When setting up JWT authentication with RS256 keys, be aware of these issues:
- RS256 tokens are signed with private key
- RS256 tokens are verified with public key
- Use
JWT_PUBLIC_KEYenv var, notJWT_PRIVATE_KEY
- RDS uses
RSA PUBLIC KEYformat (PKCS#1):-----BEGIN RSA PUBLIC KEY----- joselibrary expectsPUBLIC KEYformat (SPKI):-----BEGIN PUBLIC KEY------ Solution: Convert using Node's crypto module:
import { createPublicKey } from 'crypto'; const keyObject = createPublicKey({ key: publicKeyPem, format: 'pem' }); const spkiKey = keyObject.export({ type: 'spki', format: 'pem' });
- PEM keys are multiline
- Next.js may not parse multiline
.env.localvalues correctly - Option A: Use single line with escaped newlines:
JWT_PUBLIC_KEY="-----BEGIN RSA PUBLIC KEY-----\nMIIBCg...\n-----END RSA PUBLIC KEY-----" - Option B: Store key in a file and read it at runtime
Apply Refactoring UI principles from docs/DESIGN.md to each page.
| Breakpoint | Width | Tailwind | Layout |
|---|---|---|---|
| Mobile | < 768px | Default | Single column, stacked cards |
| Tablet | 768px - 1279px | md: |
Two columns, collapsible panels |
| Desktop | >= 1280px | lg: / xl: |
Full layout with sidebars |
All pages have been converted to follow Refactoring UI principles:
- ✅ Tasks Page
/tasks - ✅ Members Page
/members - ✅ OOO Page
/ooo - ✅ Member Profile
/member/[id] - ✅ RDS Dashboard
/rds - ✅ Login Page
/login
- Mobile: horizontal scroll or dropdown
- Active filter indicator
- Responsive column hiding on tablet
- Hover states where clickable
For each page conversion, verify:
- Typography - Weight/color hierarchy, not just size (§1-3)
- Spacing - Consistent scale (§9)
- Mobile first - Cards for mobile, tables for desktop
- Touch targets - 44x44px minimum (§8)
- Empty states - Animated icons + helpful text
- Loading states - Animated loader
- Status badges - Border style, consistent colors (§6)
- Buttons - Primary/secondary/tertiary hierarchy (§5)
- Labels - De-emphasize or remove redundant labels (§14)
- Line length - max-w-prose for text blocks (§10)