Bicrypto - Crypto Trading Platform, Exchanges, KYC, Charting Library, Wallets, Binary Trading, News v5.6.9 + Addons

## Fixed

### Cron Jobs
- **Fixed** Cron jobs not showing status updates in admin panel
- **Fixed** Fiat currency fetch timeout errors (increased from 5s to 30s)
- **Fixed** Missing API key validation for currency fetch
- **Fixed** Cron status broadcasts now properly sent via WebSocket
- **Fixed** OpenExchangeRates and ExchangeRate API timeout issues


## Improved

### Cron System
- **Improved** Added status broadcasts for running/completed/failed states
- **Improved** Increased timeout for external API calls (5s → 30s)
- **Improved** Better error messages and validation
- **Improved** Cron job monitoring continues running (as designed for production)

### Error Handling
- **Improved** Better null/undefined checks throughout codebase

Changelog not found

Changelog not found

### Navbar Logo Display
- **Full Logo Display**: Fixed navbar logo appearing as small square when "Full Logo Only" setting was selected
- **Dynamic Sizing**: Logo now properly displays at appropriate size (h-8 lg:h-10) with auto width
- **Aspect Ratio**: Maintained correct aspect ratio for text logos (180x48) instead of constrained square dimensions
- **Component Classes**: Updated NavbarLogo component to respect display settings without forcing square dimensions

### Admin Mega Menu Layout
- **Menu Width**: Increased mega menu width to accommodate longer menu items like "Transaction Management"
- **Dynamic Width**: Changed from fixed min-width to dynamic max-width (90vw) to prevent overflow on smaller screens
- **Left Panel**: Adjusted left panel width from 280px to 250px with proper min-width constraints
- **Right Panel**: Set minimum width of 350px for content area to ensure readability
- **Icon Sizing**: Added `flex-shrink-0` to prevent icons from shrinking on hover
- **Text Wrapping**: Added `whitespace-nowrap` to prevent unwanted text wrapping in menu items

### Binary Trading Dark Mode
- **Theme Persistence**: Fixed navbar showing in light mode when dark mode was active on /binary page
- **Immediate Application**: Added theme synchronization to prevent flash of wrong theme on page load
- **Theme Toggle**: Enhanced theme toggle to immediately apply changes without delay
- **HTML Class Management**: Properly manages dark/light classes on HTML element for consistent theming

### Floating Support Chat
- **Page Exclusions**: Hidden floating support button on /trade and /binary pages as requested
- **Trading Interface**: Removed distracting chat widget from trading pages for cleaner interface
- **Conditional Rendering**: Added page path checking to FloatingChatProvider component

### Binary Orders Menu Icon
- **Missing Icon**: Added `tabler:binary-tree` icon to Binary Orders menu item in admin navigation
- **Consistent Icons**: Ensured all admin menu items have appropriate icons for better visual hierarchy

### Default Pages Rendering
- **Content Fetching**: Fixed pages not fetching content from the correct API endpoint
- **API URL**: Corrected to use `/api/content/default-page/[pageId]` instead of admin endpoint
- **Port Configuration**: Smart detection of development vs production environment for API URLs
- **Development**: Uses `NEXT_PUBLIC_BACKEND_URL` (localhost:4000)
- **Production**: Uses `NEXT_PUBLIC_SITE_URL` without separate port

### Default Pages Styling
- **Background Color**: Fixed pages not using proper zinc background from layout
- **Text Styling**: Applied proper Tailwind classes to all HTML elements from editor
- **Dark Mode Support**: Ensured proper dark mode styling with bg-background class
- **Title Display**: Page titles now display prominently with proper styling
- **Title Spacing**: Increased margin below title (mb-12 mobile, mb-16 desktop) for better readability

### Default Editor Background
- **Unnecessary Background**: Removed hardcoded background colors from default editor pages
- **Layout Consistency**: Editor pages now use parent layout background for consistency

## Improved

### Logo System
- **Size Optimization**: Improved Logo component to handle both icon and text logos appropriately
- **Dynamic Dimensions**: Text logos use 180x48 dimensions for better clarity
- **Class Inheritance**: Logo component now properly respects className prop for flexible sizing

### Mega Menu User Experience
- **Visual Feedback**: Added background color (bg-muted/20) when no items are hovered
- **Content Padding**: Optimized padding (p-4 instead of p-6) for better space utilization
- **Item Spacing**: Improved spacing between menu items for better scanability
- **Overflow Protection**: Added overflow-x-auto to handle edge cases gracefully

### Default Pages Architecture
- **Server Components**: Converted from client to server components for better performance
- **SEO Metadata**: Implemented dynamic metadata generation from editor content
- **Reusable Components**: Created shared DefaultPage component for consistency
- **Content Processing**: Smart content processor that preserves editor formatting while adding styles

### Content Editor Integration
- **Exact Content Rendering**: Pages now display exactly what's entered in the editor
- **No Fallback Content**: Removed hardcoded fallback content (except home page template)
- **Plain Text Support**: Automatically wraps plain text in proper paragraph tags
- **HTML Processing**: Only adds classes to elements without existing styles

### SEO Implementation
- **Dynamic Metadata**: Pages fetch SEO data from backend and apply to page metadata
- **Fallback Values**: Graceful fallback to default SEO values if API data unavailable
- **Keywords Support**: Full support for title, description, and keywords metadata

### Developer Experience
- **Environment Detection**: Automatic environment detection for API URLs
- **Debug Logging**: Added console logging for troubleshooting content fetching
- **Error Handling**: Improved error messages and recovery strategies
- **Code Organization**: Centralized page utilities in default-page.tsx component

## Technical Details

### New Components
- **default-page.tsx**: Reusable component for rendering default pages with consistent styling
- **processContent()**: Function to apply Tailwind classes to HTML content from editor
- **generatePageMetadata()**: Dynamic SEO metadata generation from backend
- **getPageContent()**: Centralized content fetching with proper error handling

### API Integration
- **Public Endpoint**: Uses `/api/content/default-page/[pageId]` for content fetching
- **Cache Busting**: Adds timestamp parameter to prevent stale content
- **Headers**: Proper cache control headers for fresh content
- **Error Recovery**: Graceful handling of API failures with user-friendly messages

### Styling System
- **Tailwind Classes**: Comprehensive class application for all HTML elements
- **Dark Mode**: Full dark mode support with proper color tokens
- **Responsive Design**: Mobile-first approach with responsive spacing
- **Typography**: Consistent typography scale across all content

### Performance Optimizations
- **Server-Side Rendering**: Default pages now use SSR for better SEO and performance
- **No Client-Side Fetching**: Content fetched at build/request time
- **Reduced JavaScript**: Minimal client-side JavaScript for static content
- **Optimized Images**: Proper image sizing and loading strategies

### Binary Trading Enhancements
- **Theme Consistency**: Ensured dark mode persists across all trading interfaces
- **Clean Interface**: Removed unnecessary UI elements from trading pages
- **Focus Mode**: Trading pages optimized for distraction-free trading

### Navigation Improvements
- **Icon Consistency**: All menu items have appropriate icons
- **Visual Hierarchy**: Better organization with icons and proper spacing
- **Responsive Behavior**: Menu adapts properly to different screen sizes

## Migration Notes

### For Developers
- Default pages now fetch from `/api/content/default-page/[pageId]` instead of admin endpoints
- Environment variables properly configured for dev/prod API URLs
- All default pages converted to server components

### For Users
- Default pages will now display exactly what's entered in the editor
- SEO settings from editor are properly applied
- Dark mode works consistently across all pages
- Improved loading performance for default pages

## DataTable Drawer Improvements

### Fixed Dropdown Scrolling in Drawers
- **Mouse Wheel Scrolling**: Fixed issue where dropdowns in DataTable edit/create drawers wouldn't scroll with mouse wheel
- **Vaul Drawer Compatibility**: Added `data-vaul-no-drag` attribute to prevent drawer from intercepting scroll events
- **Z-Index Management**: Increased dropdown z-index from z-[75] to z-[100] to ensure proper layering above drawer content
- **Event Propagation**: Added `onWheel` event handlers to stop scroll event propagation and allow normal scrolling
- **Multi-Select Support**: Applied fixes to both Select and MultiSelect form controls for consistent behavior
- **Scroll Prevention**: Drawer no longer captures scroll events intended for child dropdown components

### Mobile Sidebar Extension Handling
- **Disabled State Consistency**: Fixed mobile sidebar not respecting disabled extension states like desktop mega menu
- **Extension Accessibility**: Disabled extensions are now properly non-clickable and visually dimmed in mobile menu
- **Visual Feedback**: Added `opacity-60 cursor-not-allowed` styling to disabled extension items
- **Background Styling**: Disabled items use `bg-muted/20` background to match desktop mega menu behavior
- **Child Menu Support**: Extended disabled state handling to nested/child menu items

### Extension Icons in Mobile Menu
- **Missing Icons**: Extensions in mobile sidebar now properly display icons consistently with desktop
- **Icon Source Fix**: Changed Extensions menu icon from `solaruzzle-bold-duotone` to `phuzzle-piece-duotone` for better compatibility
- **Visual Hierarchy**: All extension menu items now show appropriate icons for better navigation
- **Iconify Integration**: Ensured proper icon rendering through Iconify React component

### Demo Data Foreign Key Constraints
- **ICO User References**: Fixed ICO demo data foreign key constraint failures by using valid user ID `fbe0aaf7-4321-4a40-84a1-b4321d557033`
- **Token Offerings**: All 7 ICO token offerings now reference existing user accounts
- **Transaction Records**: Updated 5 ICO transaction records to use correct user IDs
- **Database Integrity**: Eliminated SQL import errors related to non-existent user references

### Password Reset Flow
- **Correct URL Routing**: Fixed profile security tab logout and reset password button to redirect to `/reset` instead of non-existent `/auth/reset`
- **Login Page Reference**: Updated security instructions to reference correct `/login` path instead of `/auth/login`
- **Auth Modal Integration**: Reset password page properly triggers auth modal with forgot-password flow when no token is provided

## Settings Organization Improvements

### Spot Trading Settings Relocation
- **Moved from Wallet to Trading**: Spot Exchange setting relocated from "Wallet > Wallet Types" to "Features > Trading" for better logical organization
- **Renamed for Clarity**: Changed from "Spot Exchange" to "Spot Trading" for clearer terminology
- **Description Update**: Updated description to "Enable spot trading functionality" for better understanding
- **Settings Order**: Spot Trading now appears before Chart Type in the Trading subcategory
- **Tab Naming**: Improved Features tab label to "Trading & Features" to better reflect its content

## Homepage Layout Improvements

### Markets Section Image Sizing
- **Fixed Circular Shape**: Added `min-w-[2rem] min-h-[2rem]` to maintain circular shape on all screen sizes
- **Prevent Shrinking**: Added `flex-shrink-0` to prevent container from becoming pill-shaped
- **Consistent Sizing**: Images now maintain proper dimensions even when parent container is compressed
- **Removed Redundant Styles**: Cleaned up unnecessary `rounded-full` and height auto styles from image element

### Responsive Layout with Spot Trading Disabled
- **Dynamic Content Width**: Content now expands to full width when spot trading/markets section is hidden
- **Centered Layout**: Hero content properly centers when markets section is disabled
- **Conditional Alignment**: Text alignment, buttons, and features adjust based on spot trading status
- **Maximum Width**: Content uses `max-w-4xl` for optimal readability when centered
- **Visual Balance**: Eliminates awkward empty space on the right when markets are hidden

## WebSocket Connection Improvements

### Fixed Undefined User ID Connection
- **Connection Guard**: WebSocket connection now only establishes when a valid user ID is present
- **Provider Protection**: WebSocketProvider component conditionally renders based on profile.id existence
- **Safety Check**: Added additional validation in WebSocketProvider to prevent connection with undefined userId
- **Console Warning**: Logs warning message when WebSocket connection is skipped due to missing userId
- **Error Prevention**: Eliminates `ws://localhost:4000/api/user?userId=undefined` connection attempts

### Support Chat Widget Size Optimization
- **Button Size Reduction**: Reduced floating support button from 64x64px (h-16 w-16) to 48x48px (h-12 w-12)
- **Icon Adjustment**: Scaled down MessageCircle icon from 28x28px to 20x20px for proportional appearance
- **Less Intrusive**: Smaller widget provides better user experience without blocking content
- **Maintained Functionality**: All hover effects, animations, and gradients preserved with smaller size

Changelog not found

## Fixed

### KYC Verification System
- **Level 3 Access**: Fixed issue where users with KYC level 3 and all features were still seeing "KYC Required" errors
- **Feature Detection**: Enhanced feature detection logic to recognize users with 20+ features as having full platform access
- **Empty Features Handling**: Fixed handling of empty feature arrays for approved KYC users to grant appropriate access
- **Multi-Site Support**: Improved KYC verification to work across different site configurations with varying level structures
- **Database Scripts**: Added maintenance scripts for upgrading users to appropriate KYC levels and fixing feature configurations

### Dark Mode UI Improvements
- **KYC Application**: Fixed poor visibility of KYC status badges, stat cards, and progress bars in dark mode
- **Color Scheme**: Replaced harsh colors with appropriate dark mode variants using Tailwind CSS dark: modifiers
- **Border Visibility**: Enhanced border colors for better visibility in dark mode across KYC components
- **Text Contrast**: Improved text color contrast for better readability in dark mode interfaces
- **Error Alerts**: Fixed unreadable error alerts in dark mode by replacing harsh red colors with orange color scheme

### Translation Management Tools
- **Missing Translation Finder**: Created comprehensive tool to find missing translation keys across the codebase
- **Namespace Handling**: Fixed namespace detection to properly match useTranslations("namespace") with nested keys
- **False Positive Reduction**: Reduced false positives from 4990 to 18 by improving pattern matching and folder filtering
- **Folder Filtering**: Added ability to skip irrelevant folders (public) and scan only relevant code directories
- **Key Addition Interface**: Implemented UI for selecting and adding missing translation keys with editable values

### WebSocket Manager
- **Method Error**: Fixed "this.stopHeartbeat is not a function" error in WebSocket manager close method
- **Connection Cleanup**: Added proper cleanup of reconnect timeouts and associated data structures on connection close
- **Memory Leak Prevention**: Enhanced cleanup to prevent memory leaks by clearing subscriptions and message queues
- **Deposit Form**: Fixed WebSocket connection errors when navigating away from the deposit page

### NFT and WebSocket Fixes
- **NFT Gas Calculator**: Fixed API endpoint URLs removing incorrect /ext prefix from NFT gas calculation requests
- **NFT Market WebSocket**: Corrected WebSocket handler paths for proper NFT market real-time updates
- **Middleware Routes**: Fixed rate limiting middleware paths to properly handle (ext) folder structure

## Added

### KYC Management Scripts
- **fix-kyc-level-3-features.js**: Script to ensure KYC level 3 has all platform features configured
- **upgrade-user-to-kyc-level-3.js**: Script to upgrade specific users to KYC level 3 with full access
- **check-user-features.js**: Diagnostic script to check what features users have and identify issues
- **check-and-fix-kyc-config.js**: Comprehensive script to diagnose and fix KYC configuration issues

### Translation Management Features
- **Find Missing Translations Tool**: New tool in translation manager to identify missing translation keys
- **Bulk Key Addition**: Ability to add multiple missing translation keys at once with editable values
- **Translation Statistics**: Display of translation key usage statistics across the codebase
- **Orphaned Key Detection**: Identification of translation keys that exist but are not used in code

## Enhanced

### KYC System Improvements
- **Feature Access Logic**: Enhanced hasFeature() function to better handle various KYC configurations
- **Level Detection**: Improved KYC level detection with multiple fallback mechanisms
- **Case Sensitivity**: Fixed case sensitivity issues with feature names in KYC checks
- **Debug Logging**: Added comprehensive debug logging for KYC verification troubleshooting

### Translation Detection System
- **Namespace Support**: Enhanced pattern matching to properly handle namespaced translation keys
- **File Scanning**: Improved file scanning to process only relevant directories (app, components, store, hooks, lib, utils)
- **Pattern Accuracy**: Enhanced regex patterns for more accurate translation key detection
- **Performance**: Optimized scanning performance by reducing unnecessary file reads

### WebSocket Connection Management
- **Reconnect Logic**: Improved reconnection handling with exponential backoff
- **Connection Status**: Enhanced connection status tracking and notification system
- **Message Queueing**: Improved message queueing for better handling of messages during reconnection
- **Error Recovery**: Enhanced error recovery mechanisms for more stable connections

### Code Quality & Consistency
- **TypeScript Types**: Enhanced type safety across various modules
- **Error Boundaries**: Implemented error boundaries to prevent cascading failures
- **Console Debugging**: Added comprehensive console logging for debugging
- **Code Organization**: Improved code structure with separated concerns

### Performance Optimizations
- **API Call Reduction**: Reduced redundant API calls by implementing proper caching strategies
- **Lazy Loading**: Enhanced components with lazy loading for improved initial page load
- **Memory Management**: Improved memory management in WebSocket connections
- **Resource Cleanup**: Enhanced resource cleanup on component unmount

## Summary

Version 5.4.8 focuses on core system improvements including comprehensive KYC verification fixes, translation management tools, dark mode UI enhancements, and WebSocket stability improvements. The update includes powerful diagnostic scripts for KYC management, a new translation finder tool that dramatically reduces false positives, and critical fixes for WebSocket connection handling. These improvements ensure better system stability, improved developer tools, and enhanced user experience across the platform.

## Bug Fixes

### KYC Verification Services
#### Verification Service Errors
- **Fixed** TypeError "Cannot read properties of undefined (reading 'length')" when accessing verification services
- **Added** proper null checks and defensive programming for missingEnvVars
- **Resolved** undefined access errors with proper initialization

#### Dark Mode Support
- **Fixed** unreadable alert colors in dark mode across all verification service alerts
- **Enhanced** color contrast for better visibility in dark theme
- **Improved** text readability with proper dark mode utility classes

#### DeepSeek Integration
- **Restored** DeepSeek verification service functionality
- **Added** checkDeepSeekEnv() function for environment variable validation
- **Implemented** checkDeepSeekConnection() with proper rate limit handling
- **Fixed** rate limit (429) responses to correctly indicate valid API key
- **Created** two verification templates for DeepSeek service:
- Document Verification template for AI-powered document analysis
- Enhanced AI Verification template with comprehensive fraud detection

#### TypeScript Errors
- **Fixed** "Cannot find name 'User'" error in kyc.ts
- **Added** User interface definition with proper type declarations

### Staking Module
#### Pool Management
- **Fixed** pool edit page not loading existing values
- **Corrected** parameter extraction from 'poolId' to 'id' in URL
- **Added** proper data fetching sequence with fetchPools before getPoolById
- **Implemented** loading state while fetching pool data

#### Error Handling
- **Added** comprehensive error UI for pool detail pages
- **Implemented** "Pool Not Found" UI with user-friendly message
- **Added** retry functionality for failed pool loads
- **Included** cleanup effect to clear state on component unmount

#### Navigation
- **Removed** non-existent Analytics page from admin staking menu
- **Cleaned** navigation array to prevent 404 errors

### System Settings
#### Initialization Issues
- **Fixed** settings showing as disabled until value change
- **Simplified** initial state management for draftSettings
- **Corrected** useEffect conditions for proper setting updates
- **Enhanced** Switch component boolean value handling for "1" and 1 values

### Binary Options
#### Trading Pair Configuration
- **Fixed** "Error configuring trading pair" with missing metadata
- **Implemented** complete PUT endpoint with OpenAPI documentation
- **Added** request body validation using BinaryMarketUpdateSchema
- **Corrected** updateRecord function signature usage

### Email System
#### Sender Configuration
- **Added** APP_EMAIL_SENDER_NAME environment variable support
- **Implemented** formatted sender display: "Sender Name <email@address.com>"
- **Updated** all email providers (SMTP, Service, SendGrid, Local)
- **Fixed** hard-coded "no-reply" sender issue

#### Template Design
- **Redesigned** email template with modern gradient header
- **Added** animated background pattern for visual appeal
- **Implemented** professional typography with system fonts
- **Enhanced** layout with proper spacing and visual hierarchy
- **Added** support for:
- Code blocks with syntax highlighting styles
- Info cards for important messages
- Alert styles (success, warning, error, info)
- **Implemented** responsive design for all devices
- **Added** dark mode support for compatible email clients
- **Improved** footer with Help Center, Contact, Privacy, and Terms links

### Blog Management
#### Post Creation
- **Fixed** "resource not found" error when creating blog posts
- **Resolved** status enum mismatch by removing invalid "TRASH" status
- **Corrected** author creation schema issues:
- Separated authorCreateSchema (with userId) from authorUpdateSchema (status only)
- Fixed schema validation for POST endpoint
- Updated endpoint to use correct schema

## Performance Improvements

### State Management
#### Settings Page Optimization
- **Optimized** initialization patterns reducing unnecessary re-renders
- **Improved** useEffect dependencies for better performance
- **Simplified** state update logic in settings components

### Error Handling
#### Resilience Improvements
- **Added** error boundaries across multiple components
- **Implemented** graceful fallbacks for missing data
- **Enhanced** retry mechanisms with exponential backoff

## Technical Improvements

### Code Quality
#### TypeScript Enhancements
- **Resolved** multiple TypeScript errors across modules
- **Added** proper interface definitions where missing
- **Improved** type safety in API endpoints

#### Schema Validation
- **Fixed** request/response schema inconsistencies
- **Aligned** database models with API schemas
- **Improved** validation error messages

### API Documentation
#### OpenAPI Improvements
- **Added** missing metadata to multiple endpoints
- **Enhanced** permission checks across blog and binary options
- **Improved** endpoint descriptions and examples

## UI/UX Improvements

### Dark Mode Enhancements
- **Fixed** color contrast issues system-wide
- **Improved** readability in all dark mode components
- **Added** proper theme detection and switching

### User Experience
- **Enhanced** error messages with actionable retry options
- **Improved** loading states with skeleton screens
- **Added** success feedback for user actions
- **Implemented** form resilience for missing optional data

## Configuration Updates

### Environment Variables
- **Added** APP_EMAIL_SENDER_NAME to .env.example
- **Updated** email configuration documentation
- **Enhanced** environment variable validation

### Database Schema
- **Aligned** enum values between models and schemas
- **Fixed** foreign key constraints in blog tables
- **Improved** cascade delete operations

## Technical Details

### Files Modified

#### Frontend
##### KYC Module
- `frontend/app/[locale]/(dashboard)/admin/crm/kyc/components/level-builder/verification-services-view.tsx`
- Added null checks and error handling
- Implemented dark mode colors
- Added DeepSeek templates

- `frontend/utils/kyc.ts`
- Added User interface definition

##### Staking Module
- `frontend/app/[locale]/(ext)/admin/staking/pool/components/pool-form-page.tsx`
- Fixed parameter extraction
- Added data loading sequence

- `frontend/app/[locale]/(ext)/staking/pool/[id]/client.tsx`
- Added error handling UI
- Implemented cleanup effects

- `frontend/app/[locale]/(ext)/admin/staking/components/navbar.tsx`
- Removed Analytics menu item

##### Settings
- `frontend/app/[locale]/(dashboard)/admin/system/settings/page.tsx`
- Fixed initialization logic
- Improved state management

- `frontend/app/[locale]/(dashboard)/admin/system/settings/components/field.tsx`
- Enhanced boolean handling

#### Backend
##### Binary Options
- `backend/src/api/admin/finance/binary/market/[id]/index.put.ts`
- Added complete endpoint implementation
- Fixed updateRecord usage

##### Email System
- `backend/src/utils/mailer.ts`
- Added sender name configuration
- Updated all provider implementations

- `backend/email/templates/generalTemplate.html`
- Complete template redesign
- Added responsive styles

##### Blog Management
- `backend/src/api/admin/blog/post/utils.ts`
- Fixed status enum values

- `backend/src/api/admin/blog/author/utils.ts`
- Separated create and update schemas

- `backend/src/api/admin/blog/author/index.post.ts`
- Updated to use correct schema

##### KYC Services
- `backend/src/api/admin/crm/kyc/service/[id]/check-env.get.ts`
- Added DeepSeek support

- `backend/src/api/admin/crm/kyc/service/[id]/check-connection.get.ts`
- Implemented rate limit handling

## Impact
- **KYC administrators** can now properly configure and test verification services
- **Content creators** can create blog posts without schema errors
- **System administrators** see settings values immediately on page load
- **Email recipients** receive professionally formatted emails with proper sender identification
- **Staking users** experience better error handling and data loading
- **Overall system** stability improved with comprehensive error handling

## Migration Notes
- Add APP_EMAIL_SENDER_NAME to your .env file for custom email sender names
- No database migrations required
- All changes are backward compatible
- Updates take effect immediately after deployment

## Bug Fixes

### Authentication - reCAPTCHA v3 Fixes
#### Backend
- **Fixed** reCAPTCHA token validation error in login endpoint
- **Added** missing validation check for recaptchaToken in `verifyRecaptchaOrThrow` function
- **Resolved** "Recaptcha Token is required" schema validation error
- **Fixed** environment variable loading timing issue - now checks reCAPTCHA status at runtime
- **Updated** schema to make recaptchaToken always nullable, validating in handler instead
- **Fixed** incorrect environment variable name in `verifyRecaptcha` function (was using `GOOGLE_RECAPTCHA_SECRET_KEY` instead of `NEXT_PUBLIC_GOOGLE_RECAPTCHA_SECRET_KEY`)
- **Added** better error logging in reCAPTCHA verification
- **Ensured** consistent error handling across all authentication endpoints (login, register, reset)

#### Frontend
- **Improved** reCAPTCHA v3 script loading with retry mechanism
- **Added** wait logic to ensure grecaptcha object is available before executing
- **Fixed** race condition where auth modal opens before reCAPTCHA script is loaded
- **Fixed** logic to always send recaptchaToken when reCAPTCHA is enabled
- **Enhanced** error messages for better user feedback when reCAPTCHA fails
- **Added** console logging for debugging reCAPTCHA loading issues
- **Prevented** duplicate script loading when multiple auth forms are present

### Investment Display Issues
- **Fixed** multiple active investment plans not showing on user dashboard
- **Fixed** investment history only displaying one active investment instead of all
- **Updated** API endpoints to return all active investments instead of just one
- **Changed** `findOne` to `findAll` in investment retrieval functions
- **Improved** user experience by showing complete investment portfolio

## Technical Details

### Files Modified

#### Backend

##### Authentication Endpoints
- `backend/src/api/auth/login/index.post.ts`
- Added validation check for recaptchaToken in `verifyRecaptchaOrThrow` function (lines 131-136)
- Ensures proper error message when reCAPTCHA token is missing

##### Frontend Auth Components
- `frontend/components/auth/login-form.tsx`
- Added retry mechanism for reCAPTCHA loading (lines 158-181)
- Improved error handling and user feedback
- Enhanced script loading detection

- `frontend/components/auth/register-form.tsx`
- Applied same reCAPTCHA loading improvements
- Added wait logic and retry mechanism

- `frontend/components/auth/forgot-password-form.tsx`
- Updated reCAPTCHA handling consistency
- Added debugging logs and better error messages

##### Investment Endpoints
- `backend/src/api/finance/investment/user.get.ts`
- Changed `getUserInvestment` function from `findOne` to `findAll` (line 64)
- Updated return type to handle array of investments
- Modified error handling for multiple investments

- `backend/src/api/finance/investment/index.get.ts`
- Updated `getActiveInvestment` function to use `findAll` (line 133)
- Fixed return value to map over all active investments
- Enhanced response handling for multiple investments

## Impact
- **Users** can now see all their active investment plans on the dashboard
- **Investment history** properly displays all active investments
- **Portfolio management** improved with complete visibility of all investments

## Migration Notes
- No database migrations required
- Changes are backward compatible
- Frontend already supports array handling

Addons updated + Bugs fixed

## New Features

### CSV Import/Export for User Management
- **Added** bulk user import functionality via CSV file upload
- **Added** user export to CSV for data backup and migration
- **Implemented** comprehensive CSV validation and error reporting
- **Added** downloadable CSV template with example data
- **Support** for all user fields including profile and social data

### Exchange Market Fee Management
- **Added** ability to edit taker and maker fees for spot markets
- **Added** editable fields for market trending and hot flags
- **Added** precision configuration for price and amount decimals
- **Enhanced** exchange market management interface similar to ecosystem markets

## Feature Details

### User CSV Import Features
- **Validation** for required fields (email, firstName, lastName)
- **Duplicate detection** prevents creating users with existing emails
- **Configurable default password** for imported users without passwords
- **Optional welcome email** sending to newly imported users
- **Detailed error reporting** with row numbers and specific error messages
- **Support for profile data** including bio, location, and social media links
- **Flexible boolean parsing** accepts true/false, yes/no, 1/0 formats
- **Batch processing** with transaction support for data integrity

### User CSV Export Features
- **Export filters** by user status (ACTIVE, INACTIVE, BANNED, SUSPENDED)
- **Optional password export** (encrypted) for migration purposes
- **Complete data export** including all profile and social fields
- **Auto-generated filename** with current date
- **CSV format** compatible with import template

### Exchange Market Enhancements
- **Editable fee structure**:
- Taker fee percentage
- Maker fee percentage
- **Market configuration**:
- Currency and pair editing
- Trending and hot market flags
- Price and amount precision settings
- **API improvements**:
- Fixed permission scope from ecosystem to exchange
- Updated operation IDs and tags for proper categorization

## Technical Details

### Files Added
- `backend/src/api/admin/crm/user/import.post.ts` - CSV import endpoint
- `backend/src/api/admin/crm/user/export-csv.get.ts` - CSV export endpoint
- `frontend/public/templates/users_import_template.csv` - Sample CSV template

### Files Modified
- `frontend/app/[locale]/(dashboard)/admin/crm/user/page.tsx` - Added import/export UI
- `frontend/app/[locale]/(dashboard)/admin/finance/exchange/[id]/market/columns.tsx` - Enhanced market fee editing
- `backend/src/api/admin/finance/exchange/market/[id]/index.put.ts` - Fixed permissions and expanded update fields
- `backend/src/api/admin/finance/exchange/market/utils.ts` - Added currency/pair to update schema

### Dependencies Added
- `csv-parse` - For parsing CSV files during import
- `csv-stringify` - For generating CSV files during export

## CSV Import Format

### Required Fields
- `email` - User's email address (must be unique)
- `firstName` - User's first name
- `lastName` - User's last name

### Optional Fields
- `password` - User password (uses default if not provided)
- `phone` - Phone number
- `status` - ACTIVE, INACTIVE, BANNED, or SUSPENDED
- `emailVerified` - Email verification status
- `twoFactor` - Two-factor authentication enabled
- `roleId` - User role identifier
- `avatar` - Avatar URL

### Profile Fields
- `bio` - User biography
- `address` - Street address
- `city` - City name
- `country` - Country name
- `zip` - Postal code

### Social Media Fields
- `facebook` - Facebook profile URL
- `twitter` - Twitter profile URL
- `instagram` - Instagram profile URL
- `github` - GitHub profile URL
- `dribbble` - Dribbble profile URL
- `gitlab` - GitLab profile URL

## Impact
- **Administrators** can now bulk import users from external systems
- **Data migration** simplified with CSV export/import functionality
- **Exchange operators** have full control over market fee structures
- **Improved efficiency** for managing large user bases
- **Better alignment** between exchange and ecosystem market management

## Permissions
New permissions added for granular control:
- `import.user` - Required to import users from CSV
- `export.user` - Required to export users to CSV

These permissions are separate from the standard `create.user` and `view.user` permissions, allowing administrators to control who can perform bulk operations.

## Security Considerations
- Passwords are hashed using bcrypt before storage
- CSV imports validate all data before database insertion
- Import/Export require specific admin permissions (`import.user` and `export.user`)
- Import and Export buttons are only visible to users with appropriate permissions
- File upload size limits prevent abuse
- Detailed audit trail for bulk operations

## Known Limitations
- CSV files must be UTF-8 encoded
- Maximum file size depends on server configuration
- Welcome emails require email service configuration
- Large imports may take several seconds to process

## Migration Guide
For users upgrading from previous versions:
1. Run database migrations if any schema changes
2. Run the permissions seeder to add new permissions: `npm run seedermissions`
3. Update frontend and backend dependencies with `pnpm install`
4. Restart both frontend and backend services
5. Assign `import.user` and `export.user` permissions to appropriate roles
6. Test import functionality with the provided template