10 issues resolved — auth, payments, images, login, and infrastructure. All deployed to production.
| # | Issue | Category | Status |
|---|---|---|---|
| 1 | "Failed to load restaurants" on first load | Auth | Fixed |
| 2 | Slow image loading + no loading indicators | UX | Fixed |
| 3 | Phone login (Twilio) setup + profile flow | Auth | Fixed |
| 4 | Phone users' names disappearing after refresh | Auth | Fixed |
| 5 | Image storage migration to client's Cloudflare | Infra | Fixed |
| 6 | Sign out button stuck on loading screen | Auth | Fixed |
| 7 | Google sign-in redirecting to localhost | Auth | Fixed |
| 8 | Product image upload failing (Bug 6) | Infra | Fixed |
| 9 | Cash order with discount code error (Item 14) | Payments | Fixed |
| 10 | CyberSource 3DS full rework (11 sub-issues) | Payments | Fixed |
Data fetching hooks fired SWR requests before the Supabase auth session was ready, causing empty/failed loads on first visit.
Affected hooks: useRestaurants, useRestaurant, useMenuItems
Auth callback route used new URL(request.url).origin as fallback for redirect base URL. Production runs Next.js on localhost:3000 behind a reverse proxy that doesn't forward the Host header — so the origin resolved to http://localhost:3000.
Fix: Hardcoded https://ricoya.ipnoelp.com as fallback in auth callback.
Full rework based on BAC reviewer feedback. 11 issues fixed including missing credentials, amount mismatches, frictionless flow, and capture enablement.
| Brand | ECI | CAVV | Status |
|---|---|---|---|
| Visa | 05 | Present | Captured |
| Mastercard | spa | ucaf: 2 | Captured |
| AMEX | — | — | Sandbox limitation |
Migrated 360 images (247MB) to client's Cloudflare R2 bucket. Set up images.ricoya.net as custom domain for CDN edge caching. Moved ricoya.net DNS to Cloudflare.
Added shimmer loading indicators + fade-in transitions for menu items, modals, and restaurant cards.