Phase 1: Add ESLint/Prettier config + baseline auto-fixes

dashcaddy-api/csrf-protection.js

@@ -68,7 +68,7 @@ function csrfCookieMiddleware(req, res, next) {
     secure: req.secure || req.protocol === 'https', // Only secure in HTTPS
     sameSite: 'strict',
     path: '/',
-    maxAge: 24 * 60 * 60 * 1000 // 24 hours
+    maxAge: 24 * 60 * 60 * 1000, // 24 hours
   });
 
   next();
@@ -96,7 +96,7 @@ function csrfValidationMiddleware(req, res, next) {
     '/api/totp/verify',
     '/api/totp/verify-setup',
     '/health',
-    '/api/health'
+    '/api/health',
   ];
 
   // Check if path starts with excluded prefix
@@ -126,7 +126,7 @@ function csrfValidationMiddleware(req, res, next) {
     return res.status(403).json({
       success: false,
       error: '[DC-100] CSRF token missing',
-      message: 'CSRF cookie not found. Please refresh the page (Ctrl+Shift+R) and try again.'
+      message: 'CSRF cookie not found. Please refresh the page (Ctrl+Shift+R) and try again.',
     });
   }
 
@@ -135,7 +135,7 @@ function csrfValidationMiddleware(req, res, next) {
     return res.status(403).json({
       success: false,
       error: '[DC-100] CSRF token missing',
-      message: 'CSRF token not provided in request headers. Please refresh the page (Ctrl+Shift+R) and try again.'
+      message: 'CSRF token not provided in request headers. Please refresh the page (Ctrl+Shift+R) and try again.',
     });
   }
 
@@ -161,7 +161,7 @@ function csrfValidationMiddleware(req, res, next) {
     return res.status(403).json({
       success: false,
       error: '[DC-101] CSRF token invalid',
-      message: 'CSRF token validation failed. Please refresh the page (Ctrl+Shift+R) and try again.'
+      message: 'CSRF token validation failed. Please refresh the page (Ctrl+Shift+R) and try again.',
     });
   }
 }
@@ -174,5 +174,5 @@ module.exports = {
   signToken,
   parseCookie,
   csrfCookieMiddleware,
-  csrfValidationMiddleware
+  csrfValidationMiddleware,
 };