603,16 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "web-time"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "whoami"
 version = "1.6.1"
@@ -4414,6 +4623,22 @@ dependencies = [
  "wasite",
 ]
 
+[[package]]
+name = "winapi"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
+dependencies = [
+ "winapi-i686-pc-windows-gnu",
+ "winapi-x86_64-pc-windows-gnu",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+
 [[package]]
 name = "winapi-util"
 version = "0.1.11"
@@ -4423,6 +4648,12 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+
 [[package]]
 name = "windows-core"
 version = "0.62.2"

backend/.env.example

@@ -3,3 +3,12 @@ RTORRENT_SOCKET=/tmp/rtorrent.sock
 
 # Backend Listen Port
 PORT=3000
+
+# Database URL
+DATABASE_URL=sqlite:vibetorrent.db
+
+# VAPID Keys for Push Notifications
+# Generate new keys for production using: npx web-push generate-vapid-keys
+VAPID_PUBLIC_KEY=YOUR_PUBLIC_VAPID_KEY
+VAPID_PRIVATE_KEY=YOUR_PRIVATE_VAPID_KEY
+VAPID_EMAIL=mailto:your-email@example.com

backend/Cargo.toml

@@ -39,3 +39,5 @@ axum-extra = { version = "0.10", features = ["cookie"] }
 rand = "0.8"
 anyhow = "1.0.101"
 time = { version = "0.3.47", features = ["serde", "formatting", "parsing"] }
+tower_governor = "0.8.0"
+governor = "0.10.4"

backend/migrations/001_init.sql

@@ -0,0 +1,16 @@
+-- 001_init.sql
+-- Initial schema for users and sessions
+
+CREATE TABLE IF NOT EXISTS users (
+    id INTEGER PRIMARY KEY,
+    username TEXT NOT NULL UNIQUE,
+    password_hash TEXT NOT NULL,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS sessions (
+    token TEXT PRIMARY KEY,
+    user_id INTEGER NOT NULL,
+    expires_at DATETIME NOT NULL,
+    FOREIGN KEY(user_id) REFERENCES users(id)
+);

backend/migrations/002_push_subscriptions.sql

@@ -0,0 +1,13 @@
+-- 002_push_subscriptions.sql
+-- Push notification subscriptions storage
+
+CREATE TABLE IF NOT EXISTS push_subscriptions (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    endpoint TEXT NOT NULL UNIQUE,
+    p256dh TEXT NOT NULL,
+    auth TEXT NOT NULL,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Index for faster lookups by endpoint
+CREATE INDEX IF NOT EXISTS idx_push_subscriptions_endpoint ON push_subscriptions(endpoint);

backend/src/db.rs

@@ -1,6 +1,7 @@
-use sqlx::{sqlite::SqlitePoolOptions, Pool, Sqlite, Row};
+use sqlx::{sqlite::SqlitePoolOptions, Pool, Sqlite, Row, sqlite::SqliteConnectOptions};
 use std::time::Duration;
 use anyhow::Result;
+use std::str::FromStr;
 
 #[derive(Clone)]
 pub struct Db {
@@ -9,42 +10,25 @@ pub struct Db {
 
 impl Db {
     pub async fn new(db_url: &str) -> Result<Self> {
+        let options = SqliteConnectOptions::from_str(db_url)?
+            .create_if_missing(true)
+            .busy_timeout(Duration::from_secs(10)) // Bekleme süresini 10 saniyeye çıkardık
+            .journal_mode(sqlx::sqlite::SqliteJournalMode::Wal)
+            .synchronous(sqlx::sqlite::SqliteSynchronous::Normal);
+
         let pool = SqlitePoolOptions::new()
             .max_connections(5)
-            .acquire_timeout(Duration::from_secs(3))
+            .acquire_timeout(Duration::from_secs(10))
-            .connect(db_url)
+            .connect_with(options)
             .await?;
 
         let db = Self { pool };
-        db.init().await?;
+        db.run_migrations().await?;
         Ok(db)
     }
 
-    async fn init(&self) -> Result<()> {
+    async fn run_migrations(&self) -> Result<()> {
-        // Create users table
+        sqlx::migrate!("./migrations").run(&self.pool).await?;
-        sqlx::query(
-            "CREATE TABLE IF NOT EXISTS users (
-                id INTEGER PRIMARY KEY,
-                username TEXT NOT NULL UNIQUE,
-                password_hash TEXT NOT NULL,
-                created_at DATETIME DEFAULT CURRENT_TIMESTAMP
-            )",
-        )
-        .execute(&self.pool)
-        .await?;
-
-        // Create sessions table
-        sqlx::query(
-            "CREATE TABLE IF NOT EXISTS sessions (
-                token TEXT PRIMARY KEY,
-                user_id INTEGER NOT NULL,
-                expires_at DATETIME NOT NULL,
-                FOREIGN KEY(user_id) REFERENCES users(id)
-            )",
-        )
-        .execute(&self.pool)
-        .await?;
-
         Ok(())
     }
 
@@ -68,6 +52,15 @@ impl Db {
         Ok(row.map(|r| (r.get(0), r.get(1))))
     }
 
+    pub async fn get_username_by_id(&self, id: i64) -> Result<Option<String>> {
+        let row = sqlx::query("SELECT username FROM users WHERE id = ?")
+            .bind(id)
+            .fetch_optional(&self.pool)
+            .await?;
+
+        Ok(row.map(|r| r.get(0)))
+    }
+
     pub async fn has_users(&self) -> Result<bool> {
         let row: (i64,) = sqlx::query_as("SELECT COUNT(*) FROM users")
             .fetch_one(&self.pool)
@@ -103,4 +96,53 @@ impl Db {
             .await?;
         Ok(())
     }
+
+    pub async fn update_password(&self, user_id: i64, password_hash: &str) -> Result<()> {
+        sqlx::query("UPDATE users SET password_hash = ? WHERE id = ?")
+            .bind(password_hash)
+            .bind(user_id)
+            .execute(&self.pool)
+            .await?;
+        Ok(())
+    }
+
+    pub async fn delete_all_sessions_for_user(&self, user_id: i64) -> Result<()> {
+        sqlx::query("DELETE FROM sessions WHERE user_id = ?")
+            .bind(user_id)
+            .execute(&self.pool)
+            .await?;
+        Ok(())
+    }
+
+    // --- Push Subscription Operations ---
+
+    pub async fn save_push_subscription(&self, endpoint: &str, p256dh: &str, auth: &str) -> Result<()> {
+        sqlx::query(
+            "INSERT INTO push_subscriptions (endpoint, p256dh, auth) VALUES (?, ?, ?)
+             ON CONFLICT(endpoint) DO UPDATE SET p256dh = EXCLUDED.p256dh, auth = EXCLUDED.auth"
+        )
+        .bind(endpoint)
+        .bind(p256dh)
+        .bind(auth)
+        .execute(&self.pool)
+        .await?;
+        Ok(())
+    }
+
+    pub async fn remove_push_subscription(&self, endpoint: &str) -> Result<()> {
+        sqlx::query("DELETE FROM push_subscriptions WHERE endpoint = ?")
+            .bind(endpoint)
+            .execute(&self.pool)
+            .await?;
+        Ok(())
+    }
+
+    pub async fn get_all_push_subscriptions(&self) -> Result<Vec<(String, String, String)>> {
+        let rows = sqlx::query_as::<_, (String, String, String)>(
+            "SELECT endpoint, p256dh, auth FROM push_subscriptions"
+        )
+        .fetch_all(&self.pool)
+        .await?;
+        Ok(rows)
+    }
 }

backend/src/diff.rs

@@ -1,3 +1,4 @@
+use std::collections::HashMap;
 use shared::{AppEvent, NotificationLevel, SystemNotification, Torrent, TorrentUpdate};
 
 #[derive(Debug)]
@@ -8,24 +9,32 @@ pub enum DiffResult {
 }
 
 pub fn diff_torrents(old: &[Torrent], new: &[Torrent]) -> DiffResult {
-    // 1. Structural Check (Length or Order changed)
+    // 1. Structural Check: Eğer torrent sayısı değişmişse (yeni eklenen veya silinen), 
+    // şimdilik basitlik adına FullUpdate gönderiyoruz.
     if old.len() != new.len() {
         return DiffResult::FullUpdate;
     }
 
-    for (i, t) in new.iter().enumerate() {
+    // 2. Hash Set Karşılaştırması: 
-        if old[i].hash != t.hash {
+    // Sıralama değişmiş olabilir ama torrentler aynı mı?
+    let old_map: HashMap<&str, &Torrent> = old.iter().map(|t| (t.hash.as_str(), t)).collect();
+    
+    // Eğer yeni listedeki bir hash eski listede yoksa, yapı değişmiş demektir.
+    for new_t in new {
+        if !old_map.contains_key(new_t.hash.as_str()) {
             return DiffResult::FullUpdate;
         }
     }
 
-    // 2. Field Updates
+    // 3. Alan Güncellemeleri (Partial Updates)
+    // Buraya geldiğimizde biliyoruz ki old ve new listelerindeki torrentler (hash olarak) aynı,
+    // sadece sıraları farklı olabilir veya içindeki veriler güncellenmiş olabilir.
     let mut events = Vec::new();
 
-    for (i, new_t) in new.iter().enumerate() {
+    for new_t in new {
-        let old_t = &old[i];
+        // old_map'ten ilgili torrente hash ile ulaşalım (sıradan bağımsız)
+        let old_t = old_map.get(new_t.hash.as_str()).unwrap();
 
-        // Initialize with all None
         let mut update = TorrentUpdate {
             hash: new_t.hash.clone(),
             name: None,
@@ -42,7 +51,7 @@ pub fn diff_torrents(old: &[Torrent], new: &[Torrent]) -> DiffResult {
 
         let mut has_changes = false;
 
-        // Compare fields
+        // Alanları karşılaştır
         if old_t.name != new_t.name {
             update.name = Some(new_t.name.clone());
             has_changes = true;
@@ -63,7 +72,7 @@ pub fn diff_torrents(old: &[Torrent], new: &[Torrent]) -> DiffResult {
             update.percent_complete = Some(new_t.percent_complete);
             has_changes = true;
 
-            // Check for torrent completion: reached 100%
+            // Torrent tamamlanma kontrolü
             if old_t.percent_complete < 100.0 && new_t.percent_complete >= 100.0 {
                 tracing::info!("Torrent completed: {} ({})", new_t.name, new_t.hash);
                 events.push(AppEvent::Notification(SystemNotification {
@@ -84,8 +93,7 @@ pub fn diff_torrents(old: &[Torrent], new: &[Torrent]) -> DiffResult {
             update.status = Some(new_t.status.clone());
             has_changes = true;
             
-            // Log status changes for debugging
+            tracing::debug!(
-            tracing::info!(
                 "Torrent status changed: {} ({}) {:?} -> {:?}",
                 new_t.name, new_t.hash, old_t.status, new_t.status
             );

backend/src/handlers/auth.rs

@@ -13,9 +13,10 @@ use time::Duration;
 pub struct LoginRequest {
     username: String,
     password: String,
+    #[serde(default)]
+    remember_me: bool,
 }
 
-#[allow(dead_code)]
 #[derive(Serialize, ToSchema)]
 pub struct UserResponse {
     username: String,
@@ -62,8 +63,13 @@ pub async fn login_handler(
                 rand::thread_rng().sample(Alphanumeric) as char
             }).collect();
 
-            // Expires in 30 days
+            // Expiration: 30 days if remember_me is true, else 1 day
-            let expires_in = 60 * 60 * 24 * 30;
+            let expires_in = if payload.remember_me {
+                60 * 60 * 24 * 30
+            } else {
+                60 * 60 * 24
+            };
+
             let expires_at = time::OffsetDateTime::now_utc().unix_timestamp() + expires_in;
 
             if let Err(e) = state.db.create_session(user_id, &token, expires_at).await {
@@ -71,15 +77,16 @@ pub async fn login_handler(
                 return (StatusCode::INTERNAL_SERVER_ERROR, "Failed to create session").into_response();
             }
 
-            let cookie = Cookie::build(("auth_token", token))
+            let mut cookie = Cookie::build(("auth_token", token))
                 .path("/")
                 .http_only(true)
-                .same_site(SameSite::Strict)
+                .same_site(SameSite::Lax)
-                .max_age(Duration::seconds(expires_in))
                 .build();
 
+            cookie.set_max_age(Duration::seconds(expires_in));
+
             tracing::info!("Session created and cookie set for user: {}", payload.username);
-            (StatusCode::OK, jar.add(cookie), "Login successful").into_response()
+            (StatusCode::OK, jar.add(cookie), Json(UserResponse { username: payload.username })).into_response()
         }
         Ok(false) => {
             tracing::warn!("Login failed: Invalid password for {}", payload.username);
@@ -120,7 +127,7 @@ pub async fn logout_handler(
     get,
     path = "/api/auth/check",
     responses(
-        (status = 200, description = "Authenticated"),
+        (status = 200, description = "Authenticated", body = UserResponse),
         (status = 401, description = "Not authenticated")
     )
 )]
@@ -130,7 +137,15 @@ pub async fn check_auth_handler(
 ) -> impl IntoResponse {
     if let Some(token) = jar.get("auth_token") {
         match state.db.get_session_user(token.value()).await {
-            Ok(Some(_)) => return StatusCode::OK.into_response(),
+            Ok(Some(user_id)) => {
+                // Fetch username
+                // We need a helper in db.rs to get username by id, or we can use a direct query here if we don't want to change db.rs interface yet.
+                // But better to add `get_username_by_id` to db.rs
+                // For now let's query directly or via a new db method.
+                if let Ok(Some(username)) = state.db.get_username_by_id(user_id).await {
+                     return (StatusCode::OK, Json(UserResponse { username })).into_response();
+                }
+            },
             _ => {} // Invalid session
         }
     }

backend/src/handlers/mod.rs

@@ -690,8 +690,10 @@ pub async fn handle_timeout_error(err: BoxError) -> (StatusCode, &'static str) {
         (status = 200, description = "VAPID public key", body = String)
     )
 )]
-pub async fn get_push_public_key_handler() -> impl IntoResponse {
+pub async fn get_push_public_key_handler(
-    let public_key = push::get_vapid_public_key();
+    State(state): State<AppState>,
+) -> impl IntoResponse {
+    let public_key = state.push_store.get_public_key();
     (StatusCode::OK, Json(serde_json::json!({ "publicKey": public_key }))).into_response()
 }
 

backend/src/handlers/setup.rs

@@ -6,6 +6,8 @@ use axum::{
 };
 use serde::{Deserialize, Serialize};
 use utoipa::ToSchema;
+use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
+use time::Duration;
 
 #[derive(Deserialize, ToSchema)]
 pub struct SetupRequest {
@@ -41,7 +43,7 @@ pub async fn get_setup_status_handler(State(state): State<AppState>) -> impl Int
     path = "/api/setup",
     request_body = SetupRequest,
     responses(
-        (status = 200, description = "Setup completed"),
+        (status = 200, description = "Setup completed and logged in"),
         (status = 400, description = "Invalid request"),
         (status = 403, description = "Setup already completed"),
         (status = 500, description = "Internal server error")
@@ -49,6 +51,7 @@ pub async fn get_setup_status_handler(State(state): State<AppState>) -> impl Int
 )]
 pub async fn setup_handler(
     State(state): State<AppState>,
+    jar: CookieJar,
     Json(payload): Json<SetupRequest>,
 ) -> impl IntoResponse {
     // 1. Check if setup is already completed (i.e., users exist)
@@ -67,7 +70,8 @@ pub async fn setup_handler(
     }
 
     // 3. Create User
-    let password_hash = match bcrypt::hash(&payload.password, bcrypt::DEFAULT_COST) {
+    // Lower cost for faster login on low-power devices (MIPS routers etc.)
+    let password_hash = match bcrypt::hash(&payload.password, 6) {
         Ok(h) => h,
         Err(e) => {
             tracing::error!("Failed to hash password: {}", e);
@@ -80,5 +84,42 @@ pub async fn setup_handler(
         return (StatusCode::INTERNAL_SERVER_ERROR, "Failed to create user").into_response();
     }
 
-    (StatusCode::OK, "Setup completed successfully").into_response()
+    // 4. Auto-Login (Create Session)
+    // Get the created user's ID
+    let user = match state.db.get_user_by_username(&payload.username).await {
+        Ok(Some(u)) => u,
+        Ok(None) => return (StatusCode::INTERNAL_SERVER_ERROR, "User created but not found").into_response(),
+        Err(e) => {
+            tracing::error!("DB error fetching new user: {}", e);
+            return (StatusCode::INTERNAL_SERVER_ERROR, "Database error").into_response();
+        }
+    };
+    let (user_id, _) = user;
+
+    // Create session token
+    let token: String = (0..32).map(|_| {
+        use rand::{distributions::Alphanumeric, Rng};
+        rand::thread_rng().sample(Alphanumeric) as char
+    }).collect();
+
+    // Default expiration: 1 day (since it's not "remember me")
+    let expires_in = 60 * 60 * 24;
+    let expires_at = time::OffsetDateTime::now_utc().unix_timestamp() + expires_in;
+
+    if let Err(e) = state.db.create_session(user_id, &token, expires_at).await {
+        tracing::error!("Failed to create session for new user: {}", e);
+        // Even if session fails, setup is technically complete, but login failed.
+        // We return OK but user will have to login manually.
+        return (StatusCode::OK, "Setup completed, please login").into_response();
+    }
+
+    let mut cookie = Cookie::build(("auth_token", token))
+        .path("/")
+        .http_only(true)
+        .same_site(SameSite::Lax)
+        .build();
+
+    cookie.set_max_age(Duration::seconds(expires_in));
+
+    (StatusCode::OK, jar.add(cookie), "Setup completed and logged in").into_response()
 }

backend/src/main.rs

@@ -3,6 +3,7 @@ mod diff;
 mod handlers;
 #[cfg(feature = "push-notifications")]
 mod push;
+mod rate_limit;
 mod scgi;
 mod sse;
 mod xmlrpc;
@@ -25,6 +26,7 @@ use std::sync::Arc;
 use std::time::Duration;
 use tokio::sync::{broadcast, watch};
 use tower::ServiceBuilder;
+use tower_governor::GovernorLayer;
 use tower_http::{
     compression::{CompressionLayer, CompressionLevel},
     cors::CorsLayer,
@@ -90,6 +92,10 @@ struct Args {
     /// Database URL
     #[arg(long, env = "DATABASE_URL", default_value = "sqlite:vibetorrent.db")]
     db_url: String,
+
+    /// Reset password for the specified user
+    #[arg(long)]
+    reset_password: Option<String>,
 }
 
 #[cfg(feature = "push-notifications")]
@@ -130,7 +136,8 @@ struct Args {
             push::PushKeys,
             handlers::auth::LoginRequest,
             handlers::setup::SetupRequest,
-            handlers::setup::SetupStatusResponse
+            handlers::setup::SetupStatusResponse,
+            handlers::auth::UserResponse
         )
     ),
     tags(
@@ -173,7 +180,8 @@ struct ApiDoc;
             shared::GlobalLimitRequest,
             handlers::auth::LoginRequest,
             handlers::setup::SetupRequest,
-            handlers::setup::SetupStatusResponse
+            handlers::setup::SetupStatusResponse,
+            handlers::auth::UserResponse
         )
     ),
     tags(
@@ -197,9 +205,6 @@ async fn main() {
 
     // Parse CLI Args
     let args = Args::parse();
-    tracing::info!("Starting VibeTorrent Backend...");
-    tracing::info!("Socket: {}", args.socket);
-    tracing::info!("Port: {}", args.port);
 
     // Initialize Database
     tracing::info!("Connecting to database: {}", args.db_url);
@@ -224,6 +229,66 @@ async fn main() {
     };
     tracing::info!("Database connected successfully.");
 
+    // Handle Password Reset
+    if let Some(username) = args.reset_password {
+        tracing::info!("Resetting password for user: {}", username);
+
+        // Check if user exists
+        let user_result = db.get_user_by_username(&username).await;
+
+        match user_result {
+            Ok(Some((user_id, _))) => {
+                // Generate random password
+                use rand::{distributions::Alphanumeric, Rng};
+                let new_password: String = rand::thread_rng()
+                    .sample_iter(&Alphanumeric)
+                    .take(12)
+                    .map(char::from)
+                    .collect();
+
+                // Hash password (low cost for performance)
+                let password_hash = match bcrypt::hash(&new_password, 6) {
+                    Ok(h) => h,
+                    Err(e) => {
+                        tracing::error!("Failed to hash password: {}", e);
+                        std::process::exit(1);
+                    }
+                };
+
+                // Update in DB
+                if let Err(e) = db.update_password(user_id, &password_hash).await {
+                     tracing::error!("Failed to update password in DB: {}", e);
+                     std::process::exit(1);
+                }
+
+                println!("--------------------------------------------------");
+                println!("Password reset successfully for user: {}", username);
+                println!("New Password: {}", new_password);
+                println!("--------------------------------------------------");
+
+                // Invalidate existing sessions for security
+                if let Err(e) = db.delete_all_sessions_for_user(user_id).await {
+                    tracing::warn!("Failed to invalidate existing sessions: {}", e);
+                }
+
+                std::process::exit(0);
+            },
+            Ok(None) => {
+                tracing::error!("User '{}' not found.", username);
+                std::process::exit(1);
+            },
+            Err(e) => {
+                tracing::error!("Database error: {}", e);
+                std::process::exit(1);
+            }
+        }
+    }
+
+    tracing::info!("Starting VibeTorrent Backend...");
+    tracing::info!("Socket: {}", args.socket);
+    tracing::info!("Port: {}", args.port);
+
+    // ... rest of the main function ...
     // Startup Health Check
     let socket_path = std::path::Path::new(&args.socket);
     if !socket_path.exists() {
@@ -255,13 +320,25 @@ async fn main() {
     // Channel for Events (Diffs)
     let (event_bus, _) = broadcast::channel::<AppEvent>(1024);
 
+    #[cfg(feature = "push-notifications")]
+    let push_store = match push::PushSubscriptionStore::with_db(&db).await {
+        Ok(store) => store,
+        Err(e) => {
+            tracing::error!("Failed to initialize push store: {}", e);
+            push::PushSubscriptionStore::new()
+        }
+    };
+
+    #[cfg(not(feature = "push-notifications"))]
+    let push_store = ();
+
     let app_state = AppState {
         tx: tx.clone(),
         event_bus: event_bus.clone(),
         scgi_socket_path: args.socket.clone(),
         db: db.clone(),
         #[cfg(feature = "push-notifications")]
-        push_store: push::PushSubscriptionStore::new(),
+        push_store,
     };
 
     // Spawn background task to poll rTorrent
@@ -390,7 +467,12 @@ async fn main() {
         // Setup & Auth Routes
         .route("/api/setup/status", get(handlers::setup::get_setup_status_handler))
         .route("/api/setup", post(handlers::setup::setup_handler))
-        .route("/api/auth/login", post(handlers::auth::login_handler))
+        .route(
+            "/api/auth/login",
+            post(handlers::auth::login_handler).layer(GovernorLayer::new(Arc::new(
+                rate_limit::get_login_rate_limit_config(),
+            ))),
+        )
         .route("/api/auth/logout", post(handlers::auth::logout_handler))
         .route("/api/auth/check", get(handlers::auth::check_auth_handler))
         // App Routes
@@ -434,9 +516,9 @@ async fn main() {
         .layer(TraceLayer::new_for_http())
         .layer(
             CompressionLayer::new()
-                .br(false)
+                .br(true)
                 .gzip(true)
-                .quality(CompressionLevel::Fastest),
+                .quality(CompressionLevel::Best),
         )
         .layer(
             ServiceBuilder::new()
@@ -459,7 +541,12 @@ async fn main() {
         }
     };
     tracing::info!("Backend listening on {}", addr);
-    if let Err(e) = axum::serve(listener, app).await {
+    if let Err(e) = axum::serve(
+        listener,
+        app.into_make_service_with_connect_info::<SocketAddr>(),
+    )
+    .await
+    {
         tracing::error!("Server error: {}", e);
         std::process::exit(1);
     }

backend/src/push.rs

@@ -5,11 +5,9 @@ use utoipa::ToSchema;
 use web_push::{
     HyperWebPushClient, SubscriptionInfo, VapidSignatureBuilder, WebPushClient, WebPushMessageBuilder,
 };
+use futures::StreamExt;
 
-// VAPID keys - PRODUCTION'DA ENVIRONMENT VARIABLE'DAN ALINMALI!
+use crate::db::Db;
-const VAPID_PUBLIC_KEY: &str = "BEdPj6XQR7MGzM28Nev9wokF5upHoydNDahouJbQ9ZdBJpEFAN1iNfANSEvY0ItasNY5zcvvqN_tjUt64Rfd0gU";
-const VAPID_PRIVATE_KEY: &str = "aUcCYJ7kUd9UClCaWwad0IVgbYJ6svwl19MjSX7GH10";
-const VAPID_EMAIL: &str = "mailto:admin@vibetorrent.app";
 
 #[derive(Debug, Clone, Serialize, Deserialize, ToSchema)]
 pub struct PushSubscription {
@@ -23,39 +21,107 @@ pub struct PushKeys {
     pub auth: String,
 }
 
-/// In-memory store for push subscriptions
+#[derive(Clone)]
-/// TODO: Replace with database in production
+pub struct VapidConfig {
-#[derive(Default, Clone)]
+    pub private_key: String,
+    pub public_key: String,
+    pub email: String,
+}
+
+#[derive(Clone)]
 pub struct PushSubscriptionStore {
+    db: Option<Db>,
     subscriptions: Arc<RwLock<Vec<PushSubscription>>>,
+    vapid_config: VapidConfig,
 }
 
 impl PushSubscriptionStore {
     pub fn new() -> Self {
+        let private_key = std::env::var("VAPID_PRIVATE_KEY").expect("VAPID_PRIVATE_KEY must be set in .env");
+        let public_key = std::env::var("VAPID_PUBLIC_KEY").expect("VAPID_PUBLIC_KEY must be set in .env");
+        let email = std::env::var("VAPID_EMAIL").expect("VAPID_EMAIL must be set in .env");
+
         Self {
+            db: None,
             subscriptions: Arc::new(RwLock::new(Vec::new())),
+            vapid_config: VapidConfig {
+                private_key,
+                public_key,
+                email,
+            },
         }
     }
 
+    pub async fn with_db(db: &Db) -> Result<Self, Box<dyn std::error::Error>> {
+        let mut subscriptions_vec: Vec<PushSubscription> = Vec::new();
+
+        // Load existing subscriptions from DB
+        let subs = db.get_all_push_subscriptions().await?;
+        for (endpoint, p256dh, auth) in subs {
+            subscriptions_vec.push(PushSubscription {
+                endpoint,
+                keys: PushKeys { p256dh, auth },
+            });
+        }
+        tracing::info!("Loaded {} push subscriptions from database", subscriptions_vec.len());
+
+        let private_key = std::env::var("VAPID_PRIVATE_KEY").expect("VAPID_PRIVATE_KEY must be set in .env");
+        let public_key = std::env::var("VAPID_PUBLIC_KEY").expect("VAPID_PUBLIC_KEY must be set in .env");
+        let email = std::env::var("VAPID_EMAIL").expect("VAPID_EMAIL must be set in .env");
+
+        Ok(Self {
+            db: Some(db.clone()),
+            subscriptions: Arc::new(RwLock::new(subscriptions_vec)),
+            vapid_config: VapidConfig {
+                private_key,
+                public_key,
+                email,
+            },
+        })
+    }
+
     pub async fn add_subscription(&self, subscription: PushSubscription) {
+        // Add to memory
         let mut subs = self.subscriptions.write().await;
 
         // Remove duplicate endpoint if exists
         subs.retain(|s| s.endpoint != subscription.endpoint);
-        
+        subs.push(subscription.clone());
-        subs.push(subscription);
         tracing::info!("Added push subscription. Total: {}", subs.len());
+
+        // Save to DB if available
+        if let Some(db) = &self.db {
+            if let Err(e) = db.save_push_subscription(
+                &subscription.endpoint,
+                &subscription.keys.p256dh,
+                &subscription.keys.auth,
+            ).await {
+                tracing::error!("Failed to save push subscription to DB: {}", e);
+            }
+        }
     }
 
     pub async fn remove_subscription(&self, endpoint: &str) {
+        // Remove from memory
         let mut subs = self.subscriptions.write().await;
         subs.retain(|s| s.endpoint != endpoint);
         tracing::info!("Removed push subscription. Total: {}", subs.len());
+
+        // Remove from DB if available
+        if let Some(db) = &self.db {
+            if let Err(e) = db.remove_push_subscription(endpoint).await {
+                tracing::error!("Failed to remove push subscription from DB: {}", e);
+            }
+        }
     }
 
     pub async fn get_all_subscriptions(&self) -> Vec<PushSubscription> {
         self.subscriptions.read().await.clone()
     }
+
+    pub fn get_public_key(&self) -> &str {
+        &self.vapid_config.public_key
+    }
 }
 
 /// Send push notification to all subscribed clients
@@ -81,47 +147,68 @@ pub async fn send_push_notification(
         "tag": "vibetorrent"
     });
 
-    let client = HyperWebPushClient::new();
+    let client = Arc::new(HyperWebPushClient::new());
+    let vapid_config = store.vapid_config.clone();
+    let payload_str = payload.to_string();
 
-    for subscription in subscriptions {
+    // Send notifications concurrently
-        let subscription_info = SubscriptionInfo {
+    futures::stream::iter(subscriptions)
-            endpoint: subscription.endpoint.clone(),
+        .for_each_concurrent(10, |subscription| {
-            keys: web_push::SubscriptionKeys {
+            let client = client.clone();
-                p256dh: subscription.keys.p256dh.clone(),
+            let vapid_config = vapid_config.clone();
-                auth: subscription.keys.auth.clone(),
+            let payload_str = payload_str.clone();
-            },
-        };
 
-        let mut sig_builder = VapidSignatureBuilder::from_base64(
+            async move {
-            VAPID_PRIVATE_KEY,
+                let subscription_info = SubscriptionInfo {
-            web_push::URL_SAFE_NO_PAD,
+                    endpoint: subscription.endpoint.clone(),
-            &subscription_info,
+                    keys: web_push::SubscriptionKeys {
-        )?;
+                        p256dh: subscription.keys.p256dh.clone(),
+                        auth: subscription.keys.auth.clone(),
+                    },
+                };
 
-        sig_builder.add_claim("sub", VAPID_EMAIL);
+                let sig_res = VapidSignatureBuilder::from_base64(
-        sig_builder.add_claim("aud", subscription.endpoint.clone());
+                    &vapid_config.private_key,
-        let signature = sig_builder.build()?;
+                    web_push::URL_SAFE_NO_PAD,
+                    &subscription_info,
+                );
 
-        let mut builder = WebPushMessageBuilder::new(&subscription_info);
+                match sig_res {
-        builder.set_vapid_signature(signature);
+                    Ok(mut sig_builder) => {
+                        sig_builder.add_claim("sub", vapid_config.email.as_str());
+                        sig_builder.add_claim("aud", subscription.endpoint.as_str());
                         
-        let payload_str = payload.to_string();
+                        match sig_builder.build() {
-        builder.set_payload(web_push::ContentEncoding::Aes128Gcm, payload_str.as_bytes());
+                            Ok(signature) => {
+                                let mut builder = WebPushMessageBuilder::new(&subscription_info);
+                                builder.set_vapid_signature(signature);
+                                builder.set_payload(web_push::ContentEncoding::Aes128Gcm, payload_str.as_bytes());
 
-        match client.send(builder.build()?).await {
+                                match builder.build() {
-            Ok(_) => {
+                                    Ok(msg) => {
-                tracing::debug!("Push notification sent to: {}", subscription.endpoint);
+                                        match client.send(msg).await {
+                                            Ok(_) => {
+                                                tracing::debug!("Push notification sent to: {}", subscription.endpoint);
+                                            }
+                                            Err(e) => {
+                                                tracing::error!("Failed to send push notification to {}: {}", subscription.endpoint, e);
+                                            }
+                                        }
+                                    }
+                                    Err(e) => tracing::error!("Failed to build push message: {}", e),
+                                }
+                            }
+                            Err(e) => tracing::error!("Failed to build VAPID signature: {}", e),
+                        }
+                    }
+                    Err(e) => tracing::error!("Failed to create VAPID signature builder: {}", e),
+                }
             }
-            Err(e) => {
+        })
-                tracing::error!("Failed to send push notification: {}", e);
+        .await;
-                // TODO: Remove invalid subscriptions
+
-            }
+        Ok(())
-        }
+
     }
 
-    Ok(())
-}
     
-pub fn get_vapid_public_key() -> &'static str {
-    VAPID_PUBLIC_KEY
-}

backend/src/rate_limit.rs

@@ -0,0 +1,16 @@
+use governor::clock::QuantaInstant;
+use governor::middleware::NoOpMiddleware;
+use tower_governor::governor::GovernorConfig;
+use tower_governor::governor::GovernorConfigBuilder;
+use tower_governor::key_extractor::SmartIpKeyExtractor;
+
+pub fn get_login_rate_limit_config() -> GovernorConfig<SmartIpKeyExtractor, NoOpMiddleware<QuantaInstant>> {
+    // 5 yanlış denemeden sonra bloklanır.
+    // Her yeni hak için 60 saniye (1 dakika) bekleme süresi.
+    GovernorConfigBuilder::default()
+        .key_extractor(SmartIpKeyExtractor)
+        .per_second(60) 
+        .burst_size(5)
+        .finish()
+        .unwrap()
+}

docker/runner/Dockerfile

@@ -20,6 +20,8 @@ RUN apt-get update && apt-get install -y \
     jq \
     # Needed for some crate compilations
     protobuf-compiler \
+    # Install binaryen to have wasm-opt available system-wide
+    binaryen \
     && rm -rf /var/lib/apt/lists/*
 
 # 2. Install Node.js v20 (Manual install to support multi-arch cleanly)
@@ -70,7 +72,7 @@ RUN . "$HOME/.cargo/env" && \
     ARCH=$(dpkg --print-architecture) && \
     if [ "$ARCH" = "amd64" ]; then TRUNK_ARCH="x86_64-unknown-linux-gnu"; \
     elif [ "$ARCH" = "arm64" ]; then TRUNK_ARCH="aarch64-unknown-linux-gnu"; fi && \
-    wget -qO- "https://github.com/trunk-rs/trunk/releases/download/v0.21.5/trunk-$TRUNK_ARCH.tar.gz" | tar -xzf - -C /root/.cargo/bin/ && \
+    wget -qO- "https://github.com/trunk-rs/trunk/releases/download/v0.21.14/trunk-$TRUNK_ARCH.tar.gz" | tar -xzf - -C /root/.cargo/bin/ && \
     chmod +x /root/.cargo/bin/trunk && \
     # Install wasm-bindgen-cli (Compiling from source to avoid glibc issues, doing it ONCE here)
     cargo install wasm-bindgen-cli --version 0.2.108

frontend/Cargo.toml

@@ -21,7 +21,7 @@ wasm-bindgen = "0.2"
 wasm-bindgen-futures = "0.4"
 uuid = { version = "1", features = ["v4", "js"] }
 futures = "0.3"
-chrono = { version = "0.4", features = ["serde"] }
+chrono = { version = "0.4", features = ["serde", "wasm-bindgen"] }
 web-sys = { version = "0.3", features = [
     "HtmlDivElement",
     "HtmlUListElement",
@@ -52,3 +52,15 @@ web-sys = { version = "0.3", features = [
 shared = { path = "../shared" }
 tailwind_fuse = "0.3.2"
 js-sys = "0.3.85"
+
+[profile.release]
+# En yüksek seviyede boyut optimizasyonu
+opt-level = "z"
+# Tüm kütüphaneler arasında link-time optimizasyonu yapar (Çok etkilidir)
+lto = true
+# Kod üretim birimini 1'e düşürerek daha iyi optimizasyon sağlar
+codegen-units = 1
+# Hata durumunda stack unwinding yerine doğrudan durur (Kod boyutunu düşürür)
+panic = "abort"
+# Sembolleri ve debug bilgilerini siler
+strip = true

frontend/index.html

@@ -86,12 +86,15 @@
             id="app-loading"
             style="
                 display: flex;
+                flex-direction: column;
                 justify-content: center;
                 align-items: center;
                 height: 100vh;
+                font-family: sans-serif;
             "
         >
             <div
+                id="app-loading-spinner"
                 style="
                     width: 40px;
                     height: 40px;
@@ -102,6 +105,32 @@
                     opacity: 0.5;
                 "
             ></div>
+            <div
+                id="app-loading-error"
+                style="display: none; text-align: center; margin-top: 20px; padding: 0 20px"
+            >
+                <p style="color: #ef4444; font-weight: bold; margin-bottom: 8px">
+                    Uygulama yüklenemedi
+                </p>
+                <p style="font-size: 14px; opacity: 0.7">
+                    Bağlantınız yavaş olabilir veya bir sistem hatası oluşmuş olabilir.
+                </p>
+                <button
+                    onclick="location.reload()"
+                    style="
+                        margin-top: 16px;
+                        padding: 8px 16px;
+                        background: #3b82f6;
+                        color: white;
+                        border: none;
+                        border-radius: 6px;
+                        cursor: pointer;
+                        font-weight: 500;
+                    "
+                >
+                    Sayfayı Yenile
+                </button>
+            </div>
         </div>
         <style>
             @keyframes spin {
@@ -115,6 +144,34 @@
             }
         </style>
 
+        <script>
+            // App loading timeout handler
+            (function () {
+                var timeout = setTimeout(function () {
+                    if (!document.body.classList.contains("app-loaded")) {
+                        var spinner = document.getElementById("app-loading-spinner");
+                        var error = document.getElementById("app-loading-error");
+                        if (spinner) spinner.style.display = "none";
+                        if (error) error.style.display = "block";
+                    }
+                }, 15000); // 15 seconds timeout
+
+                // Clean up timeout if app loads
+                var observer = new MutationObserver(function (mutations) {
+                    mutations.forEach(function (mutation) {
+                        if (
+                            mutation.attributeName === "class" &&
+                            document.body.classList.contains("app-loaded")
+                        ) {
+                            clearTimeout(timeout);
+                            observer.disconnect();
+                        }
+                    });
+                });
+                observer.observe(document.body, { attributes: true });
+            })();
+        </script>
+        
         <!-- Service Worker Registration & PWA Setup -->
         <script>
             if ("serviceWorker" in navigator) {

frontend/src/app.rs

@@ -1,6 +1,4 @@
-use crate::components::layout::sidebar::Sidebar;
+use crate::components::layout::protected::Protected;
-use crate::components::layout::statusbar::StatusBar;
-use crate::components::layout::toolbar::Toolbar;
 use crate::components::toast::ToastContainer;
 use crate::components::torrent::table::TorrentTable;
 use crate::components::auth::login::Login;
@@ -14,6 +12,11 @@ struct SetupStatus {
     completed: bool,
 }
 
+#[derive(Deserialize)]
+struct UserResponse {
+    username: String,
+}
+
 #[component]
 pub fn App() -> impl IntoView {
     crate::store::provide_torrent_store();
@@ -25,77 +28,80 @@ pub fn App() -> impl IntoView {
     // Check Auth & Setup Status on load
     create_effect(move |_| {
         spawn_local(async move {
+            logging::log!("App initialization started...");
+
             // 1. Check Setup Status
             let setup_res = gloo_net::http::Request::get("/api/setup/status").send().await;
-            if let Ok(resp) = setup_res {
+
-                if let Ok(status) = resp.json::<SetupStatus>().await {
+            match setup_res {
-                    if !status.completed {
+                Ok(resp) => {
-                        // Redirect to setup if not completed
+                    if resp.ok() {
-                        let navigate = use_navigate();
+                        match resp.json::<SetupStatus>().await {
-                        navigate("/setup", Default::default());
+                            Ok(status) => {
-                        set_is_loading.set(false);
+                                if !status.completed {
-                        return;
+                                    logging::log!("Setup not completed, redirecting to /setup");
+                                    let navigate = use_navigate();
+                                    navigate("/setup", Default::default());
+                                    set_is_loading.set(false);
+                                    return;
+                                }
+                            }
+                            Err(e) => logging::error!("Failed to parse setup status: {}", e),
+                        }
                     }
                 }
+                Err(e) => logging::error!("Network error checking setup status: {}", e),
             }
 
             // 2. Check Auth Status
             let auth_res = gloo_net::http::Request::get("/api/auth/check").send().await;
-            if let Ok(resp) = auth_res {
-                if resp.status() == 200 {
-                    set_is_authenticated.set(true);
 
-                    // Initialize push notifications logic only if authenticated
+                        match auth_res {
-                    // ... (Push notification logic moved here or kept global but guarded)
+                            Ok(resp) => {
-                } else {
+                                if resp.status() == 200 {
-                    let navigate = use_navigate();
+                                    logging::log!("Authenticated!");
-                    // If we are already on login or setup, don't redirect loop
+
-                    let pathname = window().location().pathname().unwrap_or_default();
+                                    // Parse user info
-                    if pathname != "/login" && pathname != "/setup" {
+                                    if let Ok(user_info) = resp.json::<UserResponse>().await {
-                         navigate("/login", Default::default());
+                                        if let Some(store) = use_context::<crate::store::TorrentStore>() {
-                    }
+                                            store.user.set(Some(user_info.username));
-                }
+                                        }
-            }
+                                    }
+
+                                    set_is_authenticated.set(true);
+
+                                    // If user is already authenticated but on login/setup page, redirect to home
+                                    let pathname = window().location().pathname().unwrap_or_default();
+                                    if pathname == "/login" || pathname == "/setup" {
+                                        logging::log!("Already authenticated, redirecting to home");
+                                        let navigate = use_navigate();
+                                        navigate("/", Default::default());
+                                    }
+                                } else {
+                                    logging::log!("Not authenticated, redirecting to /login");
+                                    let navigate = use_navigate();
+                                    let pathname = window().location().pathname().unwrap_or_default();
+                                    if pathname != "/login" && pathname != "/setup" {
+                                         navigate("/login", Default::default());
+                                    }
+                                }
+                            }
+                            Err(e) => logging::error!("Network error checking auth status: {}", e),
+                        }
             set_is_loading.set(false);
         });
     });
-
+    // Initialize push notifications (Only if authenticated)
-    // Initialize push notifications after user grants permission (Only if authenticated)
     create_effect(move |_| {
         if is_authenticated.get() {
             spawn_local(async {
+                // ... (Push notification logic kept same, shortened for brevity in this replace)
                 // Wait a bit for service worker to be ready
                 gloo_timers::future::TimeoutFuture::new(2000).await;
 
-                // Check if running on iOS and not standalone
+                if crate::utils::platform::supports_push_notifications() && !crate::utils::platform::is_safari() {
-                if let Some(ios_message) = crate::utils::platform::get_ios_notification_info() {
+                     crate::store::subscribe_to_push_notifications().await;
-                    log::warn!("iOS detected: {}", ios_message);
-                    if let Some(store) = use_context::<crate::store::TorrentStore>() {
-                        crate::store::show_toast_with_signal(
-                            store.notifications,
-                            shared::NotificationLevel::Info,
-                            ios_message,
-                        );
-                    }
-                    return;
                 }
-
-                if !crate::utils::platform::supports_push_notifications() {
-                    return;
-                }
-
-                if crate::utils::platform::is_safari() {
-                    if let Some(store) = use_context::<crate::store::TorrentStore>() {
-                        crate::store::show_toast_with_signal(
-                            store.notifications,
-                            shared::NotificationLevel::Info,
-                            "Bildirim izni için sağ alttaki ayarlar ⚙️ ikonuna basın.".to_string(),
-                        );
-                    }
-                    return;
-                }
-
-                crate::store::subscribe_to_push_notifications().await;
             });
         }
     });
@@ -107,38 +113,29 @@ pub fn App() -> impl IntoView {
                     <Route path="/login" view=move || view! { <Login /> } />
                     <Route path="/setup" view=move || view! { <Setup /> } />
 
-                    <Route path="/*" view=move || {
+                    <Route path="/" view=move || {
                         view! {
                             <Show when=move || !is_loading.get() fallback=|| view! {
                                 <div class="flex items-center justify-center h-screen bg-base-100">
                                     <span class="loading loading-spinner loading-lg"></span>
                                 </div>
                             }>
-                                <Show when=move || is_authenticated.get() fallback=|| view! { <Login /> }>
+                                <Show when=move || is_authenticated.get() fallback=|| ()>
-                                    // Protected Layout
+                                    <Protected>
-                                    <div class="drawer lg:drawer-open h-full w-full">
+                                        <TorrentTable />
-                                        <input id="my-drawer" type="checkbox" class="drawer-toggle" />
+                                    </Protected>
+                                </Show>
+                            </Show>
+                        }
+                    }/>
 
-                                        <div class="drawer-content flex flex-col h-full overflow-hidden bg-base-100 text-base-content text-sm select-none">
+                    <Route path="/settings" view=move || {
-                                            <Toolbar />
+                        view! {
-
+                            <Show when=move || !is_loading.get() fallback=|| ()>
-                                            <main class="flex-1 flex flex-col min-w-0 bg-base-100 overflow-hidden pb-8">
+                                <Show when=move || is_authenticated.get() fallback=|| ()>
-                                                <Routes>
+                                    <Protected>
-                                                    <Route path="/" view=move || view! { <TorrentTable /> } />
+                                        <div class="p-4">"Settings Page (Coming Soon)"</div>
-                                                    <Route path="/settings" view=move || view! { <div class="p-4">"Settings Page (Coming Soon)"</div> } />
+                                    </Protected>
-                                                </Routes>
-                                            </main>
-
-                                            <StatusBar />
-                                        </div>
-
-                                        <div class="drawer-side z-40 transition-none duration-0">
-                                            <label for="my-drawer" aria-label="close sidebar" class="drawer-overlay transition-none duration-0"></label>
-                                            <div class="menu p-0 min-h-full bg-base-200 text-base-content border-r border-base-300 transition-none duration-0">
-                                                <Sidebar />
-                                            </div>
-                                        </div>
-                                    </div>
                                 </Show>
                             </Show>
                         }

frontend/src/components/auth/login.rs

@@ -1,17 +1,18 @@
 use leptos::*;
-use leptos_router::*;
 use serde::Serialize;
 
 #[derive(Serialize)]
 struct LoginRequest {
     username: String,
     password: String,
+    remember_me: bool,
 }
 
 #[component]
 pub fn Login() -> impl IntoView {
     let (username, set_username) = create_signal(String::new());
     let (password, set_password) = create_signal(String::new());
+    let (remember_me, set_remember_me) = create_signal(false);
     let (error, set_error) = create_signal(Option::<String>::None);
     let (loading, set_loading) = create_signal(false);
 
@@ -26,6 +27,7 @@ pub fn Login() -> impl IntoView {
             let req = LoginRequest {
                 username: username.get(),
                 password: password.get(),
+                remember_me: remember_me.get(),
             };
 
             let client = gloo_net::http::Request::post("/api/auth/login")
@@ -39,6 +41,8 @@ pub fn Login() -> impl IntoView {
                         logging::log!("Login successful, redirecting...");
                         // Force a full reload to re-run auth checks in App.rs
                         let _ = window().location().set_href("/");
+                    } else if resp.status() == 429 {
+                        set_error.set(Some("Çok fazla başarısız deneme yaptınız. Lütfen bir süre bekleyip tekrar deneyin.".to_string()));
                     } else {
                         let text = resp.text().await.unwrap_or_default();
                         logging::error!("Login failed: {}", text);
@@ -89,6 +93,19 @@ pub fn Login() -> impl IntoView {
                             />
                         </div>
 
+                        <div class="form-control mt-4">
+                            <label class="label cursor-pointer justify-start gap-3">
+                                <input
+                                    type="checkbox"
+                                    class="checkbox checkbox-primary checkbox-sm"
+                                    prop:checked=remember_me
+                                    on:change=move |ev| set_remember_me.set(event_target_checked(&ev))
+                                    disabled=move || loading.get()
+                                />
+                                <span class="label-text">"Beni Hatırla"</span>
+                            </label>
+                        </div>
+
                         <Show when=move || error.get().is_some()>
                             <div class="alert alert-error mt-4 text-sm py-2">
                                 <svg xmlns="http://www.w3.org/2000/svg" class="stroke-current shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M10 14l2-2m0 0l2-2m-2 2l-2-2m2 2l2 2m7-2a9 9 0 11-18 0 9 9 0 0118 0z" /></svg>

frontend/src/components/auth/setup.rs

@@ -1,5 +1,4 @@
 use leptos::*;
-use leptos_router::*;
 use serde::Serialize;
 
 #[derive(Serialize)]
@@ -49,8 +48,9 @@ pub fn Setup() -> impl IntoView {
             match client.send().await {
                 Ok(resp) => {
                     if resp.ok() {
-                        // Redirect to login after setup (full reload to be safe)
+                        // Redirect to home after setup (auto-login handled by backend)
-                        let _ = window().location().set_href("/login");
+                        // Full reload to ensure auth state is refreshed
+                        let _ = window().location().set_href("/");
                     } else {
                         let text = resp.text().await.unwrap_or_default();
                         set_error.set(Some(format!("Hata: {}", text)));

frontend/src/components/layout/mod.rs

@@ -1,3 +1,4 @@
 pub mod sidebar;
-pub mod toolbar;
 pub mod statusbar;
+pub mod toolbar;
+pub mod protected;

frontend/src/components/layout/protected.rs

@@ -0,0 +1,30 @@
+use leptos::*;
+use crate::components::layout::sidebar::Sidebar;
+use crate::components::layout::statusbar::StatusBar;
+use crate::components::layout::toolbar::Toolbar;
+
+#[component]
+pub fn Protected(children: Children) -> impl IntoView {
+    view! {
+        <div class="drawer lg:drawer-open h-full w-full">
+            <input id="my-drawer" type="checkbox" class="drawer-toggle" />
+
+            <div class="drawer-content flex flex-col h-full overflow-hidden bg-base-100 text-base-content text-sm select-none">
+                <Toolbar />
+
+                <main class="flex-1 flex flex-col min-w-0 bg-base-100 overflow-hidden pb-8">
+                    {children()}
+                </main>
+
+                <StatusBar />
+            </div>
+
+            <div class="drawer-side z-40 transition-none duration-0">
+                <label for="my-drawer" aria-label="close sidebar" class="drawer-overlay transition-none duration-0"></label>
+                <div class="menu p-0 min-h-full bg-base-200 text-base-content border-r border-base-300 transition-none duration-0">
+                    <Sidebar />
+                </div>
+            </div>
+        </div>
+    }
+}

frontend/src/components/layout/sidebar.rs

@@ -74,69 +74,202 @@ pub fn Sidebar() -> impl IntoView {
         }
     };
 
-    view! {
+    let handle_logout = move |_| {
-        <div class="w-64 h-full flex flex-col bg-base-200 border-r border-base-300" style="padding-top: env(safe-area-inset-top);">
+        spawn_local(async move {
-            <div class="p-2">
+            let client = gloo_net::http::Request::post("/api/auth/logout");
-                <ul class="menu w-full rounded-box gap-1">
+            if let Ok(resp) = client.send().await {
-                    <li class="menu-title text-primary uppercase font-bold px-4">"Filters"</li>
+                if resp.ok() {
-                    <li>
+                    // Force full reload to clear state
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::All))} on:click=move |_| set_filter(crate::store::FilterStatus::All)>
+                    let _ = window().location().set_href("/login");
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+                }
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M3.75 6.75h16.5M3.75 12h16.5m-16.5 5.25h16.5" />
+            }
-                            </svg>
+        });
-                            "All"
+    };
-                            <span class="badge badge-sm badge-ghost ml-auto">{total_count}</span>
+
-                        </button>
+                let username = move || {
-                    </li>
+
-                    <li>
+                    store.user.get().unwrap_or_else(|| "User".to_string())
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Downloading))} on:click=move |_| set_filter(crate::store::FilterStatus::Downloading)>
+
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+                };
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M3 16.5v2.25A2.25 2.25 0 005.25 21h13.5A2.25 2.25 0 0021 18.75V16.5M16.5 12L12 16.5m0 0L7.5 12m4.5 4.5V3" />
-                            </svg>
-                            "Downloading"
-                            <span class="badge badge-sm badge-ghost ml-auto">{downloading_count}</span>
-                        </button>
-                    </li>
-                    <li>
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Seeding))} on:click=move |_| set_filter(crate::store::FilterStatus::Seeding)>
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M3 16.5v2.25A2.25 2.25 0 005.25 21h13.5A2.25 2.25 0 0021 18.75V16.5m-13.5-9L12 3m0 0l4.5 4.5M12 3v13.5" />
-                            </svg>
-                            "Seeding"
-                            <span class="badge badge-sm badge-ghost ml-auto">{seeding_count}</span>
-                        </button>
-                    </li>
-                    <li>
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Completed))} on:click=move |_| set_filter(crate::store::FilterStatus::Completed)>
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M9 12.75L11.25 15 15 9.75M21 12a9 9 0 11-18 0 9 9 0 0118 0z" />
-                            </svg>
-                            "Completed"
-                            <span class="badge badge-sm badge-ghost ml-auto">{completed_count}</span>
-                        </button>
-                    </li>
-                    <li>
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Paused))} on:click=move |_| set_filter(crate::store::FilterStatus::Paused)>
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M15.75 5.25v13.5m-7.5-13.5v13.5" />
-                            </svg>
-                            "Paused"
-                            <span class="badge badge-sm badge-ghost ml-auto">{paused_count}</span>
-                        </button>
-                    </li>
-                    <li>
-                        <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Inactive))} on:click=move |_| set_filter(crate::store::FilterStatus::Inactive)>
-                            <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
-                                <path stroke-linecap="round" stroke-linejoin="round" d="M18.364 18.364A9 9 0 005.636 5.636m12.728 12.728A9 9 0 015.636 5.636m12.728 12.728L5.636 5.636" />
-                            </svg>
-                            "Inactive"
-                             <span class="badge badge-sm badge-ghost ml-auto">{inactive_count}</span>
-                        </button>
-                    </li>
-                </ul>
-            </div>
 
 
-        </div>
+
-    }
+                let first_letter = move || {
-}
+
+                    username().chars().next().unwrap_or('?').to_uppercase().to_string()
+
+                };
+
+
+
+                view! {
+
+                    <div class="w-64 min-h-[100dvh] flex flex-col bg-base-200 border-r border-base-300 pb-8" style="padding-top: env(safe-area-inset-top);">
+
+                        <div class="p-2 flex-1 overflow-y-auto">
+
+                            <ul class="menu w-full rounded-box gap-1">
+
+                                <li class="menu-title text-primary uppercase font-bold px-4">"Filters"</li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::All))} on:click=move |_| set_filter(crate::store::FilterStatus::All)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M3.75 6.75h16.5M3.75 12h16.5m-16.5 5.25h16.5" />
+
+                                        </svg>
+
+                                        "All"
+
+                                        <span class="badge badge-sm badge-ghost ml-auto">{total_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Downloading))} on:click=move |_| set_filter(crate::store::FilterStatus::Downloading)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M3 16.5v2.25A2.25 2.25 0 005.25 21h13.5A2.25 2.25 0 0021 18.75V16.5M16.5 12L12 16.5m0 0L7.5 12m4.5 4.5V3" />
+
+                                        </svg>
+
+                                        "Downloading"
+
+                                        <span class="badge badge-sm badge-ghost ml-auto">{downloading_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Seeding))} on:click=move |_| set_filter(crate::store::FilterStatus::Seeding)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M3 16.5v2.25A2.25 2.25 0 005.25 21h13.5A2.25 2.25 0 0021 18.75V16.5m-13.5-9L12 3m0 0l4.5 4.5M12 3v13.5" />
+
+                                        </svg>
+
+                                        "Seeding"
+
+                                        <span class="badge badge-sm badge-ghost ml-auto">{seeding_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Completed))} on:click=move |_| set_filter(crate::store::FilterStatus::Completed)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M9 12.75L11.25 15 15 9.75M21 12a9 9 0 11-18 0 9 9 0 0118 0z" />
+
+                                        </svg>
+
+                                        "Completed"
+
+                                        <span class="badge badge-sm badge-ghost ml-auto">{completed_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Paused))} on:click=move |_| set_filter(crate::store::FilterStatus::Paused)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M15.75 5.25v13.5m-7.5-13.5v13.5" />
+
+                                        </svg>
+
+                                        "Paused"
+
+                                        <span class="badge badge-sm badge-ghost ml-auto">{paused_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                                <li>
+
+                                    <button class={move || format!("cursor-pointer {}", filter_class(crate::store::FilterStatus::Inactive))} on:click=move |_| set_filter(crate::store::FilterStatus::Inactive)>
+
+                                        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-5 h-5">
+
+                                            <path stroke-linecap="round" stroke-linejoin="round" d="M18.364 18.364A9 9 0 005.636 5.636m12.728 12.728A9 9 0 015.636 5.636m12.728 12.728L5.636 5.636" />
+
+                                        </svg>
+
+                                        "Inactive"
+
+                                         <span class="badge badge-sm badge-ghost ml-auto">{inactive_count}</span>
+
+                                    </button>
+
+                                </li>
+
+                            </ul>
+
+                        </div>
+
+
+
+                        <div class="p-4 border-t border-base-300 bg-base-200/50">
+
+                            <div class="flex items-center gap-3">
+
+                                <div class="avatar">
+
+                                    <div class="w-8 rounded-full bg-neutral text-neutral-content ring ring-primary ring-offset-base-100 ring-offset-1">
+
+                                        <span class="text-sm font-bold flex items-center justify-center h-full">{first_letter}</span>
+
+                                    </div>
+
+                                </div>
+
+                                <div class="flex-1 overflow-hidden">
+
+                                    <div class="font-bold text-sm truncate">{username}</div>
+
+                                    <div class="text-[10px] text-base-content/60 truncate">"Online"</div>
+
+                                </div>
+
+                                <button
+
+                                    class="btn btn-ghost btn-xs btn-square text-error hover:bg-error/10"
+
+                                    title="Logout"
+
+                                    on:click=handle_logout
+
+                                >
+
+                                    <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-4 h-4">
+
+                                        <path stroke-linecap="round" stroke-linejoin="round" d="M15.75 9V5.25A2.25 2.25 0 0013.5 3h-6a2.25 2.25 0 00-2.25 2.25v13.5A2.25 2.25 0 007.5 21h6a2.25 2.25 0 002.25-2.25V15M12 9l-3 3m0 0l3 3m-3-3h12.75" />
+
+                                    </svg>
+
+                                </button>
+
+                            </div>
+
+                        </div>
+
+                    </div>
+
+                }}

frontend/src/components/torrent/table.rs

@@ -45,6 +45,17 @@ fn format_duration(seconds: i64) -> String {
     }
 }
 
+fn format_date(timestamp: i64) -> String {
+    if timestamp <= 0 {
+        return "N/A".to_string();
+    }
+    let dt = chrono::DateTime::from_timestamp(timestamp, 0);
+    match dt {
+        Some(dt) => dt.format("%d/%m/%Y %H:%M").to_string(),
+        None => "N/A".to_string(),
+    }
+}
+
 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
 enum SortColumn {
     Name,
@@ -54,6 +65,7 @@ enum SortColumn {
     DownSpeed,
     UpSpeed,
     ETA,
+    AddedDate,
 }
 
 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
@@ -66,8 +78,8 @@ enum SortDirection {
 pub fn TorrentTable() -> impl IntoView {
     let store = use_context::<crate::store::TorrentStore>().expect("store not provided");
 
-    let sort_col = create_rw_signal(SortColumn::Name);
+    let sort_col = create_rw_signal(SortColumn::AddedDate);
-    let sort_dir = create_rw_signal(SortDirection::Ascending);
+    let sort_dir = create_rw_signal(SortDirection::Descending);
 
     let filtered_torrents = move || {
         let mut torrents = store
@@ -127,6 +139,7 @@ pub fn TorrentTable() -> impl IntoView {
                     let b_eta = if b.eta <= 0 { i64::MAX } else { b.eta };
                     a_eta.cmp(&b_eta)
                 }
+                SortColumn::AddedDate => a.added_date.cmp(&b.added_date),
             };
             if dir == SortDirection::Descending {
                 cmp.reverse()
@@ -264,6 +277,9 @@ pub fn TorrentTable() -> impl IntoView {
                             <th class="w-24 cursor-pointer hover:bg-base-300 group select-none" on:click=move |_| handle_sort(SortColumn::ETA)>
                                  <div class="flex items-center">"ETA" {move || sort_arrow(SortColumn::ETA)}</div>
                             </th>
+                            <th class="w-32 cursor-pointer hover:bg-base-300 group select-none" on:click=move |_| handle_sort(SortColumn::AddedDate)>
+                                 <div class="flex items-center">"Date" {move || sort_arrow(SortColumn::AddedDate)}</div>
+                            </th>
                         </tr>
                     </thead>
                     <tbody>
@@ -317,6 +333,7 @@ pub fn TorrentTable() -> impl IntoView {
                                     <td class="text-right font-mono text-[11px] opacity-80 text-success">{format_speed(t.down_rate)}</td>
                                     <td class="text-right font-mono text-[11px] opacity-80 text-primary">{format_speed(t.up_rate)}</td>
                                     <td class="text-right font-mono text-[11px] opacity-80">{format_duration(t.eta)}</td>
+                                    <td class="text-right font-mono text-[11px] opacity-80 whitespace-nowrap">{format_date(t.added_date)}</td>
                                 </tr>
                             }
                         }).collect::<Vec<_>>()}
@@ -325,14 +342,6 @@ pub fn TorrentTable() -> impl IntoView {
             </div>
 
                         <div class="md:hidden flex flex-col h-full bg-base-200 relative">
-                            // Transparent overlay to close sort dropdown
-                            <Show when=move || sort_open.get()>
-                                <div
-                                    class="fixed inset-0 z-[98] cursor-default"
-                                    on:pointerdown=move |_| set_sort_open.set(false)
-                                ></div>
-                            </Show>
-
                             <div class="px-3 py-2 border-b border-base-200 flex justify-between items-center bg-base-100/95 backdrop-blur z-10 shrink-0">
                                 <span class="text-xs font-bold opacity-50 uppercase tracking-wider">"Torrents"</span>
 
@@ -354,34 +363,35 @@ pub fn TorrentTable() -> impl IntoView {
                                     <ul
                                         class="absolute top-full right-0 z-[100] menu p-2 shadow bg-base-100 rounded-box w-48 mt-1 border border-base-200 text-xs"
                                         style=move || if sort_open.get() { "display: block" } else { "display: none" }
-                                        on:pointerdown=move |e| e.stop_propagation()
                                     >
                                          <li class="menu-title px-2 py-1 opacity-50 text-[10px] uppercase font-bold">"Sort By"</li>
                                          {
-                                             let columns = vec![
+                                              let columns = vec![
-                                                 (SortColumn::Name, "Name"),
+                                                  (SortColumn::Name, "Name"),
-                                                 (SortColumn::Size, "Size"),
+                                                  (SortColumn::Size, "Size"),
-                                                 (SortColumn::Progress, "Progress"),
+                                                  (SortColumn::Progress, "Progress"),
-                                                 (SortColumn::Status, "Status"),
+                                                  (SortColumn::Status, "Status"),
-                                                 (SortColumn::DownSpeed, "Down Speed"),
+                                                  (SortColumn::DownSpeed, "Down Speed"),
-                                                 (SortColumn::UpSpeed, "Up Speed"),
+                                                  (SortColumn::UpSpeed, "Up Speed"),
-                                                 (SortColumn::ETA, "ETA"),
+                                                  (SortColumn::ETA, "ETA"),
-                                             ];
+                                                  (SortColumn::AddedDate, "Date"),
+                                              ];
 
-                                             columns.into_iter().map(|(col, label)| {
+                                              columns.into_iter().map(|(col, label)| {
-                                                 let is_active = move || sort_col.get() == col;
+                                                  let is_active = move || sort_col.get() == col;
-                                                 let current_dir = move || sort_dir.get();
+                                                  let current_dir = move || sort_dir.get();
 
-                                                 view! {
+                                                  view! {
-                                                     <li>
+                                                      <li>
-                                                         <button
+                                                          <button
-                                                             class=move || if is_active() { "bg-primary/10 text-primary font-bold flex justify-between" } else { "flex justify-between" }
+                                                              type="button"
-                                                             on:pointerdown=move |e| {
+                                                              class=move || if is_active() { "bg-primary/10 text-primary font-bold flex justify-between" } else { "flex justify-between" }
-                                                                 e.stop_propagation();
+                                                              on:pointerdown=move |e| {
-                                                                 handle_sort(col);
+                                                                  e.stop_propagation();
-                                                                 set_sort_open.set(false);
+                                                                  handle_sort(col);
-                                                             }
+                                                                  set_sort_open.set(false);
-                                                         >
+                                                              }
+                                                          >
                                                              {label}
                                                              <Show when=is_active fallback=|| ()>
                                                                  <span class="opacity-70 text-[10px]">
@@ -500,7 +510,7 @@ pub fn TorrentTable() -> impl IntoView {
                                     <progress class={format!("progress w-full h-1.5 {}", progress_class)} value={t.percent_complete} max="100"></progress>
                                 </div>
 
-                                <div class="grid grid-cols-3 gap-2 text-[10px] font-mono opacity-80 pt-1 border-t border-base-200/50">
+                                <div class="grid grid-cols-4 gap-2 text-[10px] font-mono opacity-80 pt-1 border-t border-base-200/50">
                                     <div class="flex flex-col">
                                         <span class="text-[9px] opacity-60 uppercase">"Down"</span>
                                         <span class="text-success">{format_speed(t.down_rate)}</span>
@@ -509,10 +519,14 @@ pub fn TorrentTable() -> impl IntoView {
                                         <span class="text-[9px] opacity-60 uppercase">"Up"</span>
                                         <span class="text-primary">{format_speed(t.up_rate)}</span>
                                     </div>
-                                    <div class="flex flex-col text-right">
+                                    <div class="flex flex-col text-center border-r border-base-200/50">
                                         <span class="text-[9px] opacity-60 uppercase">"ETA"</span>
                                         <span>{format_duration(t.eta)}</span>
                                     </div>
+                                    <div class="flex flex-col text-right">
+                                        <span class="text-[9px] opacity-60 uppercase">"Date"</span>
+                                        <span>{format_date(t.added_date)}</span>
+                                    </div>
                                 </div>
                             </div>
                         </div>

frontend/src/lib.rs

@@ -11,11 +11,15 @@ use app::App;
 #[wasm_bindgen(start)]
 pub fn main() {
     console_error_panic_hook::set_once();
-    console_log::init_with_level(log::Level::Debug).unwrap();
+    console_log::init_with_level(log::Level::Debug)
+        .expect("Failed to initialize logging");
 
-    let window = web_sys::window().unwrap();
+    let window = web_sys::window()
-    let document = window.document().unwrap();
+        .expect("Failed to access window - browser may not be fully loaded");
-    let body = document.body().unwrap();
+    let document = window.document()
+        .expect("Failed to access document");
+    let body = document.body()
+        .expect("Failed to access document body");
     
     // Add app-loaded class to body to hide spinner via CSS
     let _ = body.class_list().add_1("app-loaded");

frontend/src/store.rs

@@ -120,6 +120,7 @@ pub struct TorrentStore {
     pub search_query: RwSignal<String>,
     pub global_stats: RwSignal<GlobalStats>,
     pub notifications: RwSignal<Vec<NotificationItem>>,
+    pub user: RwSignal<Option<String>>,
 }
 
 pub fn provide_torrent_store() {
@@ -128,6 +129,7 @@ pub fn provide_torrent_store() {
     let search_query = create_rw_signal(String::new());
     let global_stats = create_rw_signal(GlobalStats::default());
     let notifications = create_rw_signal(Vec::<NotificationItem>::new());
+    let user = create_rw_signal(Option::<String>::None);
 
     let store = TorrentStore {
         torrents,
@@ -135,11 +137,18 @@ pub fn provide_torrent_store() {
         search_query,
         global_stats,
         notifications,
+        user,
     };
     provide_context(store);
 
     // Initialize SSE connection with auto-reconnect
     create_effect(move |_| {
+        // Sadece kullanıcı giriş yapmışsa bağlantıyı başlat
+        if user.get().is_none() {
+            logging::log!("SSE: User not authenticated, skipping connection.");
+            return;
+        }
+
         spawn_local(async move {
             let mut backoff_ms: u32 = 1000; // Start with 1 second
             let max_backoff_ms: u32 = 30000; // Max 30 seconds