From 0190a0497c7d3e2853de81a9e98ad0f65226b78e Mon Sep 17 00:00:00 2001
From: root <root@vps-72ac8e18.vps.ovh.net>
Date: Thu, 29 Jan 2026 20:59:25 +0000
Subject: [PATCH] Update dashboard community links to use env vars, add deploy
 configs

- Dashboard community links now use .env values like community page
- Removed hardcoded social media URLs from dashboard
- Added deploy folder with nginx and systemd service configs
- Moved linktree page to public route
- Various backend and auth context updates
---
 backend/package.json                          |  2 +-
 backend/src/index.ts                          | 12 ++-
 deploy/back-end_nginx.conf                    | 81 +++++++++++++++++
 deploy/front-end_nginx.conf                   | 90 +++++++++++++++++++
 deploy/spanglish-backend.service              | 29 ++++++
 deploy/spanglish-frontend.service             | 28 ++++++
 deploy/spanglish_upstreams.conf               |  7 ++
 frontend/src/app/(public)/dashboard/page.tsx  | 90 +++++++++++--------
 frontend/src/app/(public)/page.tsx            |  2 +-
 .../src/app/{(public) => }/linktree/page.tsx  |  0
 frontend/src/context/AuthContext.tsx          | 10 ++-
 11 files changed, 302 insertions(+), 49 deletions(-)
 create mode 100644 deploy/back-end_nginx.conf
 create mode 100644 deploy/front-end_nginx.conf
 create mode 100644 deploy/spanglish-backend.service
 create mode 100644 deploy/spanglish-frontend.service
 create mode 100644 deploy/spanglish_upstreams.conf
 rename frontend/src/app/{(public) => }/linktree/page.tsx (100%)

diff --git a/backend/package.json b/backend/package.json
index d39ed96..9bf1856 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -5,7 +5,7 @@
   "scripts": {
     "dev": "tsx watch src/index.ts",
     "build": "tsc",
-    "start": "node dist/index.js",
+    "start": "NODE_ENV=production node dist/index.js",
     "db:generate": "drizzle-kit generate",
     "db:migrate": "tsx src/db/migrate.ts",
     "db:studio": "drizzle-kit studio"
diff --git a/backend/src/index.ts b/backend/src/index.ts
index 402c1b4..19db9d6 100644
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@@ -25,10 +25,14 @@ const app = new Hono();
 
 // Middleware
 app.use('*', logger());
-app.use('*', cors({
-  origin: process.env.FRONTEND_URL || 'http://localhost:3002',
-  credentials: true,
-}));
+
+// CORS: Only enable in development. In production, nginx handles CORS.
+if (process.env.NODE_ENV !== 'production') {
+  app.use('*', cors({
+    origin: process.env.FRONTEND_URL || 'http://localhost:3002',
+    credentials: true,
+  }));
+}
 
 // OpenAPI specification
 const openApiSpec = {
diff --git a/deploy/back-end_nginx.conf b/deploy/back-end_nginx.conf
new file mode 100644
index 0000000..cb39bb3
--- /dev/null
+++ b/deploy/back-end_nginx.conf
@@ -0,0 +1,81 @@
+# ============================================================
+# Spanglish Community - Backend API
+# api.spanglishcommunity.com
+# ============================================================
+
+server {
+    listen 80;
+    server_name api.spanglishcommunity.com;
+
+    # ACME
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+    }
+
+    # Force HTTPS
+    location / {
+        return 301 https://api.spanglishcommunity.com$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    http2 on;
+
+    server_name api.spanglishcommunity.com;
+
+    # SSL
+    ssl_certificate /etc/letsencrypt/live/spanglishcommunity.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/spanglishcommunity.com/privkey.pem;
+
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    # Security (API)
+    add_header X-Frame-Options "DENY" always;
+    add_header X-Content-Type-Options "nosniff" always;
+
+    # Logs
+    access_log /var/log/nginx/spanglish_api_access.log;
+    error_log  /var/log/nginx/spanglish_api_error.log;
+
+    location / {
+        limit_req zone=spanglish_api_limit burst=50 nodelay;
+
+        # CORS Configuration
+        set $cors_origin "";
+        if ($http_origin ~* "^https://(www\.)?spanglishcommunity\.com$") {
+            set $cors_origin $http_origin;
+        }
+
+        # Handle preflight OPTIONS requests
+        if ($request_method = 'OPTIONS') {
+            add_header 'Access-Control-Allow-Origin' $cors_origin always;
+            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
+            add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
+            add_header 'Access-Control-Allow-Credentials' 'true' always;
+            add_header 'Access-Control-Max-Age' 86400 always;
+            add_header 'Content-Type' 'text/plain; charset=utf-8';
+            add_header 'Content-Length' 0;
+            return 204;
+        }
+
+        # Add CORS headers to all responses
+        add_header 'Access-Control-Allow-Origin' $cors_origin always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+
+        proxy_pass http://spanglish_backend;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_read_timeout 300s;
+        proxy_connect_timeout 300s;
+    }
+}
diff --git a/deploy/front-end_nginx.conf b/deploy/front-end_nginx.conf
new file mode 100644
index 0000000..3a2771c
--- /dev/null
+++ b/deploy/front-end_nginx.conf
@@ -0,0 +1,90 @@
+# ============================================================
+# Spanglish Community - Frontend
+# spanglishcommunity.com / www
+# ============================================================
+
+server {
+    listen 80;
+    server_name spanglishcommunity.com www.spanglishcommunity.com;
+
+    # ACME
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+    }
+
+    # Force HTTPS
+    location / {
+        return 301 https://spanglishcommunity.com$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    http2 on;
+
+    server_name spanglishcommunity.com www.spanglishcommunity.com;
+
+    # SSL
+    ssl_certificate /etc/letsencrypt/live/spanglishcommunity.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/spanglishcommunity.com/privkey.pem;
+
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    # Security
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+
+    # Logs
+    access_log /var/log/nginx/spanglish_frontend_access.log;
+    error_log  /var/log/nginx/spanglish_frontend_error.log;
+
+    # Proxy /api to backend
+    location /api {
+        proxy_pass http://spanglish_backend;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_read_timeout 300s;
+        proxy_connect_timeout 300s;
+    }
+
+    # Proxy /uploads to backend
+    location /uploads {
+        proxy_pass http://spanglish_backend;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # Cache static files
+        proxy_cache_valid 200 1d;
+        expires 1d;
+        add_header Cache-Control "public, immutable";
+    }
+
+    # Frontend App
+    location / {
+        proxy_pass http://spanglish_frontend;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # WebSocket / HMR
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+
+        proxy_read_timeout 60s;
+        proxy_connect_timeout 60s;
+    }
+}
diff --git a/deploy/spanglish-backend.service b/deploy/spanglish-backend.service
new file mode 100644
index 0000000..5f44099
--- /dev/null
+++ b/deploy/spanglish-backend.service
@@ -0,0 +1,29 @@
+[Unit]
+Description=Spanglish Backend API
+Documentation=https://github.com/spanglish/Spanglish
+After=network.target
+
+[Service]
+Type=simple
+User=spanglish
+Group=spanglish
+WorkingDirectory=/home/spanglish/Spanglish/backend
+Environment=NODE_ENV=production
+Environment=PORT=3018
+EnvironmentFile=/home/spanglish/Spanglish/backend/.env
+ExecStart=/usr/bin/node dist/index.js
+Restart=on-failure
+RestartSec=10
+StandardOutput=syslog
+StandardError=syslog
+SyslogIdentifier=spanglish-backend
+
+# Security hardening
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=read-only
+ReadWritePaths=/home/spanglish/Spanglish/backend/uploads /home/spanglish/Spanglish/backend/data
+
+[Install]
+WantedBy=multi-user.target
diff --git a/deploy/spanglish-frontend.service b/deploy/spanglish-frontend.service
new file mode 100644
index 0000000..adbd442
--- /dev/null
+++ b/deploy/spanglish-frontend.service
@@ -0,0 +1,28 @@
+[Unit]
+Description=Spanglish Frontend (Next.js)
+Documentation=https://github.com/spanglish/Spanglish
+After=network.target spanglish-backend.service
+
+[Service]
+Type=simple
+User=spanglish
+Group=spanglish
+WorkingDirectory=/home/spanglish/Spanglish/frontend
+Environment=NODE_ENV=production
+Environment=PORT=3019
+EnvironmentFile=/home/spanglish/Spanglish/frontend/.env
+ExecStart=/usr/bin/npx next start -p 3019
+Restart=on-failure
+RestartSec=10
+StandardOutput=syslog
+StandardError=syslog
+SyslogIdentifier=spanglish-frontend
+
+# Security hardening
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=read-only
+
+[Install]
+WantedBy=multi-user.target
diff --git a/deploy/spanglish_upstreams.conf b/deploy/spanglish_upstreams.conf
new file mode 100644
index 0000000..26b2462
--- /dev/null
+++ b/deploy/spanglish_upstreams.conf
@@ -0,0 +1,7 @@
+upstream spanglish_frontend {
+    server 127.0.0.1:3019;
+}
+
+upstream spanglish_backend {
+    server 127.0.0.1:3018;
+}
\ No newline at end of file
diff --git a/frontend/src/app/(public)/dashboard/page.tsx b/frontend/src/app/(public)/dashboard/page.tsx
index 468f180..6eefb25 100644
--- a/frontend/src/app/(public)/dashboard/page.tsx
+++ b/frontend/src/app/(public)/dashboard/page.tsx
@@ -9,6 +9,12 @@ import Button from '@/components/ui/Button';
 import { dashboardApi, DashboardSummary, NextEventInfo, UserTicket, UserPayment } from '@/lib/api';
 import toast from 'react-hot-toast';
 import Link from 'next/link';
+import { 
+  socialConfig, 
+  getWhatsAppUrl, 
+  getInstagramUrl, 
+  getTelegramUrl 
+} from '@/lib/socialLinks';
 
 // Tab components
 import TicketsTab from './components/TicketsTab';
@@ -364,45 +370,51 @@ function OverviewTab({
           {language === 'es' ? 'Comunidad' : 'Community'}
         </h3>
         <div className="grid grid-cols-1 md:grid-cols-3 gap-4">
-          <a
-            href="https://wa.me/your-number"
-            target="_blank"
-            rel="noopener noreferrer"
-            className="flex items-center gap-3 p-3 bg-green-50 rounded-lg hover:bg-green-100 transition-colors"
-          >
-            <div className="w-10 h-10 bg-green-500 rounded-full flex items-center justify-center">
-              <svg className="w-5 h-5 text-white" fill="currentColor" viewBox="0 0 24 24">
-                <path d="M17.472 14.382c-.297-.149-1.758-.867-2.03-.967-.273-.099-.471-.148-.67.15-.197.297-.767.966-.94 1.164-.173.199-.347.223-.644.075-.297-.15-1.255-.463-2.39-1.475-.883-.788-1.48-1.761-1.653-2.059-.173-.297-.018-.458.13-.606.134-.133.298-.347.446-.52.149-.174.198-.298.298-.497.099-.198.05-.371-.025-.52-.075-.149-.669-1.612-.916-2.207-.242-.579-.487-.5-.669-.51-.173-.008-.371-.01-.57-.01-.198 0-.52.074-.792.372-.272.297-1.04 1.016-1.04 2.479 0 1.462 1.065 2.875 1.213 3.074.149.198 2.096 3.2 5.077 4.487.709.306 1.262.489 1.694.625.712.227 1.36.195 1.871.118.571-.085 1.758-.719 2.006-1.413.248-.694.248-1.289.173-1.413-.074-.124-.272-.198-.57-.347m-5.421 7.403h-.004a9.87 9.87 0 01-5.031-1.378l-.361-.214-3.741.982.998-3.648-.235-.374a9.86 9.86 0 01-1.51-5.26c.001-5.45 4.436-9.884 9.888-9.884 2.64 0 5.122 1.03 6.988 2.898a9.825 9.825 0 012.893 6.994c-.003 5.45-4.437 9.884-9.885 9.884m8.413-18.297A11.815 11.815 0 0012.05 0C5.495 0 .16 5.335.157 11.892c0 2.096.547 4.142 1.588 5.945L.057 24l6.305-1.654a11.882 11.882 0 005.683 1.448h.005c6.554 0 11.89-5.335 11.893-11.893a11.821 11.821 0 00-3.48-8.413z"/>
-              </svg>
-            </div>
-            <span className="font-medium">WhatsApp Group</span>
-          </a>
-          <a
-            href="https://instagram.com/spanglish"
-            target="_blank"
-            rel="noopener noreferrer"
-            className="flex items-center gap-3 p-3 bg-pink-50 rounded-lg hover:bg-pink-100 transition-colors"
-          >
-            <div className="w-10 h-10 bg-gradient-to-r from-purple-500 to-pink-500 rounded-full flex items-center justify-center">
-              <svg className="w-5 h-5 text-white" fill="currentColor" viewBox="0 0 24 24">
-                <path d="M12 2.163c3.204 0 3.584.012 4.85.07 3.252.148 4.771 1.691 4.919 4.919.058 1.265.069 1.645.069 4.849 0 3.205-.012 3.584-.069 4.849-.149 3.225-1.664 4.771-4.919 4.919-1.266.058-1.644.07-4.85.07-3.204 0-3.584-.012-4.849-.07-3.26-.149-4.771-1.699-4.919-4.92-.058-1.265-.07-1.644-.07-4.849 0-3.204.013-3.583.07-4.849.149-3.227 1.664-4.771 4.919-4.919 1.266-.057 1.645-.069 4.849-.069zm0-2.163c-3.259 0-3.667.014-4.947.072-4.358.2-6.78 2.618-6.98 6.98-.059 1.281-.073 1.689-.073 4.948 0 3.259.014 3.668.072 4.948.2 4.358 2.618 6.78 6.98 6.98 1.281.058 1.689.072 4.948.072 3.259 0 3.668-.014 4.948-.072 4.354-.2 6.782-2.618 6.979-6.98.059-1.28.073-1.689.073-4.948 0-3.259-.014-3.667-.072-4.947-.196-4.354-2.617-6.78-6.979-6.98-1.281-.059-1.69-.073-4.949-.073zm0 5.838c-3.403 0-6.162 2.759-6.162 6.162s2.759 6.163 6.162 6.163 6.162-2.759 6.162-6.163c0-3.403-2.759-6.162-6.162-6.162zm0 10.162c-2.209 0-4-1.79-4-4 0-2.209 1.791-4 4-4s4 1.791 4 4c0 2.21-1.791 4-4 4zm6.406-11.845c-.796 0-1.441.645-1.441 1.44s.645 1.44 1.441 1.44c.795 0 1.439-.645 1.439-1.44s-.644-1.44-1.439-1.44z"/>
-              </svg>
-            </div>
-            <span className="font-medium">Instagram</span>
-          </a>
-          <Link
-            href="/community"
-            className="flex items-center gap-3 p-3 bg-blue-50 rounded-lg hover:bg-blue-100 transition-colors"
-          >
-            <div className="w-10 h-10 bg-secondary-blue rounded-full flex items-center justify-center">
-              <svg className="w-5 h-5 text-white" fill="none" stroke="currentColor" viewBox="0 0 24 24">
-                <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M17 20h5v-2a3 3 0 00-5.356-1.857M17 20H7m10 0v-2c0-.656-.126-1.283-.356-1.857M7 20H2v-2a3 3 0 015.356-1.857M7 20v-2c0-.656.126-1.283.356-1.857m0 0a5.002 5.002 0 019.288 0M15 7a3 3 0 11-6 0 3 3 0 016 0zm6 3a2 2 0 11-4 0 2 2 0 014 0zM7 10a2 2 0 11-4 0 2 2 0 014 0z" />
-              </svg>
-            </div>
-            <span className="font-medium">
-              {language === 'es' ? 'Comunidad' : 'Community Page'}
-            </span>
-          </Link>
+          {getWhatsAppUrl(socialConfig.whatsapp) && (
+            <a
+              href={getWhatsAppUrl(socialConfig.whatsapp)!}
+              target="_blank"
+              rel="noopener noreferrer"
+              className="flex items-center gap-3 p-3 bg-green-50 rounded-lg hover:bg-green-100 transition-colors"
+            >
+              <div className="w-10 h-10 bg-green-500 rounded-full flex items-center justify-center">
+                <svg className="w-5 h-5 text-white" fill="currentColor" viewBox="0 0 24 24">
+                  <path d="M17.472 14.382c-.297-.149-1.758-.867-2.03-.967-.273-.099-.471-.148-.67.15-.197.297-.767.966-.94 1.164-.173.199-.347.223-.644.075-.297-.15-1.255-.463-2.39-1.475-.883-.788-1.48-1.761-1.653-2.059-.173-.297-.018-.458.13-.606.134-.133.298-.347.446-.52.149-.174.198-.298.298-.497.099-.198.05-.371-.025-.52-.075-.149-.669-1.612-.916-2.207-.242-.579-.487-.5-.669-.51-.173-.008-.371-.01-.57-.01-.198 0-.52.074-.792.372-.272.297-1.04 1.016-1.04 2.479 0 1.462 1.065 2.875 1.213 3.074.149.198 2.096 3.2 5.077 4.487.709.306 1.262.489 1.694.625.712.227 1.36.195 1.871.118.571-.085 1.758-.719 2.006-1.413.248-.694.248-1.289.173-1.413-.074-.124-.272-.198-.57-.347m-5.421 7.403h-.004a9.87 9.87 0 01-5.031-1.378l-.361-.214-3.741.982.998-3.648-.235-.374a9.86 9.86 0 01-1.51-5.26c.001-5.45 4.436-9.884 9.888-9.884 2.64 0 5.122 1.03 6.988 2.898a9.825 9.825 0 012.893 6.994c-.003 5.45-4.437 9.884-9.885 9.884m8.413-18.297A11.815 11.815 0 0012.05 0C5.495 0 .16 5.335.157 11.892c0 2.096.547 4.142 1.588 5.945L.057 24l6.305-1.654a11.882 11.882 0 005.683 1.448h.005c6.554 0 11.89-5.335 11.893-11.893a11.821 11.821 0 00-3.48-8.413z"/>
+                </svg>
+              </div>
+              <span className="font-medium">WhatsApp</span>
+            </a>
+          )}
+          {getInstagramUrl(socialConfig.instagram) && (
+            <a
+              href={getInstagramUrl(socialConfig.instagram)!}
+              target="_blank"
+              rel="noopener noreferrer"
+              className="flex items-center gap-3 p-3 bg-pink-50 rounded-lg hover:bg-pink-100 transition-colors"
+            >
+              <div className="w-10 h-10 bg-gradient-to-r from-purple-500 to-pink-500 rounded-full flex items-center justify-center">
+                <svg className="w-5 h-5 text-white" fill="currentColor" viewBox="0 0 24 24">
+                  <path d="M12 2.163c3.204 0 3.584.012 4.85.07 3.252.148 4.771 1.691 4.919 4.919.058 1.265.069 1.645.069 4.849 0 3.205-.012 3.584-.069 4.849-.149 3.225-1.664 4.771-4.919 4.919-1.266.058-1.644.07-4.85.07-3.204 0-3.584-.012-4.849-.07-3.26-.149-4.771-1.699-4.919-4.92-.058-1.265-.07-1.644-.07-4.849 0-3.204.013-3.583.07-4.849.149-3.227 1.664-4.771 4.919-4.919 1.266-.057 1.645-.069 4.849-.069zm0-2.163c-3.259 0-3.667.014-4.947.072-4.358.2-6.78 2.618-6.98 6.98-.059 1.281-.073 1.689-.073 4.948 0 3.259.014 3.668.072 4.948.2 4.358 2.618 6.78 6.98 6.98 1.281.058 1.689.072 4.948.072 3.259 0 3.668-.014 4.948-.072 4.354-.2 6.782-2.618 6.979-6.98.059-1.28.073-1.689.073-4.948 0-3.259-.014-3.667-.072-4.947-.196-4.354-2.617-6.78-6.979-6.98-1.281-.059-1.69-.073-4.949-.073zm0 5.838c-3.403 0-6.162 2.759-6.162 6.162s2.759 6.163 6.162 6.163 6.162-2.759 6.162-6.163c0-3.403-2.759-6.162-6.162-6.162zm0 10.162c-2.209 0-4-1.79-4-4 0-2.209 1.791-4 4-4s4 1.791 4 4c0 2.21-1.791 4-4 4zm6.406-11.845c-.796 0-1.441.645-1.441 1.44s.645 1.44 1.441 1.44c.795 0 1.439-.645 1.439-1.44s-.644-1.44-1.439-1.44z"/>
+                </svg>
+              </div>
+              <span className="font-medium">Instagram</span>
+            </a>
+          )}
+          {getTelegramUrl(socialConfig.telegram) && (
+            <a
+              href={getTelegramUrl(socialConfig.telegram)!}
+              target="_blank"
+              rel="noopener noreferrer"
+              className="flex items-center gap-3 p-3 bg-blue-50 rounded-lg hover:bg-blue-100 transition-colors"
+            >
+              <div className="w-10 h-10 bg-blue-500 rounded-full flex items-center justify-center">
+                <svg className="w-5 h-5 text-white" fill="currentColor" viewBox="0 0 24 24">
+                  <path d="M11.944 0A12 12 0 0 0 0 12a12 12 0 0 0 12 12 12 12 0 0 0 12-12A12 12 0 0 0 12 0a12 12 0 0 0-.056 0zm4.962 7.224c.1-.002.321.023.465.14a.506.506 0 0 1 .171.325c.016.093.036.306.02.472-.18 1.898-.962 6.502-1.36 8.627-.168.9-.499 1.201-.82 1.23-.696.065-1.225-.46-1.9-.902-1.056-.693-1.653-1.124-2.678-1.8-1.185-.78-.417-1.21.258-1.91.177-.184 3.247-2.977 3.307-3.23.007-.032.014-.15-.056-.212s-.174-.041-.249-.024c-.106.024-1.793 1.14-5.061 3.345-.48.33-.913.49-1.302.48-.428-.008-1.252-.241-1.865-.44-.752-.245-1.349-.374-1.297-.789.027-.216.325-.437.893-.663 3.498-1.524 5.83-2.529 6.998-3.014 3.332-1.386 4.025-1.627 4.476-1.635z"/>
+                </svg>
+              </div>
+              <span className="font-medium">Telegram</span>
+            </a>
+          )}
         </div>
       </Card>
     </div>
diff --git a/frontend/src/app/(public)/page.tsx b/frontend/src/app/(public)/page.tsx
index ede3e1b..6188f9f 100644
--- a/frontend/src/app/(public)/page.tsx
+++ b/frontend/src/app/(public)/page.tsx
@@ -97,7 +97,7 @@ export default function HomePage() {
                 <div className="space-y-4">
                   <div className="relative rounded-card h-32 flex items-center justify-center overflow-hidden">
                     <Image
-                      src="/images/2026-01-29 13.10.26.jpg"
+                      src="/images/2026-01-29 13.10.08.jpg"
                       alt="Language exchange event"
                       fill
                       sizes="(max-width: 1024px) 50vw, 25vw"
diff --git a/frontend/src/app/(public)/linktree/page.tsx b/frontend/src/app/linktree/page.tsx
similarity index 100%
rename from frontend/src/app/(public)/linktree/page.tsx
rename to frontend/src/app/linktree/page.tsx
diff --git a/frontend/src/context/AuthContext.tsx b/frontend/src/context/AuthContext.tsx
index 23e8373..45620a8 100644
--- a/frontend/src/context/AuthContext.tsx
+++ b/frontend/src/context/AuthContext.tsx
@@ -2,6 +2,8 @@
 
 import React, { createContext, useContext, useState, useEffect, ReactNode, useCallback } from 'react';
 
+const API_BASE = process.env.NEXT_PUBLIC_API_URL || '';
+
 interface User {
   id: string;
   email: string;
@@ -66,7 +68,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
   }, []);
 
   const login = async (email: string, password: string) => {
-    const res = await fetch('/api/auth/login', {
+    const res = await fetch(`${API_BASE}/api/auth/login`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ email, password }),
@@ -82,7 +84,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
   };
 
   const loginWithGoogle = async (credential: string) => {
-    const res = await fetch('/api/auth/google', {
+    const res = await fetch(`${API_BASE}/api/auth/google`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ credential }),
@@ -98,7 +100,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
   };
 
   const loginWithMagicLink = async (magicToken: string) => {
-    const res = await fetch('/api/auth/magic-link/verify', {
+    const res = await fetch(`${API_BASE}/api/auth/magic-link/verify`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({ token: magicToken }),
@@ -114,7 +116,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
   };
 
   const register = async (registerData: RegisterData) => {
-    const res = await fetch('/api/auth/register', {
+    const res = await fetch(`${API_BASE}/api/auth/register`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify(registerData),