Fixed network v4

Fixed network v3
Fixed network v2
2026-03-11 07:59:23 +01:00 · 2026-03-11 07:57:49 +01:00 · 2026-03-11 07:55:47 +01:00 · 2026-03-11 07:52:11 +01:00 · 2026-03-10 22:13:22 +01:00 · 2026-03-10 22:04:23 +01:00
72 changed files with 2435 additions and 318 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,25 @@
 # Git
 .git
 .gitignore
 # Symfony
 var/cache/*
 var/log/*
 var/sessions/*
 !var/cache/.gitkeep
 !var/log/.gitkeep
 !var/sessions/.gitkeep
 # Node
 node_modules
 npm-debug.log
 # Other
 .env.local
 .env.local.php
 .env.dev.local
 .env.test.local
 .env.prod.local
 vendor
 public/build
--- a/.env
+++ b/.env
@@ -15,17 +15,30 @@
 # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
 ###> symfony/framework-bundle ###
-APP_ENV=dev
+APP_ENV=prod
-APP_SECRET=
+APP_SECRET=695679907f9c3818e6924d547f872651
 TRUSTED_PROXIES=127.0.0.1,172.20.0.1,172.20.0.0/16
 TRUSTED_HOSTS=^.*$
 ###< symfony/framework-bundle ###
 SITE_BASE_URL=https://escapepage.com
 ###> doctrine/doctrine-bundle ###
 # Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
 # IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
 #
 # DATABASE_URL="sqlite:///%kernel.project_dir%/var/data_%kernel.environment%.db"
 # DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4"
-DATABASE_URL="mysql://escapepage:b.0nqrxJ%%2FD%%2ALuf9N@localhost:3306/escapepage?serverVersion=8.0.32&charset=utf8mb4"
+DB_DRIVER=pdo_mysql
 DB_SERVER_VERSION=8.0.32
 DB_CHARSET=utf8mb4
 DB_USER=escapepage
 DB_PASSWORD=Zr1aOYU5NpCbS3dhpxa64cZp
 DB_HOST=database
 DB_PORT=3306
 DB_NAME=escapepage
 MYSQL_ROOT_PASSWORD=root
 DATABASE_URL="${DB_DRIVER}://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?serverVersion=${DB_SERVER_VERSION}&charset=${DB_CHARSET}"
 ###< doctrine/doctrine-bundle ###
 ###> symfony/messenger ###
@@ -37,14 +50,13 @@ MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
 ###> symfony/mailer ###
 # Development: use Mailpit (docker compose override provides service `mailer` on port 1025)
-MAILER_DSN=smtp://mailer:1025
+MAILER_DSN=sendgrid://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@default
 MAILER_FROM=mailer@escapepage.nl
 # Production/Stage (uncomment and set SENDGRID_API_KEY in real env or secrets):
 # MAILER_DSN=sendgrid+api://%env(SENDGRID_API_KEY)%
 # Alternatively, via SMTP (no extra package needed):
 # MAILER_DSN="smtp://apikey:%env(SENDGRID_API_KEY)%@smtp.sendgrid.net:587?encryption=tls"
 # Optional default sender (used by test command if --from not passed):
 # MAILER_FROM=no-reply@your-domain.tld
 # SENDGRID_API_KEY=your_real_key_goes_here   # Do NOT commit this; set in .env.local or deployment env
 ###< symfony/mailer ###
 ###> symfony/sendgrid-mailer ###
@@ -53,11 +65,27 @@ MAILER_DSN=smtp://mailer:1025
 ###> mercure ###
 # Internal hub URL used by the PHP app (reachable from the php container)
-MERCURE_URL=http://mercure/.well-known/mercure
+MERCURE_URL=https://mercure/.well-known/mercure
 # Public hub URL used by browsers
-MERCURE_PUBLIC_URL=http://localhost:8090/.well-known/mercure
+MERCURE_PUBLIC_URL=https://mercure.escapepage.com/.well-known/mercure
 # Shared secret for signing JWTs (dev only). In prod, set via real env/secrets.
 MERCURE_JWT_SECRET=!ChangeThisMercureJWTSignedBySymfonySecretKey!
-# Base URL for Mercure topics. Use .dev in development; override to .com in prod via .env.prod or real env.
+# Pre-generated JWT tokens for convenience
-MERCURE_TOPIC_BASE=https://escapepage.dev
+MERCURE_PUBLISHER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.E5b7ma4k-kA7lVGOQtICh7r2sspwX4G1iOhwtbxHQck
 MERCURE_SUBSCRIBER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyIqIl19fQ.mwSAjvbm6vOnjMoRSHMdcqapNCwyGZs1s57uLK4T3UM
 # CORS allowed origins (default)
 MERCURE_CORS_ALLOWED_ORIGINS="https://www.escapepage.com https://escapepage.com"
 # Base URL for Mercure topics.
 MERCURE_TOPIC_BASE=https://escapepage.com
 ###< mercure ###
 ###> docker ###
 USER_ID=1000
 GROUP_ID=1000
 ###< docker ###
 ###> karser/karser-recaptcha3-bundle ###
 # Get your API key and secret from https://g.co/recaptcha/v3
 RECAPTCHA3_KEY=6LdIvk0sAAAAAC2jMbBXtjDQC24mmNbwHWBulxFu
 RECAPTCHA3_SECRET=6LdIvk0sAAAAAE9TCGAQoczQFwR6l2dxkkwcPKsk
 ###< karser/karser-recaptcha3-bundle ###
--- a/.env.dev
+++ b/.env.dev
@@ -2,3 +2,16 @@
 ###> symfony/framework-bundle ###
 APP_SECRET=620e9ce5f88a714b636179eb39d5be4f
 ###< symfony/framework-bundle ###
 ###> mercure ###
 MERCURE_CORS_ALLOWED_ORIGINS=http://localhost:8080
 MERCURE_TOPIC_BASE=https://escapepage.dev
 MERCURE_PUBLISHER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.E5b7ma4k-kA7lVGOQtICh7r2sspwX4G1iOhwtbxHQck
 MERCURE_SUBSCRIBER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyIqIl19fQ.mwSAjvbm6vOnjMoRSHMdcqapNCwyGZs1s57uLK4T3UM
 ###< mercure ###
 DB_HOST=database
 DB_PORT=3306
 DB_NAME=escapepage
 DB_USER=escapepage
 DB_PASSWORD="b.0nqrxJ/D*Luf9N"
--- a/.env.prod
+++ b/.env.prod
@@ -1,9 +1,37 @@
 APP_ENV=prod
 APP_SECRET=a8f89e179e8c338423697669d6728c2c
 ### Compiled or real environment variables should be used in production.
 ### Configure MAILER_DSN to use SendGrid API transport.
 ### Prefer storing SENDGRID_API_KEY using Symfony Secrets or real env vars.
 ###> symfony/mailer ###
-# Example using SendGrid API key (replace with real secret via vault/secrets):
+MAILER_DSN=sendgrid://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@default
-# SENDGRID_API_KEY=SG.xxxxx
+MAILER_FROM=mailer@escapepage.nl
 MAILER_DSN=sendgrid+api://%env(resolve:SENDGRID_API_KEY)%@default
 ###< symfony/mailer ###
 ###> symfony/framework-bundle ###
 TRUSTED_PROXIES=127.0.0.1,172.20.0.1,172.20.0.0/16
 TRUSTED_HOSTS=^.*$
 ###< symfony/framework-bundle ###
 SITE_BASE_URL=https://escapepage.com
 ###> mercure ###
 # Use the production URL for CORS in production
 MERCURE_JWT_SECRET=55UtgFXsZu09TSTdeIA7ljK4HUo9DLkRzEB7MD5tqOLjRfAb
 MERCURE_PUBLISHER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.qMVdzh7buYK78e-gwCQx7v6qCxk1Js83SAEKK-GZSrI
 MERCURE_SUBSCRIBER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyIqIl19fQ.OCnRPXfCoke27ntAxby2R5jkgpTZdw83DPq1yhvkLbw
 MERCURE_CORS_ALLOWED_ORIGINS="https://escapepage.com"
 MERCURE_TOPIC_BASE=https://escapepage.com
 ###< mercure ###
 DB_HOST=database
 DB_PORT=3306
 DB_NAME=escapepage
 DB_USER=escapepage
 DB_PASSWORD=Zr1aOYU5NpCbS3dhpxa64cZp
 ###> docker ###
 USER_ID=1000
 GROUP_ID=1000
 ###< docker ###
--- a/.env.test
+++ b/.env.test
@@ -1,3 +1,18 @@
 APP_ENV=test
 # define your env variables for the test env here
 KERNEL_CLASS='App\Kernel'
 APP_SECRET='$ecretf0rt3st'
 ###> mercure ###
 MERCURE_CORS_ALLOWED_ORIGINS=http://localhost:8080
 MERCURE_TOPIC_BASE=http://test
 MERCURE_PUBLISHER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.E5b7ma4k-kA7lVGOQtICh7r2sspwX4G1iOhwtbxHQck
 MERCURE_SUBSCRIBER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyIqIl19fQ.mwSAjvbm6vOnjMoRSHMdcqapNCwyGZs1s57uLK4T3UM
 ###< mercure ###
 DB_HOST=database
 DB_PORT=3306
 DB_NAME=escapepage_test
 DB_USER=escapepage
 DB_PASSWORD="b.0nqrxJ/D*Luf9N"
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,9 @@
 /config/secrets/prod/prod.decrypt.private.php
 /public/bundles/
 /var/
 !/var/volumes/
 /var/volumes/*
 !/var/volumes/.gitignore
 /vendor/
 ###< symfony/framework-bundle ###
--- a/.idea/escapepage.iml
+++ b/.idea/escapepage.iml
@@ -140,6 +140,7 @@
      <excludeFolder url="file://$MODULE_DIR$/vendor/symfony/webpack-encore-bundle" />
      <excludeFolder url="file://$MODULE_DIR$/vendor/symfonycasts/reset-password-bundle" />
      <excludeFolder url="file://$MODULE_DIR$/vendor/symfonycasts/verify-email-bundle" />
      <excludeFolder url="file://$MODULE_DIR$/vendor/karser/karser-recaptcha3-bundle" />
    </content>
    <orderEntry type="inheritedJdk" />
    <orderEntry type="sourceFolder" forTests="false" />
--- a/.idea/php.xml
+++ b/.idea/php.xml
@@ -153,6 +153,7 @@
      <path value="$PROJECT_DIR$/vendor/lcobucci/jwt" />
      <path value="$PROJECT_DIR$/vendor/symfonycasts/verify-email-bundle" />
      <path value="$PROJECT_DIR$/vendor/symfonycasts/reset-password-bundle" />
      <path value="$PROJECT_DIR$/vendor/karser/karser-recaptcha3-bundle" />
    </include_path>
  </component>
  <component name="PhpProjectSharedConfiguration" php_language_level="8.2" />
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ This repository contains a Symfony 7.3 (PHP >= 8.5.1) application for a collabor
  6. Run tests: `vendor/bin/phpunit`
 - With Docker:
-  1. From `docker/`: `docker compose up -d`
+  1. `cd docker && docker compose up -d`
  2. Install vendors inside the PHP container:
     - `docker compose exec php bash`
     - `composer install`
@@ -28,7 +28,7 @@ This repository contains a Symfony 7.3 (PHP >= 8.5.1) application for a collabor
 ## Email (Mailpit in dev, SendGrid for prod)
 - Dev: a `mailer` service (Mailpit) runs in Docker.
  - SMTP DSN in `.env`: `MAILER_DSN=smtp://mailer:1025`
-  - Mailpit UI: http://localhost:8025
+  - Mailpit UI: http://localhost:8025 (or mapped port 8025)
  - Send a test mail: `php bin/console app:mail:test you@example.com`
 - Staging/Prod: use SendGrid.
  - Require package (already in composer): `symfony/sendgrid-mailer`.
@@ -81,9 +81,9 @@ See doc/CONTRIBUTING.md for code style and more details.
 We use a Mercure hub (Docker service) to push server updates to browsers via Server‑Sent Events (SSE).
 Quick start (dev):
-1. Start Docker stack from `docker/`:
+1. Start Docker stack:
   ```
-   docker compose up -d
+   cd docker && docker compose up -d
   ```
   This starts `mercure` at http://localhost:8090 and the app at http://localhost:8080.
 2. Install PHP deps inside the PHP container if you haven't yet:
@@ -91,12 +91,6 @@ Quick start (dev):
   docker compose exec php bash
   composer install
   ```
 3. Open the Game Hub page in your browser: http://localhost:8080/game
   - The page subscribes to a demo topic and logs messages in the console.
 4. Publish a test update (in the PHP container):
   ```
   php bin/console app:mercure:publish
   ```
   You should see a console log like `[Mercure] Update received: { ... }` on the Game Hub page.
 Configuration:
--- a/assets/game1.js
+++ b/assets/game1.js
@@ -131,6 +131,8 @@ document.addEventListener('DOMContentLoaded', async () => {
  const screen = cfgEl.dataset.screen;
  const apiPingUrl = cfgEl.dataset.apiPingUrl;
  const apiEchoUrl = cfgEl.dataset.apiEchoUrl;
  const apiCheckFinishedUrl = cfgEl.dataset.apiCheckFinishedUrl;
  const lostUrl = cfgEl.dataset.lostUrl;
  if (mercurePublicUrl && topic) {
    subscribeToMercure(mercurePublicUrl, topic, screen);
@@ -138,6 +140,52 @@ document.addEventListener('DOMContentLoaded', async () => {
    console.warn('[Mercure][game1] Missing data attributes on #mercure-config');
  }
  // Timer logic
  const timerEl = document.getElementById('game-timer');
  if (timerEl && timerEl.dataset.endTime) {
    const endTime = parseInt(timerEl.dataset.endTime) * 1000;
    const updateTimer = async () => {
      const now = Date.now();
      const diff = endTime - now;
      if (diff <= 0) {
        timerEl.textContent = '00:00:00';
        // Timer reached zero, check with server
        if (apiCheckFinishedUrl && lostUrl) {
          try {
            const response = await fetchJson(apiCheckFinishedUrl, { method: 'POST' });
            if (response && response.finished) {
              window.location.href = lostUrl;
              return; // Stop the timer loop
            }
          } catch (e) {
            console.error('[API][game1] Failed to check finished status:', e);
          }
        }
        // Even if check failed or not finished, stop the loop if diff <= 0
        // (though technically if the server says not finished, we might want to keep checking,
        // but 00:00:00 usually means it's over).
        return;
      }
      const hours = Math.floor(diff / (1000 * 60 * 60));
      const minutes = Math.floor((diff % (1000 * 60 * 60)) / (1000 * 60));
      const seconds = Math.floor((diff % (1000 * 60)) / 1000);
      const hDisplay = hours.toString().padStart(2, '0');
      const mDisplay = minutes.toString().padStart(2, '0');
      const sDisplay = seconds.toString().padStart(2, '0');
      timerEl.textContent = `${hDisplay}:${mDisplay}:${sDisplay}`;
      setTimeout(updateTimer, 1000);
    };
    updateTimer();
  }
  // Demo API calls
  try {
    if (apiPingUrl) {
--- a/compose.override.yaml
+++ b/compose.override.yaml
@@ -1,7 +0,0 @@
 services:
 ###> symfony/mercure-bundle ###
  mercure:
    ports:
      - "80"
 ###< symfony/mercure-bundle ###
--- a/compose.yaml
+++ b/compose.yaml
@@ -1,31 +0,0 @@
 services:
 ###> symfony/mercure-bundle ###
  mercure:
    image: dunglas/mercure
    restart: unless-stopped
    environment:
      # Uncomment the following line to disable HTTPS,
      #SERVER_NAME: ':80'
      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
      # Set the URL of your Symfony project (without trailing slash!) as value of the cors_origins directive
      MERCURE_EXTRA_DIRECTIVES: |
        cors_origins http://localhost:8080
    # Comment the following line to disable the development mode
    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
    healthcheck:
      test: ["CMD", "curl", "-f", "https://localhost/healthz"]
      timeout: 5s
      retries: 5
      start_period: 60s
    volumes:
      - mercure_data:/data
      - mercure_config:/config
 ###< symfony/mercure-bundle ###
 volumes:
 ###> symfony/mercure-bundle ###
  mercure_data:
  mercure_config:
 ###< symfony/mercure-bundle ###
--- a/composer.json
+++ b/composer.json
@@ -11,6 +11,7 @@
        "doctrine/doctrine-bundle": "^2.16",
        "doctrine/doctrine-migrations-bundle": "^3.4",
        "doctrine/orm": "^3.5",
        "karser/karser-recaptcha3-bundle": "^0.3.0",
        "phpdocumentor/reflection-docblock": "^5.6",
        "phpstan/phpdoc-parser": "^2.3",
        "symfony/asset": "7.3.*",
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "8e2419832c0841e325a5b748bde61a48",
+    "content-hash": "22d46e70bd8246939c294d28ecfff13d",
    "packages": [
        {
            "name": "composer/semver",
@@ -1271,6 +1271,88 @@
            ],
            "time": "2025-03-06T22:45:56+00:00"
        },
        {
            "name": "karser/karser-recaptcha3-bundle",
            "version": "v0.3.0",
            "source": {
                "type": "git",
                "url": "https://github.com/karser/KarserRecaptcha3Bundle.git",
                "reference": "3d194dab4c31115bebc073c866ff55afaaa9e276"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/karser/KarserRecaptcha3Bundle/zipball/3d194dab4c31115bebc073c866ff55afaaa9e276",
                "reference": "3d194dab4c31115bebc073c866ff55afaaa9e276",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "php": ">=8.1",
                "symfony/expression-language": "^6.4|^7.0|^8.0",
                "symfony/form": "^6.4|^7.0|^8.0",
                "symfony/framework-bundle": "^6.4|^7.0|^8.0",
                "symfony/twig-bundle": "^6.4|^7.0|^8.0",
                "symfony/validator": "^6.4|^7.0|^8.0",
                "symfony/yaml": "^6.4|^7.0|^8.0",
                "twig/twig": "^3.0"
            },
            "require-dev": {
                "phpunit/phpunit": "^9|^10|^11",
                "symfony/http-client": "^6.4|^7.0|^8.0"
            },
            "type": "symfony-bundle",
            "extra": {
                "branch-alias": {
                    "dev-master": "0.1.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
                    "Karser\\Recaptcha3Bundle\\": ""
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Dmitrii Poddubnyi",
                    "homepage": "https://github.com/karser"
                }
            ],
            "description": "Google ReCAPTCHA v3 for Symfony",
            "homepage": "http://github.com/karser/KarserRecaptcha3Bundle",
            "keywords": [
                "Forms",
                "Google ReCaptcha",
                "GoogleReCaptcha",
                "Symfony Google ReCaptcha",
                "anti-bot",
                "anti-bots",
                "anti-spam",
                "captcha",
                "contact",
                "google",
                "google recaptcha v3",
                "no-captcha",
                "recaptcha",
                "recaptcha v3",
                "recaptcha v3 symfony",
                "security",
                "spam",
                "symfony",
                "symfony google recaptcha v3",
                "symfony recaptcha",
                "symfony recaptcha v3",
                "validation"
            ],
            "support": {
                "issues": "https://github.com/karser/KarserRecaptcha3Bundle/issues",
                "source": "https://github.com/karser/KarserRecaptcha3Bundle/tree/v0.3.0"
            },
            "time": "2025-12-08T11:25:16+00:00"
        },
        {
            "name": "lcobucci/jwt",
            "version": "5.6.0",
--- a/config/bundles.php
+++ b/config/bundles.php
@@ -17,4 +17,5 @@ return [
    Symfony\Bundle\MercureBundle\MercureBundle::class => ['all' => true],
    SymfonyCasts\Bundle\VerifyEmail\SymfonyCastsVerifyEmailBundle::class => ['all' => true],
    SymfonyCasts\Bundle\ResetPassword\SymfonyCastsResetPasswordBundle::class => ['all' => true],
    Karser\Recaptcha3Bundle\KarserRecaptcha3Bundle::class => ['all' => true],
 ];
--- a/config/packages/csrf.yaml
+++ b/config/packages/csrf.yaml
@@ -1,11 +1,10 @@
 # Enable stateless CSRF protection for forms and logins/logouts
 framework:
-    form:
+#    form:
-        csrf_protection:
+#        csrf_protection:
-            token_id: submit
+#            token_id: submit
-
+#    csrf_protection:
-    csrf_protection:
+#        stateless_token_ids:
-        stateless_token_ids:
+#            - submit
-            - submit
+#            - authenticate
-            - authenticate
+#            - logout
            - logout
--- a/config/packages/doctrine.yaml
+++ b/config/packages/doctrine.yaml
@@ -1,6 +1,14 @@
 doctrine:
    dbal:
-        url: '%env(resolve:DATABASE_URL)%'
+        # url: '%env(resolve:DATABASE_URL)%'
        driver: '%env(DB_DRIVER)%'
        server_version: '%env(DB_SERVER_VERSION)%'
        host: '%env(DB_HOST)%'
        port: '%env(DB_PORT)%'
        user: '%env(DB_USER)%'
        password: '%env(DB_PASSWORD)%'
        dbname: '%env(DB_NAME)%'
        charset: '%env(DB_CHARSET)%'
        # IMPORTANT: You MUST configure your server version,
        # either here or in the DATABASE_URL env var (see .env file)
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -8,7 +8,21 @@ framework:
        fallbacks: ['en', 'nl']
    # Note that the session will be started ONLY if you read or write from it.
-    session: true
+    session:
        handler_id: null
        cookie_secure: auto
        cookie_samesite: lax
        storage_factory_id: session.storage.factory.native
        save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
 when@prod:
    framework:
        session:
            handler_id: null
            cookie_secure: true
            cookie_samesite: lax
            storage_factory_id: session.storage.factory.native
            save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
    #esi: true
    #fragments: true
--- a/config/packages/karser_recaptcha3.yaml
+++ b/config/packages/karser_recaptcha3.yaml
@@ -0,0 +1,5 @@
 karser_recaptcha3:
    site_key: '%env(RECAPTCHA3_KEY)%'
    secret_key: '%env(RECAPTCHA3_SECRET)%'
    score_threshold: 0.5
    enabled: true
--- a/config/packages/mercure.yaml
+++ b/config/packages/mercure.yaml
@@ -4,5 +4,4 @@ mercure:
            url: '%env(MERCURE_URL)%'
            public_url: '%env(MERCURE_PUBLIC_URL)%'
            jwt:
-                secret: '%env(MERCURE_JWT_SECRET)%'
+                value: '%env(MERCURE_PUBLISHER_JWT_TOKEN)%'
                publish: ['*']
--- a/config/packages/routing.yaml
+++ b/config/packages/routing.yaml
@@ -2,7 +2,7 @@ framework:
    router:
        # Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
        # See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
-        #default_uri: http://localhost
+        default_uri: '%env(SITE_BASE_URL)%'
 when@prod:
    framework:
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -30,6 +30,7 @@ security:
    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/, roles: PUBLIC_ACCESS, requires_channel: https }
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }
--- a/config/packages/test/karser_recaptcha3.yaml
+++ b/config/packages/test/karser_recaptcha3.yaml
@@ -0,0 +1,2 @@
 karser_recaptcha3:
    enabled: false
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -4,6 +4,7 @@
 # Put parameters here that don't need to change on each machine where the app is deployed
 # https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration
 parameters:
    mailer_from: '%env(MAILER_FROM)%'
 services:
    # default configuration for services in *this* file
@@ -16,5 +17,9 @@ services:
    App\:
        resource: '../src/'
    App\Game\Service\GameResponseService:
        arguments:
            $projectDir: '%kernel.project_dir%'
    # add more service definitions when explicit configuration is needed
    # please note that last definitions always *replace* previous ones
--- a/doc/FILES.md
+++ b/doc/FILES.md
@@ -4,7 +4,7 @@ Use this index to quickly locate files and directories during development and in
 ## Top-Level
 - docker/compose.yaml / docker/compose.override.yaml — Docker services.
- docker/ — Docker build contexts and configs (php Dockerfile, nginx vhost, compose files).
+- docker/ — Docker build contexts and configs (php Dockerfile, nginx vhost).
 - composer.json / composer.lock — Dependencies and scripts.
 - importmap.php — Importmap configuration for JS dependencies.
 - phpunit.dist.xml — PHPUnit configuration.
--- a/doc/docker.md
+++ b/doc/docker.md
@@ -9,7 +9,7 @@ This app can run fully in Docker using docker compose with PHP-FPM, Nginx and My
 - mailer (dev only via compose.override.yaml): Mailpit (SMTP/UI)
 ## Prerequisites
- Docker and Docker Compose (v2)
+- Docker and Docker Compose (docker compose)
 ## Usage
@@ -21,36 +21,42 @@ App will be served at http://localhost:8080
 Alternatively (manual):
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml up -d --build
+cd docker
 docker compose up -d --build
 ```
 ### 2) Install dependencies
 The setup script already runs composer install. To run manually:
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml exec php composer install
+cd docker
 docker compose exec php composer install
 ```
 ### 3) Prepare DB
 The setup script already prepares the DB. To run manually:
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml exec php php bin/console doctrine:database:create --if-not-exists
+cd docker
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml exec php php bin/console doctrine:migrations:migrate -n
+docker compose exec php php bin/console doctrine:database:create --if-not-exists
 docker compose exec php php bin/console doctrine:migrations:migrate -n
 ```
 ### 4) Run tests
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml exec php vendor/bin/phpunit
+cd docker
 docker compose exec php vendor/bin/phpunit
 ```
 ### 5) Logs
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml logs -f nginx
+cd docker
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml logs -f php
+docker compose logs -f nginx
 docker compose logs -f php
 ```
 ### 6) Stop
 ```
-docker compose -f docker/compose.yaml -f docker/compose.override.yaml down
+cd docker
 docker compose down
 ```
 ## Notes
--- a/doc/email.md
+++ b/doc/email.md
@@ -18,7 +18,7 @@ MAILER_DSN=smtp://mailer:1025
 ```
 - Usage:
-  1. Start stack: `docker compose up -d`
+  1. Start stack: `docker-compose up -d`
  2. Send an email from the app.
  3. Open http://localhost:8025 to view captured emails.
--- a/docker/.env
+++ b/docker/.env
@@ -0,0 +1,56 @@
 # This file is a template for Docker environment variables.
 # It was created by merging .env and .env.prod, with .env.prod taking precedence.
 ###> symfony/framework-bundle ###
 APP_ENV=prod
 APP_SECRET=a8f89e179e8c338423697669d6728c2c
 TRUSTED_PROXIES=127.0.0.1,172.20.0.1,172.20.0.0/16
 TRUSTED_HOSTS=^.*$
 ###< symfony/framework-bundle ###
 SITE_BASE_URL=https://escapepage.com
 ###> doctrine/doctrine-bundle ###
 DB_DRIVER=pdo_mysql
 DB_SERVER_VERSION=8.0.32
 DB_CHARSET=utf8mb4
 DB_USER=escapepage
 DB_PASSWORD=Zr1aOYU5NpCbS3dhpxa64cZp
 DB_HOST=database
 DB_PORT=3306
 DB_NAME=escapepage
 DATABASE_URL="${DB_DRIVER}://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?serverVersion=${DB_SERVER_VERSION}&charset=${DB_CHARSET}"
 ###< doctrine/doctrine-bundle ###
 ###> symfony/messenger ###
 MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
 ###< symfony/messenger ###
 ###> symfony/mailer ###
 MAILER_DSN=sendgrid://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@default
 MAILER_FROM=mailer@escapepage.nl
 ###< symfony/mailer ###
 ###> symfony/sendgrid-mailer ###
 # MAILER_DSN=sendgrid://KEY@default
 ###< symfony/sendgrid-mailer ###
 ###> mercure ###
 MERCURE_URL=https://mercure/.well-known/mercure
 MERCURE_PUBLIC_URL=https://escapepage.com:8090/.well-known/mercure
 MERCURE_JWT_SECRET=55UtgFXsZu09TSTdeIA7ljK4HUo9DLkRzEB7MD5tqOLjRfAb
 MERCURE_PUBLISHER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.qMVdzh7buYK78e-gwCQx7v6qCxk1Js83SAEKK-GZSrI
 MERCURE_SUBSCRIBER_JWT_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyIqIl19fQ.OCnRPXfCoke27ntAxby2R5jkgpTZdw83DPq1yhvkLbw
 MERCURE_CORS_ALLOWED_ORIGINS=https://escapepage.com
 MERCURE_TOPIC_BASE=https://escapepage.com
 ###< mercure ###
 ###> docker ###
 USER_ID=1000
 GROUP_ID=1000
 ###< docker ###
 ###> karser/karser-recaptcha3-bundle ###
 RECAPTCHA3_KEY=my_site_key
 RECAPTCHA3_SECRET=my_secret
 ###< karser/karser-recaptcha3-bundle ###
--- a/docker/.env.dist
+++ b/docker/.env.dist
@@ -0,0 +1,29 @@
 # User and Group IDs
 USER_ID=1000
 GROUP_ID=1000
 # Application
 APP_ENV=prod
 SITE_BASE_URL=https://escapepage.com
 # Mailer
 MAILER_DSN=sendgrid://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@default
 MAILER_FROM=mailer@escapepage.nl
 # Database
 DATABASE_URL=mysql://escapepage:Zr1aOYU5NpCbS3dhpxa64cZp@database:3306/escapepage?serverVersion=8.0.32&charset=utf8mb4
 DB_NAME=escapepage
 DB_USER=escapepage
 DB_PASSWORD=Zr1aOYU5NpCbS3dhpxa64cZp
 MYSQL_ROOT_PASSWORD=root
 # Mercure
 MERCURE_URL=http://mercure/.well-known/mercure
 MERCURE_PUBLIC_URL=https://escapepage.com/.well-known/mercure
 MERCURE_JWT_SECRET=55UtgFXsZu09TSTdeIA7ljK4HUo9DLkRzEB7MD5tqOLjRfAb
 MERCURE_CORS_ALLOWED_ORIGINS=https://escapepage.com
 MERCURE_TOPIC_BASE=https://escapepage.com
 # Recaptcha
 RECAPTCHA3_KEY=6LdIvk0sAAAAAC2jMbBXtjDQC24mmNbwHWBulxFu
 RECAPTCHA3_SECRET=6LdIvk0sAAAAAE9TCGAQoczQFwR6l2dxkkwcPKsk
--- a/docker/compose.override.yaml
+++ b/docker/compose.override.yaml
@@ -1,20 +1,19 @@
 services:
  php:
    environment:
-      XDEBUG_MODE: off
+      XDEBUG_MODE: "off"
    extra_hosts:
      - "host.docker.internal:host-gateway"
    depends_on:
      - mailer
    # networks:
    #   backend:
    #     ipv4_address: 172.23.0.10
-###> doctrine/doctrine-bundle ###
+  ###> doctrine/doctrine-bundle ###
-  database:
+  ###< doctrine/doctrine-bundle ###
    ports:
      - "3306"
 ###< doctrine/doctrine-bundle ###
-###> symfony/mailer ###
+  ###> symfony/mailer ###
  mailer:
    image: axllent/mailpit
    ports:
@@ -23,4 +22,17 @@ services:
    environment:
      MP_SMTP_AUTH_ACCEPT_ANY: 1
      MP_SMTP_AUTH_ALLOW_INSECURE: 1
    # networks:
    #   backend:
    #     ipv4_address: 172.23.0.13
 # networks:
 #   backend:
 #     name: escapepage_network
 #     driver: bridge
 #     ipam:
 #       config:
 #         - subnet: 172.23.0.0/16
 #           gateway: 172.23.0.1
 #     attachable: true
 ###< symfony/mailer ###
--- a/docker/compose.yaml
+++ b/docker/compose.yaml
@@ -1,4 +1,3 @@
 version: '3.7'
 services:
@@ -6,33 +5,65 @@ services:
    build:
      context: ..
      dockerfile: docker/php/Dockerfile
      args:
        USER_ID: ${USER_ID}
        GROUP_ID: ${GROUP_ID}
    container_name: escapepage-php
    volumes:
      - ../:/var/www/html:delegated
      - /etc/hosts:/etc/hosts:ro
    environment:
-      APP_ENV: dev
+      APP_ENV: ${APP_ENV}
      SITE_BASE_URL: ${SITE_BASE_URL}
      MAILER_DSN: ${MAILER_DSN}
      MAILER_FROM: ${MAILER_FROM}
      DATABASE_URL: ${DATABASE_URL}
      MERCURE_URL: ${MERCURE_URL}
      MERCURE_PUBLIC_URL: ${MERCURE_PUBLIC_URL}
      MERCURE_JWT_SECRET: ${MERCURE_JWT_SECRET}
      MERCURE_CORS_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS}
      MERCURE_TOPIC_BASE: ${MERCURE_TOPIC_BASE}
      RECAPTCHA3_KEY: ${RECAPTCHA3_KEY}
      RECAPTCHA3_SECRET: ${RECAPTCHA3_SECRET}
    depends_on:
      - database
      - mercure
-    networks:
+    # networks:
-      - backend
+    #   backend:
    #     ipv4_address: 172.23.0.10
    restart: unless-stopped
  php-worker:
    build:
      context: ..
      dockerfile: docker/php/Dockerfile
      args:
        USER_ID: ${USER_ID}
        GROUP_ID: ${GROUP_ID}
    container_name: escapepage-php-worker
    volumes:
      - ../:/var/www/html:delegated
      - /etc/hosts:/etc/hosts:ro
    environment:
-      APP_ENV: dev
+      APP_ENV: ${APP_ENV}
      SITE_BASE_URL: ${SITE_BASE_URL}
      MAILER_DSN: ${MAILER_DSN}
      MAILER_FROM: ${MAILER_FROM}
      DATABASE_URL: ${DATABASE_URL}
      MERCURE_URL: ${MERCURE_URL}
      MERCURE_PUBLIC_URL: ${MERCURE_PUBLIC_URL}
      MERCURE_JWT_SECRET: ${MERCURE_JWT_SECRET}
      MERCURE_CORS_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS}
      MERCURE_TOPIC_BASE: ${MERCURE_TOPIC_BASE}
      RECAPTCHA3_KEY: ${RECAPTCHA3_KEY}
      RECAPTCHA3_SECRET: ${RECAPTCHA3_SECRET}
    depends_on:
      - database
      - mercure
    command: ["php", "bin/console", "messenger:consume", "async", "-vv"]
-    networks:
+    # networks:
-      - backend
+    #   backend:
    #     ipv4_address: 172.23.0.11
    restart: unless-stopped
  nginx:
@@ -40,13 +71,17 @@ services:
    container_name: escapepage-nginx
    ports:
      - "8080:80"
      - "8443:443"
    volumes:
      - ../:/var/www/html:ro
      - ./nginx/default.conf:/etc/nginx/conf.d/default.conf:ro
      - ./nginx/ssl:/etc/nginx/ssl:ro
      - /etc/hosts:/etc/hosts:ro
    depends_on:
      - php
-    networks:
+    # networks:
-      - backend
+    #   backend:
    #     ipv4_address: 172.23.0.12
    restart: unless-stopped
  mailer:
@@ -54,60 +89,75 @@ services:
    container_name: escapepage-mailer
    ports:
      - "8025:8025"
-    networks:
+    volumes:
-      - backend
+      - /etc/hosts:/etc/hosts:ro
    # networks:
    #   backend:
    #     ipv4_address: 172.23.0.13
    restart: unless-stopped
  mercure:
    image: dunglas/mercure:v0.21
    container_name: escapepage-mercure
    environment:
-      SERVER_NAME: ":80"
+      SERVER_NAME: "https://:443"
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
+      MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_JWT_SECRET}
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureJWTSignedBySymfonySecretKey!'
+      MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_JWT_SECRET}
-      MERCURE_CORS_ALLOWED_ORIGINS: http://localhost:8080
+      MERCURE_CORS_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS}
-      MERCURE_PUBLISH_ALLOWED_ORIGINS: http://localhost:8080
+      MERCURE_PUBLISH_ALLOWED_ORIGINS: ${MERCURE_CORS_ALLOWED_ORIGINS}
      MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins http://localhost:8080
+        cors_origins ${MERCURE_CORS_ALLOWED_ORIGINS}
-        # Allow anonymous subscribers in dev only
+        publish_origins ${MERCURE_CORS_ALLOWED_ORIGINS}
        anonymous
    ports:
-      - "8090:80"
+      - "8090:443"
-    networks:
+    volumes:
-      - backend
+      - /etc/hosts:/etc/hosts:ro
      - ./nginx/ssl/server.crt:/etc/caddy/certs/server.crt:ro
      - ./nginx/ssl/server.key:/etc/caddy/certs/server.key:ro
    # networks:
    #   backend:
    #     ipv4_address: 172.23.0.14
    restart: unless-stopped
-###> doctrine/doctrine-bundle ###
+  ###> doctrine/doctrine-bundle ###
  database:
    image: mysql:8.0
    container_name: escapepage-db
    environment:
-      MYSQL_DATABASE: ${MYSQL_DATABASE:-app}
+      MYSQL_DATABASE: ${DB_NAME}
-      MYSQL_USER: ${MYSQL_USER:-app}
+      MYSQL_USER: ${DB_USER}
-      MYSQL_PASSWORD: ${MYSQL_PASSWORD:-!ChangeMe!}
+      MYSQL_PASSWORD: ${DB_PASSWORD}
-      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-root}
+      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
    healthcheck:
-      test: ["CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "-uroot", "-p${MYSQL_ROOT_PASSWORD:-root}"]
+      test: ["CMD", "mysqladmin", "ping", "-h", "127.0.0.1", "-uroot", "-p${MYSQL_ROOT_PASSWORD}"]
      interval: 10s
      timeout: 5s
      retries: 10
      start_period: 30s
-    command: ["--default-authentication-plugin=mysql_native_password", "--character-set-server=utf8mb4", "--collation-server=utf8mb4_unicode_ci"]
+    command: ["--default-authentication-plugin=mysql_native_password", "--character-set-server=utf8mb4", "--collation-server=utf8mb4_unicode_ci", "--lower-case-table-names=1", "--innodb-use-native-aio=0"]
    volumes:
-      - database_data:/var/lib/mysql:rw
+      - ../var/volumes/db:/var/lib/mysql:rw
      - ./mysql/init:/docker-entrypoint-initdb.d:ro
      - /etc/hosts:/etc/hosts:ro
    # Uncomment the two lines below if you need to access MySQL from your host (workbench, etc.)
-    # ports:
+    ports:
-    #   - "3306:3306"
+      - "3306:3306"
-    networks:
+    # networks:
-      - backend
+    #   backend:
    #     ipv4_address: 172.23.0.15
    restart: unless-stopped
 ###< doctrine/doctrine-bundle ###
 volumes:
 ###> doctrine/doctrine-bundle ###
  database_data:
 ###< doctrine/doctrine-bundle ###
-networks:
+# networks:
-  backend:
+#   backend:
-    driver: bridge
+#     name: escapepage_network
 #     driver: bridge
 #     ipam:
 #       config:
 #         - subnet: 172.23.0.0/16
 #           gateway: 172.23.0.1
 #     attachable: true
--- a/docker/mysql/init/allow_remote.sql
+++ b/docker/mysql/init/allow_remote.sql
@@ -0,0 +1,5 @@
 -- This script ensures the user has correct privileges.
 -- The user is actually created by the official MySQL image using environment variables.
 GRANT ALL PRIVILEGES ON *.* TO 'escapepage'@'%';
 FLUSH PRIVILEGES;
--- a/docker/nginx/default.conf
+++ b/docker/nginx/default.conf
@@ -1,6 +1,18 @@
 server {
    listen 80;
    server_name _;
    return 301 https://$host$request_uri;
 }
 server {
    listen 443 ssl;
    server_name _;
    ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
    root /var/www/html/public;
    index index.php index.html;
@@ -18,6 +30,14 @@ server {
        fastcgi_param DOCUMENT_ROOT $realpath_root;
        fastcgi_pass php:9000;
        fastcgi_read_timeout 120;
        # Ensure HTTPS is correctly detected by Symfony if Nginx is behind a TLS termination proxy
        fastcgi_param HTTPS $https if_not_empty;
        # Standard forwarded headers
        fastcgi_param HTTP_X_FORWARDED_FOR $proxy_add_x_forwarded_for;
        fastcgi_param HTTP_X_FORWARDED_PROTO $scheme;
        fastcgi_param HTTP_X_FORWARDED_HOST $host;
        fastcgi_param HTTP_X_FORWARDED_PORT $server_port;
    }
    location ~ /\.ht {
--- a/docker/nginx/ssl/server.crt
+++ b/docker/nginx/ssl/server.crt
@@ -0,0 +1,22 @@
 -----BEGIN CERTIFICATE-----
 MIIDrTCCApWgAwIBAgIURXHwywjcTFR43Q8+qtMAMuhHmW0wDQYJKoZIhvcNAQEL
 BQAwZjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5
 MRUwEwYDVQQKDAxPcmdhbml6YXRpb24xDTALBgNVBAsMBFVuaXQxEjAQBgNVBAMM
 CWxvY2FsaG9zdDAeFw0yNjAxMTAxMjMzNTNaFw0yNzAxMTAxMjMzNTNaMGYxCzAJ
 BgNVBAYTAlVTMQ4wDAYDVQQIDAVTdGF0ZTENMAsGA1UEBwwEQ2l0eTEVMBMGA1UE
 CgwMT3JnYW5pemF0aW9uMQ0wCwYDVQQLDARVbml0MRIwEAYDVQQDDAlsb2NhbGhv
 c3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0dQIpm6SeY/Qt1zTr
 GDfQuRAqowde6vzlNDwwC5hNQUaA4MCsDcmqmxj/YPUA8qG4MWQzYsj3HEn8l863
 a7BELIYy2kvHTO7mgZMsBiH6HzHilIOsZkMJEV3QLlFn7VRb7i6WSw48pbRJk77l
 sOX/e3vzE2pemnx4ggSORzNorrQ7UwyBpK374yisKSFzs6KKPnkVDbfBNX2k+fUT
 8Ncjq5WkllA93ztPzh1iHNcFThx+MiH5fcs9obdMbfNkcQy22J9Nbi0OT9Tf8R7k
 OaBEVPxFkT+moj6bCwetLkdQDGaoGA6AXTR1lrN812eU1TJ6KA4TAOj4ZAuygWa0
 kqi3AgMBAAGjUzBRMB0GA1UdDgQWBBSayyPInKCPbaliYycRx9GEK2tTFjAfBgNV
 HSMEGDAWgBSayyPInKCPbaliYycRx9GEK2tTFjAPBgNVHRMBAf8EBTADAQH/MA0G
 CSqGSIb3DQEBCwUAA4IBAQCT3r5wZd8fN/ognHFopJRKxjw3ZBBYl54ELb32OSVS
 NcKR63/2kZc7KQY5LjPbBMpDutLUPsVtJ97OSYY/JQDm/VVkJy0jIUtPD/bLnjEI
 bhMoIGKwUDtnSaYF3oXhwMX3XchDCLmpsk+E17LTTq+tHUzkhXZu+sHoHrE70Wls
 XfziM0O/zpApJQSeCLi8UDGffLVChFQd4uU//YW+4OMyk/mbu7dV4ckJXQVIvqTr
 7UuC7SgRChcYkaQpkDUnaoX+miKbr9SHUmBSbCsXDyPDth5TOUSZWbP6ewDKVWW7
 37OURA5UqT2RvnX75+FdLnBtqJrt/3X8wafOOLXILwmA
 -----END CERTIFICATE-----
--- a/docker/nginx/ssl/server.key
+++ b/docker/nginx/ssl/server.key
@@ -0,0 +1,28 @@
 -----BEGIN PRIVATE KEY-----
 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC0dQIpm6SeY/Qt
 1zTrGDfQuRAqowde6vzlNDwwC5hNQUaA4MCsDcmqmxj/YPUA8qG4MWQzYsj3HEn8
 l863a7BELIYy2kvHTO7mgZMsBiH6HzHilIOsZkMJEV3QLlFn7VRb7i6WSw48pbRJ
 k77lsOX/e3vzE2pemnx4ggSORzNorrQ7UwyBpK374yisKSFzs6KKPnkVDbfBNX2k
 +fUT8Ncjq5WkllA93ztPzh1iHNcFThx+MiH5fcs9obdMbfNkcQy22J9Nbi0OT9Tf
 8R7kOaBEVPxFkT+moj6bCwetLkdQDGaoGA6AXTR1lrN812eU1TJ6KA4TAOj4ZAuy
 gWa0kqi3AgMBAAECggEAfwOccgzK4XEY/OrspEx3fMHFTz1Qgs6DEhCiDG8c08OO
 DEglVPSfbSWdgqKL0A73JN4e2Mw/By8yJEf1h8SUXGe6TTC5BZ5wyG2LWQE4CQTL
 598AjuerZ0aB8XWodq3lIo+S2tYZPzainucPBjxsplYT+BNCWzQBSBC7hCk5VgPx
 6BvzlzBEWJYizpnT55Ta7zDV1tofP2RUt5Q6GT27Qm5fMlAj3a3LsmgeDLIPHhQd
 RCo0kEc56X4vZyojaNUrmTzh6+Ljoj7ahEsW9fr8kfQvIlvuR1qjkuuCEUDU7kS/
 iblwVkY1Lfrfm9mI82EYI287m28LBTP99ULk9KRhAQKBgQDpEjK0/OmsHSQfjiG7
 PHQXrmIdMzaz+BYttiGV9Fx5hsdVPvihdjzzwZck2MkSg5ODMtEthb7uBareS3Nl
 CG7a7brY8a/x5ZdnUPNXGykfix/oz557EENembKaWpsV8qiHM8vuADOWEvmqBTVt
 C0iXrwvyxgy/GuNz9A9Tfyya3wKBgQDGNb9Pr903/JzJKFkT+4dGpAgE0a3eQsDm
 HEJimbhNoOw79AyOHWbpV2f74kz0GdG2MjU3988lZ/VJ7FM0eyDkuBvv3c2YdKCm
 A/5tprB/8PefdNJD0HuVm4BE2XDLV74DbOCgoqsFMC1BdeUVBAhSqmRNrYFQYRqj
 DvqtDQiFKQKBgB5p6YQEnNmA0/3qJiywrtWIQ/VbgX/ql7pPUgKnaInTNJ/DH96x
 9zI3yOleAJ8R3GX6c6FlGo0k4C8x2VUNzKl07DTzFOqT8zXgMmDjgnJDTV6r+RpF
 /QSTOeM6f5JVn/hEog/kptamkz3EgDxChK6GgSClB3TIpXW0G2vh5IgxAoGBAIIl
 WHDicMcKP4h1zcepKLHhksJXS2rdOfveIljLxpByUassG/JUq/YbRlPFy/Gb4m9X
 mEoflQxirlTTr+6NypNjsDRX1197dOCNTsqA4POhLXauJkIQ6pTZfee3PrDF9CYb
 n4LaTKEjeRO6bajW9QASkbnPa1Fz8SGP/FkUbbvBAoGAKIuvVLwht1A8C0BXaFrb
 znZu3u90SB9TEcm2V9pU1ptiU6Q/CGlxm8UYvx1ahmxNYL6Ip/QNIFyb+HCqvIUf
 Id3C+4LlLeXVBP0uBCX828zREhuQutq3kju2iOQfsOkwc1McS4WXk6tExXoVwkzl
 2WYMu+GpSZLcti71L58tOf4=
 -----END PRIVATE KEY-----
--- a/docker/php/Dockerfile
+++ b/docker/php/Dockerfile
@@ -6,15 +6,32 @@ RUN apk add --no-cache \
    git \
    icu-dev \
    libzip-dev \
    libxml2-dev \
    oniguruma-dev \
    g++ \
    make \
    nodejs \
-    npm
+    npm \
    shadow
 # Install PHP extension installer
 COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/local/bin/
 # Install PHP extensions
-RUN docker-php-ext-configure intl \
+RUN install-php-extensions \
-    && docker-php-ext-install -j$(nproc) intl pdo pdo_mysql opcache zip
+    intl \
    pdo_mysql \
    opcache \
    zip \
    tokenizer \
    ctype \
    iconv \
    mbstring \
    dom \
    xml \
    simplexml \
    xmlreader \
    xmlwriter
 # Install composer
 ENV COMPOSER_ALLOW_SUPERUSER=1 \
@@ -24,7 +41,23 @@ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 # Configure PHP
 COPY docker/php/php.ini $PHP_INI_DIR/conf.d/zz-custom.ini
 # Adjust www-data UID/GID to match host user (default 1000)
 ARG USER_ID=1000
 ARG GROUP_ID=1000
 RUN if [ ${USER_ID:-0} -ne 0 ] && [ ${GROUP_ID:-0} -ne 0 ]; then \
    userdel -f www-data &&\
    if getent group www-data ; then groupdel www-data; fi &&\
    groupadd -g ${GROUP_ID} www-data &&\
    useradd -l -u ${USER_ID} -g www-data www-data &&\
    install -d -m 0755 -o www-data -g www-data /home/www-data \
 ;fi
 WORKDIR /var/www/html
 # Set permissions for Symfony directories
 RUN mkdir -p var/cache var/log var/sessions && \
    chown -R www-data:www-data var
 # Default command
 CMD ["php-fpm"]
--- a/docker/php/php.ini
+++ b/docker/php/php.ini
@@ -7,3 +7,8 @@ opcache.enable=1
 opcache.enable_cli=1
 opcache.validate_timestamps=1
 opcache.revalidate_freq=0
 log_errors=On
 error_log=/var/www/html/var/log/errorlog_php.log
 session.gc_maxlifetime=1440
 session.cookie_lifetime=0
--- a/docker/restart.sh
+++ b/docker/restart.sh
@@ -0,0 +1,29 @@
 #!/usr/bin/env bash
 set -euo pipefail
 # Script to completely restart the project as requested
 # Can be run from any directory
 DOCKER_DIR=$(cd "$(dirname "$0")" && pwd)
 ROOT_DIR=$(cd "$DOCKER_DIR/.." && pwd)
 echo "Stopping and removing containers..."
 (cd "$DOCKER_DIR" && docker compose -f compose.yaml -f compose.override.yaml down -v --remove-orphans) || true
 docker network rm escapepage_network || true
 docker network rm $(docker network ls -q --filter name=escapepage) || true
 docker network prune -f || true
 docker rm -f escapepage-db escapepage-php escapepage-nginx escapepage-mercure escapepage-mailer escapepage-php-worker || true
 docker system prune -f || true
 echo "Clearing Docker build cache..."
 docker builder prune -af
 echo "Setting permissions for var/volumes/db and var directories..."
 sudo chown -R 1000:1000 "$ROOT_DIR/var/volumes/db" || true
 sudo chmod -R 777 "$ROOT_DIR/var/volumes/db" || true
 sudo mkdir -p "$ROOT_DIR/var/cache" "$ROOT_DIR/var/log" "$ROOT_DIR/var/sessions"
 sudo chown -R 1000:1000 "$ROOT_DIR/var" || true
 sudo chmod -R 777 "$ROOT_DIR/var" || true
 echo "Running setup script..."
 "$DOCKER_DIR/setup.sh" --no-build
--- a/docker/setup.sh
+++ b/docker/setup.sh
@@ -17,18 +17,18 @@ set -euo pipefail
 ROOT_DIR=$(cd "$(dirname "$0")"/.. && pwd)
 DOCKER_DIR="$ROOT_DIR/docker"
-# Determine the docker compose command (V2 'docker compose' or V1 'docker-compose')
+# Determine the docker-compose command
 if docker compose version >/dev/null 2>&1; then
  DOCKER_COMPOSE="docker compose"
 elif command -v docker-compose >/dev/null 2>&1; then
  DOCKER_COMPOSE="docker-compose"
 else
-  echo "Error: Neither 'docker compose' nor 'docker-compose' was found. Please install Docker Compose." >&2
+  echo "Error: Neither 'docker-compose' nor 'docker compose' was found. Please install Docker Compose." >&2
  exit 1
 fi
-# Helper to run docker compose from the docker/ directory
+# Helper to run docker compose from the docker directory
-dc() { (cd "$DOCKER_DIR" && $DOCKER_COMPOSE -f compose.yaml "$@"); }
+dc() { (cd "$DOCKER_DIR" && $DOCKER_COMPOSE -f compose.yaml -f compose.override.yaml --env-file ../.env "$@"); }
 REBUILD=1
 RECREATE=0
@@ -61,7 +61,7 @@ if [ "$RECREATE" -eq 1 ]; then
 fi
 # Start stack
-dc up "${BUILD_ARGS[@]}"
+dc up -d "${BUILD_ARGS[@]}"
 # Helper to run commands in php container
 pexec() { dc exec -T php "$@"; }
@@ -104,9 +104,17 @@ fi
 # Prepare DB
 echo "Creating database if it doesn't exist..."
-pexec php bin/console doctrine:database:create --if-not-exists
+if ! pexec php bin/console doctrine:database:create --if-not-exists; then
  echo "Error: Database creation failed. Check Docker logs for details." >&2
  dc logs database
  exit 1
 fi
 echo "Running migrations..."
-pexec php bin/console doctrine:migrations:migrate -n
+if ! pexec php bin/console doctrine:migrations:migrate -n; then
  echo "Error: Migrations failed." >&2
  exit 1
 fi
 # Import JS deps (Importmap/Asset Mapper)
 if [ -f "$ROOT_DIR/importmap.php" ]; then
--- a/migrations/Version20260117143000.php
+++ b/migrations/Version20260117143000.php
@@ -0,0 +1,31 @@
 <?php
 declare(strict_types=1);
 namespace DoctrineMigrations;
 use Doctrine\DBAL\Schema\Schema;
 use Doctrine\Migrations\AbstractMigration;
 /**
 * Auto-generated Migration: Please modify to your needs!
 */
 final class Version20260117143000 extends AbstractMigration
 {
    public function getDescription(): string
    {
        return 'Make player.screen nullable';
    }
    public function up(Schema $schema): void
    {
        // this up() migration is auto-generated, please modify it to your needs
        $this->addSql('ALTER TABLE player CHANGE screen screen INT DEFAULT NULL');
    }
    public function down(Schema $schema): void
    {
        // this down() migration is auto-generated, please modify it to your needs
        $this->addSql('ALTER TABLE player CHANGE screen screen INT NOT NULL');
    }
 }
--- a/public/index.php
+++ b/public/index.php
@@ -1,9 +1,18 @@
 <?php
 use App\Kernel;
 use Symfony\Component\HttpFoundation\Request;
 require_once dirname(__DIR__).'/vendor/autoload_runtime.php';
 return function (array $context) {
    if ($trustedProxies = $context['TRUSTED_PROXIES'] ?? $_ENV['TRUSTED_PROXIES'] ?? false) {
        Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PREFIX);
    }
    if ($trustedHosts = $context['TRUSTED_HOSTS'] ?? $_ENV['TRUSTED_HOSTS'] ?? false) {
        Request::setTrustedHosts([$trustedHosts]);
    }
    return new Kernel($context['APP_ENV'], (bool) $context['APP_DEBUG']);
 };
--- a/src/Game/Controller/GameAdminController.php
+++ b/src/Game/Controller/GameAdminController.php
@@ -0,0 +1,63 @@
 <?php
 declare(strict_types=1);
 namespace App\Game\Controller;
 use App\Game\Entity\Session;
 use App\Game\Repository\SessionRepository;
 use App\Tech\Repository\UserRepository;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
 #[Route('/admin')]
 #[IsGranted('ROLE_ADMIN')]
 final class GameAdminController extends AbstractController
 {
    public function __construct(
        #[Autowire('%kernel.project_dir%')]
        private string $projectDir
    ) {
    }
    #[Route('', name: 'game_admin_dashboard', methods: ['GET'])]
    public function index(
        UserRepository $userRepository,
        SessionRepository $sessionRepository
    ): Response {
        $players = $userRepository->findByRole('ROLE_PLAYER');
        $sessions = $sessionRepository->findAll();
        return $this->render('game/admin/index.html.twig', [
            'players' => $players,
            'sessions' => $sessions,
        ]);
    }
    #[Route('/session/{session}', name: 'game_admin_view_session', methods: ['GET'])]
    public function viewSession(Session $session): Response
    {
        $playersLogs = [];
        foreach ($session->getPlayers() as $player) {
            $username = $player->getUser()->getUsername();
            $logFile = $this->projectDir . '/var/log/sessions/' . $session->getId() . '/' . $username . '.txt';
            $logs = '';
            if (file_exists($logFile)) {
                $logs = file_get_contents($logFile);
            }
            $playersLogs[] = [
                'username' => $username,
                'logs' => $logs,
            ];
        }
        return $this->render('game/admin/session.html.twig', [
            'session' => $session,
            'playersLogs' => $playersLogs,
        ]);
    }
 }
--- a/src/Game/Controller/GameApiController.php
+++ b/src/Game/Controller/GameApiController.php
@@ -3,7 +3,10 @@ declare(strict_types=1);
 namespace App\Game\Controller;
 use App\Game\Entity\Session;
 use App\Game\Enum\SessionStatus;
 use App\Game\Service\GameResponseService;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -15,7 +18,9 @@ final class GameApiController extends AbstractController
 {
    public function __construct(
-            protected GameResponseService $gameResponseService) {
+            protected GameResponseService $gameResponseService,
            private EntityManagerInterface $entityManager
    ) {
    }
@@ -29,6 +34,30 @@ final class GameApiController extends AbstractController
        ]);
    }
    #[Route('/check-finished/{session}', name: 'check_finished', methods: ['POST'])]
    public function checkFinished(Session $session): JsonResponse
    {
        $now = (new \DateTime())->getTimestamp();
        $isFinished = false;
        if ($session->getStatus() === SessionStatus::PLAYING) {
            if ($session->getTimer() !== null && $now >= $session->getTimer()) {
                $session->setStatus(SessionStatus::LOST);
                $this->entityManager->persist($session);
                $this->entityManager->flush();
                $isFinished = true;
            }
        } elseif ($session->getStatus() === SessionStatus::LOST || $session->getStatus() === SessionStatus::WON) {
            $isFinished = true;
        }
        return $this->json([
            'ok' => true,
            'finished' => $isFinished,
            'status' => $session->getStatus()->value,
        ]);
    }
    #[Route('/message', name: 'message', methods: ['POST'])]
    public function message(Request $request): JsonResponse
    {
--- a/src/Game/Controller/GameController.php
+++ b/src/Game/Controller/GameController.php
@@ -3,10 +3,17 @@ declare(strict_types=1);
 namespace App\Game\Controller;
 use App\Game\Entity\Player;
 use App\Game\Entity\Session;
 use App\Game\Entity\SessionSetting;
 use App\Game\Enum\SessionSettingType;
 use App\Game\Enum\SessionStatus;
 use App\Game\Repository\GameRepository;
 use App\Game\Repository\PlayerRepository;
 use App\Game\Repository\SessionRepository;
 use App\Game\Service\GameDashboardService;
 use App\Tech\Entity\User;
 use App\Game\Service\PlayerService;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Bundle\SecurityBundle\Security;
 use Symfony\Component\HttpFoundation\Request;
@@ -14,9 +21,17 @@ use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
 final class GameController extends AbstractController
 {
    public function __construct(
        #[Autowire('%env(MERCURE_PUBLIC_URL)%')]
        private string $mercurePublicUrl,
        private \Doctrine\ORM\EntityManagerInterface $entityManager
    ) {
    }
    #[Route(path: '', name: 'game_dashboard', methods: ['GET', 'POST'])]
    #[IsGranted(new Expression("is_granted('ROLE_PLAYER') or is_granted('ROLE_ADMIN')"))]
    public function dashboard(
@@ -70,6 +85,17 @@ final class GameController extends AbstractController
                        $this->addFlash('error', 'Could not leave session (game might have started).');
                    }
                }
            } elseif ($request->request->has('start_session')) {
                $sessionId = $request->request->get('session_id');
                $session = $sessionRepository->find($sessionId);
                if ($session) {
                    if ($dashboardService->startSession($session)) {
                        $this->addFlash('success', 'Session started! Screens have been assigned.');
                    } else {
                        $this->addFlash('error', 'Could not start session. Make sure all players have joined.');
                    }
                }
            }
            return $this->redirectToRoute('game_dashboard');
@@ -81,22 +107,125 @@ final class GameController extends AbstractController
        ]);
    }
-    #[Route(path: '/{session}', name: 'game')]
+    #[Route(path: '/{session}', name: 'game', methods: ['GET', 'POST'])]
    #[IsGranted(new Expression("is_granted('ROLE_PLAYER') or is_granted('ROLE_ADMIN')"))]
    #[IsGranted('SESSION_VIEW', subject: 'session')]
    public function index(
        Session $session,
        Request $request,
        Security $security,
-        \App\Game\Repository\PlayerRepository $playerRepository
+        PlayerRepository $playerRepository,
        GameDashboardService $dashboardService
    ): Response
    {
        $user = $security->getUser();
        if (!$user instanceof User) {
            throw $this->createAccessDeniedException();
        }
        $player = $playerRepository->findOneBy(['session' => $session, 'user' => $user]);
        if ($request->isMethod('POST') && $request->request->has('toggle_ready')) {
            $dashboardService->toggleReady($session, $user);
            return $this->redirectToRoute('game', ['session' => $session->getId()]);
        }
        // Periodically check readiness timeout
        $dashboardService->checkAllPlayersReady($session);
        if ($session->getStatus() === SessionStatus::READY) {
            $isReady = false;
            $readyAt = null;
            if ($player) {
                $settingName = SessionSettingType::tryFrom('ReadyAtForPlayer' . $player->getScreen());
                if ($settingName) {
                    $setting = $session->getSettings()->filter(fn(SessionSetting $s) => $s->getName() === $settingName && $s->getPlayer() === $player)->first();
                    if ($setting) {
                        $isReady = true;
                        $readyAt = (int)$setting->getValue();
                    }
                }
            }
            return $this->render('game/waiting.html.twig', [
                'session' => $session,
                'isReady' => $isReady,
                'readyAt' => $readyAt,
                'mercure_public_url' => $this->mercurePublicUrl,
            ]);
        }
        $screen = $player ? $player->getScreen() : 0;
        $session_id = $session->getId();
        return $this->render('game/index.html.twig', [
            'session' => $session,
            'screen' => $screen,
            'session_id' => $session_id,
        ]);
    }
    #[Route(path: '/lost/{session}', name: 'game_lost', methods: ['GET', 'POST'])]
    #[IsGranted(new Expression("is_granted('ROLE_PLAYER') or is_granted('ROLE_ADMIN')"))]
    #[IsGranted('SESSION_VIEW', subject: 'session')]
    public function lost(
        Session $session,
        Request $request,
        Security $security,
        PlayerService $playerService,
        GameDashboardService $dashboardService
    ): Response {
        /** @var User $user */
        $user = $security->getUser();
        $player = $playerService->GetCurrentlyActiveAsPlayer($user);
        if ($request->isMethod('POST')) {
            $difficulty = $request->request->get('difficulty');
            $entertaining = $request->request->get('entertaining');
            $theme = $request->request->get('theme');
            $feedback = $request->request->get('feedback');
            // Save feedback
            if ($player) {
                $this->saveFeedback($session, $player, $difficulty, $entertaining, $theme, $feedback);
                $this->addFlash('success', 'Thank you for your feedback!');
                return $this->redirectToRoute('game_dashboard');
            }
        }
        return $this->render('game/lost.html.twig', [
            'session' => $session,
        ]);
    }
    private function saveFeedback(Session $session, Player $player, $difficulty, $entertaining, $theme, $feedback): void
    {
        $settings = [
            SessionSettingType::FEEDBACK_DIFFICULTY,
            SessionSettingType::FEEDBACK_ENTERTAINING,
            SessionSettingType::FEEDBACK_THEME,
            SessionSettingType::FEEDBACK_TEXT,
        ];
        $values = [
            $difficulty,
            $entertaining,
            $theme,
            $feedback,
        ];
        foreach ($settings as $index => $type) {
            $value = $values[$index];
            if ($value === null || $value === '') continue;
            $setting = new SessionSetting();
            $setting->setSession($session);
            $setting->setPlayer($player);
            $setting->setName($type);
            $setting->setValue((string)$value);
            $this->entityManager->persist($setting);
        }
        $this->entityManager->flush();
    }
 }
--- a/src/Game/Entity/Player.php
+++ b/src/Game/Entity/Player.php
@@ -23,7 +23,7 @@ class Player
    #[ORM\JoinColumn(nullable: false)]
    private ?User $user = null;
-    #[ORM\Column]
+    #[ORM\Column(nullable: true)]
    private ?int $screen = null;
    public function getId(): ?int
@@ -60,7 +60,7 @@ class Player
        return $this->screen;
    }
-    public function setScreen(int $screen): static
+    public function setScreen(?int $screen): static
    {
        $this->screen = $screen;
--- a/src/Game/Enum/SessionSettingType.php
+++ b/src/Game/Enum/SessionSettingType.php
@@ -7,19 +7,71 @@ enum SessionSettingType: string
    case PWD_FOR_PLAYER1 = 'PwdForPlayer1';
    case PWD_FOR_PLAYER2 = 'PwdForPlayer2';
    case PWD_FOR_PLAYER3 = 'PwdForPlayer3';
    case PWD_FOR_PLAYER4 = 'PwdForPlayer4';
    case PWD_FOR_PLAYER5 = 'PwdForPlayer5';
    case PWD_FOR_PLAYER6 = 'PwdForPlayer6';
    case PWD_FOR_PLAYER7 = 'PwdForPlayer7';
    case PWD_FOR_PLAYER8 = 'PwdForPlayer8';
    case PWD_FOR_PLAYER9 = 'PwdForPlayer9';
    case PWD_FOR_PLAYER10 = 'PwdForPlayer10';
    case RIGHTS_FOR_PLAYER1 = 'RightsForPlayer1';
    case RIGHTS_FOR_PLAYER2 = 'RightsForPlayer2';
    case RIGHTS_FOR_PLAYER3 = 'RightsForPlayer3';
    case RIGHTS_FOR_PLAYER4 = 'RightsForPlayer4';
    case RIGHTS_FOR_PLAYER5 = 'RightsForPlayer5';
    case RIGHTS_FOR_PLAYER6 = 'RightsForPlayer6';
    case RIGHTS_FOR_PLAYER7 = 'RightsForPlayer7';
    case RIGHTS_FOR_PLAYER8 = 'RightsForPlayer8';
    case RIGHTS_FOR_PLAYER9 = 'RightsForPlayer9';
    case RIGHTS_FOR_PLAYER10 = 'RightsForPlayer10';
    case INVITE_CODE = 'InviteCode';
    case SET_OF_DELETED_FILES = 'SetOfDeletedFiles';
    case CHAT_TRACKING_FOR_PLAYER1 = 'ChatTrackingForPlayer1';
    case CHAT_TRACKING_FOR_PLAYER2 = 'ChatTrackingForPlayer2';
    case CHAT_TRACKING_FOR_PLAYER3 = 'ChatTrackingForPlayer3';
    case CHAT_TRACKING_FOR_PLAYER4 = 'ChatTrackingForPlayer4';
    case CHAT_TRACKING_FOR_PLAYER5 = 'ChatTrackingForPlayer5';
    case CHAT_TRACKING_FOR_PLAYER6 = 'ChatTrackingForPlayer6';
    case CHAT_TRACKING_FOR_PLAYER7 = 'ChatTrackingForPlayer7';
    case CHAT_TRACKING_FOR_PLAYER8 = 'ChatTrackingForPlayer8';
    case CHAT_TRACKING_FOR_PLAYER9 = 'ChatTrackingForPlayer9';
    case CHAT_TRACKING_FOR_PLAYER10 = 'ChatTrackingForPlayer10';
    case VERIFY_CODES_FOR_PLAYER1 = 'VerifyCodesForPlayer1';
    case VERIFY_CODES_FOR_PLAYER2 = 'VerifyCodesForPlayer2';
    case VERIFY_CODES_FOR_PLAYER3 = 'VerifyCodesForPlayer3';
    case VERIFY_CODES_FOR_PLAYER4 = 'VerifyCodesForPlayer4';
    case VERIFY_CODES_FOR_PLAYER5 = 'VerifyCodesForPlayer5';
    case VERIFY_CODES_FOR_PLAYER6 = 'VerifyCodesForPlayer6';
    case VERIFY_CODES_FOR_PLAYER7 = 'VerifyCodesForPlayer7';
    case VERIFY_CODES_FOR_PLAYER8 = 'VerifyCodesForPlayer8';
    case VERIFY_CODES_FOR_PLAYER9 = 'VerifyCodesForPlayer9';
    case VERIFY_CODES_FOR_PLAYER10 = 'VerifyCodesForPlayer10';
    case VERIFICATION_PROGRESS_FOR_PLAYER1 = 'VerificationProgressForPlayer1';
    case VERIFICATION_PROGRESS_FOR_PLAYER2 = 'VerificationProgressForPlayer2';
    case VERIFICATION_PROGRESS_FOR_PLAYER3 = 'VerificationProgressForPlayer3';
    case VERIFICATION_PROGRESS_FOR_PLAYER4 = 'VerificationProgressForPlayer4';
    case VERIFICATION_PROGRESS_FOR_PLAYER5 = 'VerificationProgressForPlayer5';
    case VERIFICATION_PROGRESS_FOR_PLAYER6 = 'VerificationProgressForPlayer6';
    case VERIFICATION_PROGRESS_FOR_PLAYER7 = 'VerificationProgressForPlayer7';
    case VERIFICATION_PROGRESS_FOR_PLAYER8 = 'VerificationProgressForPlayer8';
    case VERIFICATION_PROGRESS_FOR_PLAYER9 = 'VerificationProgressForPlayer9';
    case VERIFICATION_PROGRESS_FOR_PLAYER10 = 'VerificationProgressForPlayer10';
    case EVERYONE_VERIFIED = 'EveryoneVerified';
    case SPECIAL_REPORT_CODE_DOYLE = 'SpecialReportCodeDoyle';
    case SPECIAL_REPORT_CODE_VEGA = 'SpecialReportCodeVega';
    case SPECIAL_REPORT_CODE_LENNOX = 'SpecialReportCodeLennox';
    case READY_AT_FOR_PLAYER1 = 'ReadyAtForPlayer1';
    case READY_AT_FOR_PLAYER2 = 'ReadyAtForPlayer2';
    case READY_AT_FOR_PLAYER3 = 'ReadyAtForPlayer3';
    case READY_AT_FOR_PLAYER4 = 'ReadyAtForPlayer4';
    case READY_AT_FOR_PLAYER5 = 'ReadyAtForPlayer5';
    case READY_AT_FOR_PLAYER6 = 'ReadyAtForPlayer6';
    case READY_AT_FOR_PLAYER7 = 'ReadyAtForPlayer7';
    case READY_AT_FOR_PLAYER8 = 'ReadyAtForPlayer8';
    case READY_AT_FOR_PLAYER9 = 'ReadyAtForPlayer9';
    case READY_AT_FOR_PLAYER10 = 'ReadyAtForPlayer10';
    case FEEDBACK_DIFFICULTY = 'FeedbackDifficulty';
    case FEEDBACK_ENTERTAINING = 'FeedbackEntertaining';
    case FEEDBACK_THEME = 'FeedbackTheme';
    case FEEDBACK_TEXT = 'FeedbackText';
 }
--- a/src/Game/Service/GameDashboardService.php
+++ b/src/Game/Service/GameDashboardService.php
@@ -15,6 +15,9 @@ use App\Game\Repository\SessionRepository;
 use App\Tech\Entity\User;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Mercure\HubInterface;
 use Symfony\Component\Mercure\Update;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
 final class GameDashboardService
 {
@@ -22,6 +25,9 @@ final class GameDashboardService
        private readonly GameRepository $gameRepository,
        private readonly SessionRepository $sessionRepository,
        private readonly EntityManagerInterface $entityManager,
        private readonly HubInterface $hub,
        #[Autowire('%env(MERCURE_TOPIC_BASE)%')]
        private readonly string $mercureTopicBase,
    ) {
    }
@@ -66,16 +72,17 @@ final class GameDashboardService
        $player = new Player();
        $player->setUser($user);
-        $player->setSession($session);
+        $session->addPlayer($player);
        $player->setScreen(1);
        $this->entityManager->persist($session);
        $this->entityManager->persist($player);
        $this->initializePlayerSettings($player);
        $this->entityManager->flush();
        if (count($session->getPlayers()) === $session->getGame()->getNumberOfPlayers()) {
            $this->startSession($session);
        }
        return $session;
    }
@@ -104,20 +111,22 @@ final class GameDashboardService
        }
        $playerCount = count($session->getPlayers());
-        if ($playerCount >= 3) {
+        if ($playerCount >= $session->getGame()->getNumberOfPlayers()) {
            return false; // Session full
        }
        $player = new Player();
        $player->setUser($user);
-        $player->setSession($session);
+        $session->addPlayer($player);
        $player->setScreen($playerCount + 1);
        $this->entityManager->persist($player);
        $this->initializePlayerSettings($player);
        $this->entityManager->flush();
        if (count($session->getPlayers()) === $session->getGame()->getNumberOfPlayers()) {
            $this->startSession($session);
        }
        return true;
    }
@@ -127,7 +136,7 @@ final class GameDashboardService
            return false;
        }
-        if ($session->getStatus() !== SessionStatus::CREATED || $session->getTimer() > 0) {
+        if (!in_array($session->getStatus(), [SessionStatus::CREATED, SessionStatus::READY]) || $session->getTimer() > 0) {
            return false;
        }
@@ -143,6 +152,14 @@ final class GameDashboardService
            return false;
        }
        if ($session->getStatus() === SessionStatus::READY) {
            $session->setStatus(SessionStatus::CREATED);
            // Clear assignments for all remaining players since the game needs to be "started" again
            foreach ($session->getPlayers() as $player) {
                $player->setScreen(null);
            }
        }
        // Remove player specific settings (like rights)
        foreach ($session->getSettings() as $setting) {
            if ($setting->getPlayer() === $playerToDelete) {
@@ -170,12 +187,7 @@ final class GameDashboardService
    private function initializePlayerSettings(Player $player): void
    {
        $screen = $player->getScreen();
-        $rightsSettingName = match ($screen) {
+        $rightsSettingName = SessionSettingType::tryFrom('RightsForPlayer' . $screen);
            1 => SessionSettingType::RIGHTS_FOR_PLAYER1,
            2 => SessionSettingType::RIGHTS_FOR_PLAYER2,
            3 => SessionSettingType::RIGHTS_FOR_PLAYER3,
            default => null,
        };
        if ($rightsSettingName) {
            $setting = new SessionSetting();
@@ -186,28 +198,18 @@ final class GameDashboardService
            $this->entityManager->persist($setting);
        }
-        $pwdSettingName = match ($screen) {
+        $pwdSettingName = SessionSettingType::tryFrom('PwdForPlayer' . $screen);
            1 => SessionSettingType::PWD_FOR_PLAYER1,
            2 => SessionSettingType::PWD_FOR_PLAYER2,
            3 => SessionSettingType::PWD_FOR_PLAYER3,
            default => null,
        };
        if ($pwdSettingName) {
            $setting = new SessionSetting();
            $setting->setSession($player->getSession());
            $setting->setPlayer($player);
            $setting->setName($pwdSettingName);
-            $setting->setValue('home/' . $player->getUser()->getUserIdentifier());
+            $setting->setValue('var/home/' . $player->getUser()->getUsername());
            $this->entityManager->persist($setting);
        }
-        $chatTrackingSettingName = match ($screen) {
+        $chatTrackingSettingName = SessionSettingType::tryFrom('ChatTrackingForPlayer' . $screen);
            1 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER1,
            2 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER2,
            3 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER3,
            default => null,
        };
        if ($chatTrackingSettingName) {
            $setting = new SessionSetting();
@@ -218,16 +220,12 @@ final class GameDashboardService
            $this->entityManager->persist($setting);
        }
-        $verifyCodesSettingName = match ($screen) {
+        $verifyCodesSettingName = SessionSettingType::tryFrom('VerifyCodesForPlayer' . $screen);
            1 => SessionSettingType::VERIFY_CODES_FOR_PLAYER1,
            2 => SessionSettingType::VERIFY_CODES_FOR_PLAYER2,
            3 => SessionSettingType::VERIFY_CODES_FOR_PLAYER3,
            default => null,
        };
        if ($verifyCodesSettingName) {
            $codes = [];
-            for ($i = 1; $i <= 3; $i++) {
+            $numPlayers = $player->getSession()->getGame()->getNumberOfPlayers();
            for ($i = 1; $i <= $numPlayers; $i++) {
                if ($i !== $screen) {
                    $codes[$i] = bin2hex(random_bytes(3)); // 6 characters code
                }
@@ -241,12 +239,7 @@ final class GameDashboardService
            $this->entityManager->persist($setting);
        }
-        $verificationProgressSettingName = match ($screen) {
+        $verificationProgressSettingName = SessionSettingType::tryFrom('VerificationProgressForPlayer' . $screen);
            1 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER1,
            2 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER2,
            3 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER3,
            default => null,
        };
        if ($verificationProgressSettingName) {
            $setting = new SessionSetting();
@@ -258,6 +251,179 @@ final class GameDashboardService
        }
    }
    public function startSession(Session $session): bool
    {
        if ($session->getStatus() !== SessionStatus::CREATED) {
            return false;
        }
        $players = $session->getPlayers()->toArray();
        if (count($players) < $session->getGame()->getNumberOfPlayers()) {
            return false;
        }
        // Clean up any existing assignments (e.g. if we reverted from READY to CREATED)
        foreach ($session->getSettings() as $setting) {
            if ($setting->getPlayer() !== null) {
                $session->removeSetting($setting);
                $this->entityManager->remove($setting);
            }
        }
        // Shuffle players to assign random screens
        shuffle($players);
        foreach ($players as $index => $player) {
            $screen = $index + 1;
            $player->setScreen($screen);
            $this->initializePlayerSettings($player);
            $this->entityManager->persist($player);
        }
        $session->setStatus(SessionStatus::READY);
        $this->entityManager->persist($session);
        $this->entityManager->flush();
        return true;
    }
    public function toggleReady(Session $session, User $user): bool
    {
        if ($session->getStatus() !== SessionStatus::READY) {
            return false;
        }
        $player = null;
        foreach ($session->getPlayers() as $p) {
            if ($p->getUser() === $user) {
                $player = $p;
                break;
            }
        }
        if (!$player) {
            return false;
        }
        $settingName = SessionSettingType::tryFrom('ReadyAtForPlayer' . $player->getScreen());
        if (!$settingName) {
            return false;
        }
        /** @var \App\Game\Repository\SessionSettingRepository $settingRepo */
        $settingRepo = $this->entityManager->getRepository(SessionSetting::class);
        $setting = $settingRepo->getSetting($session, $settingName, $player);
        if ($setting) {
            $session->removeSetting($setting);
            $this->entityManager->remove($setting);
        } else {
            $setting = new SessionSetting();
            $setting->setSession($session);
            $setting->setPlayer($player);
            $setting->setName($settingName);
            $setting->setValue((string)(new \DateTime())->getTimestamp());
            $this->entityManager->persist($setting);
        }
        $this->checkAllPlayersReady($session);
        $this->entityManager->flush();
        try {
            $topic = $this->mercureTopicBase . '/game/hub-' . $session->getId();
            $this->hub->publish(new Update($topic, json_encode(['type' => 'player_ready', 'player' => $player->getScreen(), 'ready' => !$setting])));
        } catch (\Exception $e) {
            // Mercure might be down, but we don't want to crash the game
        }
        return true;
    }
    public function checkAllPlayersReady(Session $session): void
    {
        if ($session->getStatus() !== SessionStatus::READY) {
            return;
        }
        $players = $session->getPlayers();
        $numPlayers = $session->getGame()->getNumberOfPlayers();
        if (count($players) < $numPlayers) {
            return;
        }
        $readyPlayersCount = 0;
        $now = new \DateTime();
        $anyReset = false;
        /** @var \App\Game\Repository\SessionSettingRepository $settingRepo */
        $settingRepo = $this->entityManager->getRepository(SessionSetting::class);
        foreach ($players as $player) {
            $settingName = SessionSettingType::tryFrom('ReadyAtForPlayer' . $player->getScreen());
            if (!$settingName) {
                continue;
            }
            $setting = $settingRepo->getSetting($session, $settingName, $player);
            if ($setting) {
                $readyAtTimestamp = (int)$setting->getValue();
                // Check timeout: 1 minute = 60 seconds
                if (($now->getTimestamp() - $readyAtTimestamp) > 60) {
                    $session->removeSetting($setting);
                    $this->entityManager->remove($setting);
                    $anyReset = true;
                } else {
                    $readyPlayersCount++;
                }
            }
        }
        if ($anyReset) {
            $this->entityManager->flush();
            try {
                $topic = $this->mercureTopicBase . '/game/hub-' . $session->getId();
                $this->hub->publish(new Update($topic, json_encode(['type' => 'player_ready'])));
            } catch (\Exception $e) {
                // Mercure might be down
            }
        }
        if ($readyPlayersCount === $numPlayers) {
            $session->setStatus(SessionStatus::PLAYING);
            // Set the end timer
            $game = $session->getGame();
            /** @var \App\Game\Repository\GameSettingRepository $gameSettingRepo */
            $gameSettingRepo = $this->entityManager->getRepository(\App\Game\Entity\GameSetting::class);
            $totalTimeSetting = $gameSettingRepo->getSetting($game, \App\Game\Enum\GameSettingType::TOTAL_TIME);
            $totalTime = $totalTimeSetting ? (int)$totalTimeSetting->getValue() : 3600; // Default to 60 minutes if not set
            $session->setTimer((new \DateTime())->getTimestamp() + $totalTime);
            $this->entityManager->persist($session);
            // Clean up ready settings
            foreach ($players as $player) {
                $settingName = SessionSettingType::tryFrom('ReadyAtForPlayer' . $player->getScreen());
                if ($settingName) {
                    $setting = $settingRepo->getSetting($session, $settingName, $player);
                    if ($setting) {
                        $session->removeSetting($setting);
                        $this->entityManager->remove($setting);
                    }
                }
            }
            try {
                $topic = $this->mercureTopicBase . '/game/hub-' . $session->getId();
                $this->hub->publish(new Update($topic, json_encode(['type' => 'all_ready'])));
            } catch (\Exception $e) {
                // Mercure might be down, but we don't want to crash the game
            }
        }
    }
    public function generateInviteCode(Session $session, UserInterface $user, bool $isAdmin): ?string
    {
        // Security check: is user part of this session?
--- a/src/Game/Service/GameResponseService.php
+++ b/src/Game/Service/GameResponseService.php
@@ -12,6 +12,7 @@ use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bundle\SecurityBundle\Security;
 use Symfony\Component\Mercure\HubInterface;
 use Symfony\Component\Mercure\Update;
 use Symfony\Component\DependencyInjection\Attribute\Autowire;
 class GameResponseService
 {
@@ -21,6 +22,9 @@ class GameResponseService
        private SessionSettingRepository $sessionSettingRepository,
        private HubInterface $hub,
        private EntityManagerInterface $entityManager,
        private string $projectDir,
        #[Autowire('%env(MERCURE_TOPIC_BASE)%')]
        private string $mercureTopicBase,
    ) {
    }
@@ -44,7 +48,7 @@ class GameResponseService
        if(!$player)
            return ['error' => 'You are not in a game.'];
-        // TODO: Here i need to add a message handler to save the message in a big log.
+        $this->logSessionActivity($player, 'PLAYER: ' . $message);
        $data = [];
@@ -54,17 +58,46 @@ class GameResponseService
            $data = $this->checkConsoleCommando($message, $player);
        }
        $responseLog = '';
        if (isset($data['result']) && is_array($data['result'])) {
            foreach ($data['result'] as $line) {
                if (is_array($line)) {
                    $responseLog .= json_encode($line) . "\n";
                } elseif (is_string($line) || is_numeric($line)) {
                    $responseLog .= (string)$line . "\n";
                }
            }
        } elseif (isset($data['error'])) {
            $responseLog = 'ERROR: ' . $data['error'];
        }
        if ($responseLog !== '') {
            $this->logSessionActivity($player, 'SERVER: ' . trim($responseLog));
        }
        return $data;
    }
    private function logSessionActivity(Player $player, string $content): void
    {
        $sessionId = $player->getSession()->getId();
        $username = $player->getUser()->getUsername();
        $logDir = $this->projectDir . '/var/log/sessions/' . $sessionId;
        if (!is_dir($logDir)) {
            mkdir($logDir, 0777, true);
        }
        $logFile = $logDir . '/' . $username . '.txt';
        $timestamp = date('Y-m-d H:i:s');
        $logMessage = sprintf("[%s] %s\n", $timestamp, $content);
        file_put_contents($logFile, $logMessage, FILE_APPEND);
    }
    private function getRechten(Player $player): array
    {
-        $settingName = match($player->getScreen()) {
+        $settingName = SessionSettingType::tryFrom('RightsForPlayer' . $player->getScreen());
            1 => SessionSettingType::RIGHTS_FOR_PLAYER1,
            2 => SessionSettingType::RIGHTS_FOR_PLAYER2,
            3 => SessionSettingType::RIGHTS_FOR_PLAYER3,
            default => null,
        };
        if (!$settingName) {
            return [];
@@ -138,6 +171,15 @@ class GameResponseService
                $this->playerService->saveCurrentPwdOfPlayer($player, $newLocation);
                return ['result' => ['Path: ' . $newLocation]];
            case 'cat':
                if(!in_array('cat', $rechten))
                    return ['result' => ['Unknown command']];
                $pwd = $this->playerService->getCurrentPwdOfPlayer($player);
                $fileContent = $this->getFileContent($player, $pwd.'/'.$messagePart[1]);
                return ['result' => $fileContent];
            case 'pwd':
                if(!in_array('pwd', $rechten))
                    return ['result' => ['Unknown command']];
@@ -269,7 +311,7 @@ class GameResponseService
        if (isset($messageParts[1]) &&
                is_numeric($messageParts[1]) &&
                $messageParts[1] >= 1 &&
-                $messageParts[1] <= 3) {
+                $messageParts[1] <= $player->getSession()->getGame()->getNumberOfPlayers()) {
            $toSingle = true;
        }
@@ -294,8 +336,12 @@ class GameResponseService
        if(is_null($activeGame))
            return false;
-        $topic = $_ENV['MERCURE_TOPIC_BASE'] . '/game/hub-' . $activeGame;
+        $topic = $this->mercureTopicBase . '/game/hub-' . $activeGame;
-        $this->hub->publish(new Update($topic, json_encode([$sendTo, $message])));
+        try {
            $this->hub->publish(new Update($topic, json_encode([$sendTo, $message])));
        } catch (\Exception $e) {
            // Mercure might be down
        }
        $this->updateChatTracking($player, (int)$sendTo);
@@ -309,12 +355,7 @@ class GameResponseService
        $screen = $player->getScreen();
        $session = $player->getSession();
-        $verifyCodesSettingName = match ($screen) {
+        $verifyCodesSettingName = SessionSettingType::tryFrom('VerifyCodesForPlayer' . $screen);
            1 => SessionSettingType::VERIFY_CODES_FOR_PLAYER1,
            2 => SessionSettingType::VERIFY_CODES_FOR_PLAYER2,
            3 => SessionSettingType::VERIFY_CODES_FOR_PLAYER3,
            default => null,
        };
        if (!$verifyCodesSettingName) {
            return;
@@ -341,10 +382,14 @@ class GameResponseService
            $this->entityManager->flush();
            // Notify the player that their codes have changed
-            $topic = $_ENV['MERCURE_TOPIC_BASE'] . '/game/hub-' . $session->getId();
+            $topic = $this->mercureTopicBase . '/game/hub-' . $session->getId();
            $notification = "Security Alert: One of your verify codes was shared and has been regenerated.";
            // We send it only to this player (screen)
-            $this->hub->publish(new Update($topic, json_encode([$screen, $notification])));
+            try {
                $this->hub->publish(new Update($topic, json_encode([$screen, $notification])));
            } catch (\Exception $e) {
                // Mercure might be down
            }
        }
    }
@@ -354,12 +399,7 @@ class GameResponseService
        if(in_array('verify', $rights))
            return;
-        $trackingSettingName = match ($player->getScreen()) {
+        $trackingSettingName = SessionSettingType::tryFrom('ChatTrackingForPlayer' . $player->getScreen());
            1 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER1,
            2 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER2,
            3 => SessionSettingType::CHAT_TRACKING_FOR_PLAYER3,
            default => null,
        };
        if (!$trackingSettingName) {
            return;
@@ -389,7 +429,8 @@ class GameResponseService
    {
        $screen = $player->getScreen();
        $requiredTargets = [0]; // Everyone
-        for ($i = 1; $i <= 3; $i++) {
+        $numPlayers = $player->getSession()->getGame()->getNumberOfPlayers();
        for ($i = 1; $i <= $numPlayers; $i++) {
            if ($i !== $screen) {
                $requiredTargets[] = $i;
            }
@@ -403,12 +444,7 @@ class GameResponseService
        }
        // Grant verify right
-        $rightsSettingName = match ($screen) {
+        $rightsSettingName = SessionSettingType::tryFrom('RightsForPlayer' . $screen);
            1 => SessionSettingType::RIGHTS_FOR_PLAYER1,
            2 => SessionSettingType::RIGHTS_FOR_PLAYER2,
            3 => SessionSettingType::RIGHTS_FOR_PLAYER3,
            default => null,
        };
        if (!$rightsSettingName) {
            return;
@@ -469,6 +505,30 @@ class GameResponseService
        return $randomString;
    }
    private function generateSpecialCode(int $firstDigit, int $min, int $max): string
    {
        $code = $this->generateRandomString($min, $max);
        // Ensure the first numeric digit is the specified $firstDigit
        $found = false;
        $codeArray = str_split($code);
        for ($i = 0; $i < count($codeArray); $i++) {
            if (ctype_digit($codeArray[$i])) {
                $codeArray[$i] = (string)$firstDigit;
                $found = true;
                break;
            }
        }
        $code = implode('', $codeArray);
        // If no digit was found (highly unlikely given the character set), prepend it
        if (!$found) {
            $code = (string)$firstDigit . substr($code, 1);
        }
        return $code;
    }
    private function handleVerifyMessage(string $message, Player $player) : string
    {
        $messageParts = explode(' ', $message);
@@ -480,12 +540,7 @@ class GameResponseService
        $screen = $player->getScreen();
        $session = $player->getSession();
-        $progressSettingName = match ($screen) {
+        $progressSettingName = SessionSettingType::tryFrom('VerificationProgressForPlayer' . $screen);
            1 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER1,
            2 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER2,
            3 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER3,
            default => null,
        };
        if (!$progressSettingName) {
            return 'Error: Invalid player screen.';
@@ -505,12 +560,7 @@ class GameResponseService
            }
            $otherScreen = $otherPlayer->getScreen();
-            $codesSettingName = match ($otherScreen) {
+            $codesSettingName = SessionSettingType::tryFrom('VerifyCodesForPlayer' . $otherScreen);
                1 => SessionSettingType::VERIFY_CODES_FOR_PLAYER1,
                2 => SessionSettingType::VERIFY_CODES_FOR_PLAYER2,
                3 => SessionSettingType::VERIFY_CODES_FOR_PLAYER3,
                default => null,
            };
            if (!$codesSettingName) {
                continue;
@@ -554,12 +604,7 @@ class GameResponseService
    private function grantVerificationRights(Player $player): void
    {
        $screen = $player->getScreen();
-        $rightsSettingName = match ($screen) {
+        $rightsSettingName = SessionSettingType::tryFrom('RightsForPlayer' . $screen);
            1 => SessionSettingType::RIGHTS_FOR_PLAYER1,
            2 => SessionSettingType::RIGHTS_FOR_PLAYER2,
            3 => SessionSettingType::RIGHTS_FOR_PLAYER3,
            default => null,
        };
        if (!$rightsSettingName) {
            return;
@@ -600,18 +645,18 @@ class GameResponseService
        }
        $allVerified = true;
-        foreach ([1, 2, 3] as $screen) {
+        foreach ($session->getPlayers() as $otherPlayer) {
-            $progressSettingName = match ($screen) {
+            $otherScreen = $otherPlayer->getScreen();
-                1 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER1,
+            $progressSettingName = SessionSettingType::tryFrom('VerificationProgressForPlayer' . $otherScreen);
                2 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER2,
                3 => SessionSettingType::VERIFICATION_PROGRESS_FOR_PLAYER3,
                default => null,
            };
-            $progressSetting = $this->sessionSettingRepository->getSetting($session, $progressSettingName, $player);
+            if (!$progressSettingName) {
                continue;
            }
            $progressSetting = $this->sessionSettingRepository->getSetting($session, $progressSettingName, $otherPlayer);
            $progress = json_decode($progressSetting?->getValue() ?? '[]', true) ?? [];
-            if (count($progress) < 2) {
+            if (count($progress) < $session->getGame()->getNumberOfPlayers() - 1) {
                $allVerified = false;
                break;
            }
@@ -628,9 +673,13 @@ class GameResponseService
            $this->entityManager->persist($everyoneVerifiedSetting);
            $this->entityManager->flush();
-            $topic = $_ENV['MERCURE_TOPIC_BASE'] . '/game/hub-' . $session->getId();
+            $topic = $this->mercureTopicBase . '/game/hub-' . $session->getId();
            $message = "Mainframe Help Modus: Agents Doyle, Vega and Lennox rapports have been updated with coded messages.";
-            $this->hub->publish(new Update($topic, json_encode([0, $message])));
+            try {
                $this->hub->publish(new Update($topic, json_encode([0, $message])));
            } catch (\Exception $e) {
                // Mercure might be down
            }
        }
    }
@@ -693,20 +742,20 @@ class GameResponseService
        $paths[] = '/etc/freak';
        $paths[] = '/etc/host';
-        $paths[] = '/home';
+        $paths[] = '/var/home';
        $playerNames = ['root', 'Luke', 'Charles', 'William', 'Peter'];
        $players = $player->getSession()->getPlayers();
-        foreach($players as $player) {
+        foreach($players as $p) {
-            $playerNames[] = $player->getUser()->getUsername();
+            $playerNames[] = $p->getUser()->getUsername();
        }
        $playerNames = array_unique($playerNames);
        foreach($playerNames as $name) {
-            $paths[] = '/home/' . $name;
+            $paths[] = '/var/home/' . $name;
        }
        return $paths;
@@ -772,12 +821,17 @@ class GameResponseService
        $files[] = '/var/rapports/017_123-88.txt';
        $files[] = '/var/rapports/093_138-24.txt';
        $files[] = '/var/rapports/001_145-93.txt';
        $files[] = '/var/rapports/011_130-62.txt';
        $files[] = '/var/rapports/index.txt';
        if ($player === null) {
            return $files;
        }
        $players = $player->getSession()->getPlayers();
-        foreach($players as $player) {
+        foreach($players as $p) {
-            $files[] = '/var/home/' . $player->getUser()->getUsername() . '/verifyCodes.txt';
+            $files[] = '/var/home/' . $p->getUser()->getUsername() . '/verifyCodes.txt';
        }
        return $files;
@@ -791,7 +845,7 @@ class GameResponseService
        }
        $allPaths = $this->getAllPossiblePaths($player);
-        $allFiles = $this->getAllPossibleFiles();
+        $allFiles = $this->getAllPossibleFiles($player);
        $deletedFiles = $this->playerService->getDeletedFilesOfSession($player);
        $entries = [];
@@ -826,4 +880,144 @@ class GameResponseService
        sort($entries);
        return $entries;
    }
    public function getFileContent(Player $player, string $file) : array
    {
        $allPossibleFiles = $this->getAllPossibleFiles($player);
        if (!in_array($file, $allPossibleFiles)) {
            return ['File does not exist'];
        }
        if (str_ends_with($file, '.sh')) {
            return ['It is not possible to read this file'];
        }
        if (str_ends_with($file, 'verifyCodes.txt')) {
            return $this->readVerificationFile($player, $file);
        }
        $physicalPath = 'assets/game1/filesystem' . $file;
        if (!file_exists($physicalPath)) {
            return ['File does not exist'];
        }
        $content = file($physicalPath);
        if ($content === false) {
            return ['Error reading file'];
        }
        $specialFiles = [
            '/var/rapports/083_25-39.txt' => [
                'setting' => SessionSettingType::SPECIAL_REPORT_CODE_DOYLE,
                'digit' => 1
            ],
            '/var/rapports/019_31-11.txt' => [
                'setting' => SessionSettingType::SPECIAL_REPORT_CODE_VEGA,
                'digit' => 2
            ],
            '/var/rapports/011_130-62.txt' => [
                'setting' => SessionSettingType::SPECIAL_REPORT_CODE_LENNOX,
                'digit' => 3
            ],
        ];
        if (isset($specialFiles[$file])) {
            $everyoneVerifiedSetting = $this->sessionSettingRepository->getSetting($player->getSession(), SessionSettingType::EVERYONE_VERIFIED);
            if ($everyoneVerifiedSetting && $everyoneVerifiedSetting->getValue() === 'true') {
                $settingInfo = $specialFiles[$file];
                $codeSetting = $this->sessionSettingRepository->getSetting($player->getSession(), $settingInfo['setting']);
                if (!$codeSetting) {
                    $codeSetting = new SessionSetting();
                    $codeSetting->setSession($player->getSession());
                    $codeSetting->setName($settingInfo['setting']);
                    $codeSetting->setValue($this->generateSpecialCode($settingInfo['digit'], 75, 100));
                    $this->entityManager->persist($codeSetting);
                    $this->entityManager->flush();
                }
                $specialCode = $codeSetting->getValue();
                $newContent = [];
                foreach ($content as $line) {
                    $newContent[] = $line;
                    if (str_starts_with(trim($line), 'Date:')) {
                        $newContent[] = $specialCode . "\n";
                    }
                }
                $content = $newContent;
            }
        }
        return $content;
    }
    private function readVerificationFile(Player $player, string $file)
    {
        $parts = explode('/', $file);
        $ownerUsername = $parts[3] ?? null;
        $ownerPlayer = null;
        foreach ($player->getSession()->getPlayers() as $p) {
            if ($p->getUser()->getUsername() === $ownerUsername) {
                $ownerPlayer = $p;
                break;
            }
        }
        if (!$ownerPlayer) {
            return 'File does not exist';
        }
        $screen = $ownerPlayer->getScreen();
        $settingName = SessionSettingType::tryFrom('VerifyCodesForPlayer' . $screen);
        if (!$settingName) {
            return 'Error: Invalid player screen.';
        }
        $setting = $this->sessionSettingRepository->getSetting($player->getSession(), $settingName, $ownerPlayer);
        if (!$setting) {
            $setting = new SessionSetting();
            $setting->setSession($player->getSession());
            $setting->setPlayer($ownerPlayer);
            $setting->setName($settingName);
        }
        $codes = json_decode($setting->getValue() ?? '[]', true) ?? [];
        $playerNames = ['Luke', 'Charles', 'William', 'Peter'];
        foreach ($player->getSession()->getPlayers() as $p) {
            $playerNames[] = $p->getUser()->getUsername();
        }
        $playerNames = array_unique($playerNames);
        sort($playerNames);
        $content = [];
        $content[] = "Verification codes:";
        $content[] = "";
        foreach ($playerNames as $name) {
            $key = null;
            foreach ($player->getSession()->getPlayers() as $p) {
                if ($p->getUser()->getUsername() === $name) {
                    $key = (string)$p->getScreen();
                    break;
                }
            }
            if ($key === null) {
                $key = $name;
            }
            if (!isset($codes[$key])) {
                $codes[$key] = bin2hex(random_bytes(3));
            }
            $content[] = $name . ": " . $codes[$key] . "\n";
        }
        return $content;
    }
 }
--- a/src/Game/Service/PlayerService.php
+++ b/src/Game/Service/PlayerService.php
@@ -40,12 +40,7 @@ class PlayerService
    }
    public function getCurrentPwdOfPlayer(Player $player) : ?string {
-        $settingName = match($player->getScreen()) {
+        $settingName = SessionSettingType::tryFrom('PwdForPlayer' . $player->getScreen());
            1 => SessionSettingType::PWD_FOR_PLAYER1,
            2 => SessionSettingType::PWD_FOR_PLAYER2,
            3 => SessionSettingType::PWD_FOR_PLAYER3,
            default => null,
        };
        if (!$settingName) {
            return null;
@@ -57,12 +52,7 @@ class PlayerService
    public function saveCurrentPwdOfPlayer(Player $player, string $newLocation)
    {
-        $settingName = match($player->getScreen()) {
+        $settingName = SessionSettingType::tryFrom('PwdForPlayer' . $player->getScreen());
            1 => SessionSettingType::PWD_FOR_PLAYER1,
            2 => SessionSettingType::PWD_FOR_PLAYER2,
            3 => SessionSettingType::PWD_FOR_PLAYER3,
            default => null,
        };
        if (!$settingName) {
            return;
--- a/src/Tech/Controller/ActivationController.php
+++ b/src/Tech/Controller/ActivationController.php
@@ -31,7 +31,7 @@ class ActivationController extends AbstractController
        try {
            $emailVerifier->handleEmailConfirmation($request, $user);
        } catch (VerifyEmailExceptionInterface $exception) {
-            $this->addFlash('error', $exception->getReason());
+            $this->addFlash('error', $exception->getReason() . ' If the link has expired, you can <a href="' . $this->generateUrl('app_verify_resend_email') . '">request a new one here</a>.');
            return $this->redirectToRoute('app_register');
        }
--- a/src/Tech/Controller/RegistrationController.php
+++ b/src/Tech/Controller/RegistrationController.php
@@ -4,6 +4,8 @@ namespace App\Tech\Controller;
 use App\Tech\Entity\User;
 use App\Tech\Form\RegistrationFormType;
 use App\Tech\Form\ResendVerificationEmailFormType;
 use App\Tech\Repository\UserRepository;
 use App\Tech\Service\EmailVerifier;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bridge\Twig\Mime\TemplatedEmail;
@@ -39,7 +41,7 @@ class RegistrationController extends AbstractController
            // generate a signed url and email it to the user
            $emailVerifier->sendEmailConfirmation('app_verify_email', $user,
                (new TemplatedEmail())
-                    ->from('noreply@escapepage.dev')
+                    ->from($this->getParameter('mailer_from'))
                    ->to($user->getEmail())
                    ->subject('Please Confirm your Email')
                    ->htmlTemplate('tech/registration/confirmation_email.html.twig')
@@ -54,4 +56,41 @@ class RegistrationController extends AbstractController
            'registrationForm' => $form->createView(),
        ]);
    }
    #[Route('/verify/resend', name: 'app_verify_resend_email')]
    public function resendVerificationEmail(Request $request, UserRepository $userRepository, EmailVerifier $emailVerifier): Response
    {
        $form = $this->createForm(ResendVerificationEmailFormType::class);
        $form->handleRequest($request);
        if ($form->isSubmitted() && $form->isValid()) {
            $email = $form->get('email')->getData();
            $user = $userRepository->findOneBy(['email' => $email]);
            if ($user) {
                if (!$user->isVerified()) {
                    $emailVerifier->sendEmailConfirmation('app_verify_email', $user,
                        (new TemplatedEmail())
                            ->from($this->getParameter('mailer_from'))
                            ->to($user->getEmail())
                            ->subject('Please Confirm your Email')
                            ->htmlTemplate('tech/registration/confirmation_email.html.twig')
                    );
                } else {
                    $this->addFlash('info', 'This email address is already verified.');
                    return $this->redirectToRoute('app_login');
                }
            }
            // We show the same success message regardless of whether the user exists or not,
            // to avoid revealing whether an email is registered.
            $this->addFlash('success', 'If an account exists with this email, a new confirmation link has been sent.');
            return $this->redirectToRoute('website_home');
        }
        return $this->render('tech/registration/resend_verification_email.html.twig', [
            'resendForm' => $form->createView(),
        ]);
    }
 }
--- a/src/Tech/Form/ChangePasswordFormType.php
+++ b/src/Tech/Form/ChangePasswordFormType.php
@@ -26,15 +26,13 @@ class ChangePasswordFormType extends AbstractType
                ],
                'first_options' => [
                    'constraints' => [
-                        new NotBlank([
+                        new NotBlank(message: 'Please enter a password'),
-                            'message' => 'Please enter a password',
+                        new Length(
-                        ]),
+                            min: 12,
-                        new Length([
+                            minMessage: 'Your password should be at least {{ limit }} characters',
                            'min' => 12,
                            'minMessage' => 'Your password should be at least {{ limit }} characters',
                            // max length allowed by Symfony for security reasons
-                            'max' => 4096,
+                            max: 4096,
-                        ]),
+                        ),
                        new PasswordStrength(),
                        new NotCompromisedPassword(),
                    ],
--- a/src/Tech/Form/RegistrationFormType.php
+++ b/src/Tech/Form/RegistrationFormType.php
@@ -3,6 +3,8 @@
 namespace App\Tech\Form;
 use App\Tech\Entity\User;
 use Karser\Recaptcha3Bundle\Form\Recaptcha3Type;
 use Karser\Recaptcha3Bundle\Validator\Constraints\Recaptcha3;
 use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\Form\Extension\Core\Type\TextType;
@@ -21,9 +23,7 @@ class RegistrationFormType extends AbstractType
            ->add('email', EmailType::class)
            ->add('username', TextType::class, [
                'constraints' => [
-                    new NotBlank([
+                    new NotBlank(message: 'Please enter a username'),
                        'message' => 'Please enter a username',
                    ]),
                ],
            ])
            ->add('plainPassword', RepeatedType::class, [
@@ -33,17 +33,19 @@ class RegistrationFormType extends AbstractType
                'first_options'  => ['label' => 'Password'],
                'second_options' => ['label' => 'Repeat Password'],
                'constraints' => [
-                    new NotBlank([
+                    new NotBlank(message: 'Please enter a password'),
-                        'message' => 'Please enter a password',
+                    new Length(
-                    ]),
+                        min: 6,
-                    new Length([
+                        minMessage: 'Your password should be at least {{ limit }} characters',
                        'min' => 6,
                        'minMessage' => 'Your password should be at least {{ limit }} characters',
                        // max length allowed by Symfony for security reasons
-                        'max' => 4096,
+                        max: 4096,
-                    ]),
+                    ),
                ],
            ])
            ->add('captcha', Recaptcha3Type::class, [
                'constraints' => new Recaptcha3(),
                'action_name' => 'registration',
            ])
        ;
    }
--- a/src/Tech/Form/ResendVerificationEmailFormType.php
+++ b/src/Tech/Form/ResendVerificationEmailFormType.php
@@ -0,0 +1,34 @@
 <?php
 namespace App\Tech\Form;
 use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\Form\FormBuilderInterface;
 use Symfony\Component\OptionsResolver\OptionsResolver;
 use Symfony\Component\Validator\Constraints\Email;
 use Symfony\Component\Validator\Constraints\NotBlank;
 class ResendVerificationEmailFormType extends AbstractType
 {
    public function buildForm(FormBuilderInterface $builder, array $options): void
    {
        $builder
            ->add('email', EmailType::class, [
                'constraints' => [
                    new NotBlank([
                        'message' => 'Please enter your email',
                    ]),
                    new Email([
                        'message' => 'Please enter a valid email address',
                    ]),
                ],
            ])
        ;
    }
    public function configureOptions(OptionsResolver $resolver): void
    {
        $resolver->setDefaults([]);
    }
 }
--- a/src/Tech/Form/ResetPasswordRequestFormType.php
+++ b/src/Tech/Form/ResetPasswordRequestFormType.php
@@ -16,9 +16,7 @@ class ResetPasswordRequestFormType extends AbstractType
            ->add('email', EmailType::class, [
                'attr' => ['autocomplete' => 'email'],
                'constraints' => [
-                    new NotBlank([
+                    new NotBlank(message: 'Please enter your email'),
                        'message' => 'Please enter your email',
                    ]),
                ],
            ])
        ;
--- a/src/Tech/Repository/UserRepository.php
+++ b/src/Tech/Repository/UserRepository.php
@@ -32,4 +32,16 @@ class UserRepository extends ServiceEntityRepository implements PasswordUpgrader
        $this->getEntityManager()->persist($user);
        $this->getEntityManager()->flush();
    }
    /**
     * @return User[]
     */
    public function findByRole(string $role): array
    {
        return $this->createQueryBuilder('u')
            ->andWhere('u.roles LIKE :role')
            ->setParameter('role', '%"' . $role . '"%')
            ->getQuery()
            ->getResult();
    }
 }
--- a/src/Tech/Service/EmailVerifier.php
+++ b/src/Tech/Service/EmailVerifier.php
@@ -43,7 +43,7 @@ class EmailVerifier
     */
    public function handleEmailConfirmation(Request $request, User $user): void
    {
-        $this->verifyEmailHelper->validateEmailConfirmation($request->getUri(), (string) $user->getId(), $user->getEmail());
+        $this->verifyEmailHelper->validateEmailConfirmationFromRequest($request, (string) $user->getId(), $user->getEmail());
        $user->setIsVerified(true);
--- a/src/Tech/Service/UserChecker.php
+++ b/src/Tech/Service/UserChecker.php
@@ -3,6 +3,7 @@
 namespace App\Tech\Service;
 use App\Tech\Entity\User;
 use Symfony\Component\Security\Core\Exception\AccountStatusException;
 use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
@@ -16,7 +17,7 @@ class UserChecker implements UserCheckerInterface
        }
        if (!$user->isVerified()) {
-            throw new CustomUserMessageAuthenticationException('Your email address is not verified.');
+            throw new CustomUserMessageAuthenticationException('Your email address is not verified.', ['%resend_link%' => '/verify/resend']);
        }
    }
--- a/symfony.lock
+++ b/symfony.lock
@@ -35,6 +35,18 @@
            "migrations/.gitignore"
        ]
    },
    "karser/karser-recaptcha3-bundle": {
        "version": "0.3",
        "recipe": {
            "repo": "github.com/symfony/recipes-contrib",
            "branch": "main",
            "version": "0.1",
            "ref": "c51ce07c10331d506762efe25b6f5843c1a5ea17"
        },
        "files": [
            "./config/packages/karser_recaptcha3.yaml"
        ]
    },
    "phpunit/phpunit": {
        "version": "11.5",
        "recipe": {
--- a/templates/game/admin/index.html.twig
+++ b/templates/game/admin/index.html.twig
@@ -0,0 +1,82 @@
 {% extends 'base.html.twig' %}
 {% block title %}Game Admin Dashboard{% endblock %}
 {% block body %}
    <h1>Game Admin Dashboard</h1>
    <div style="display: flex; gap: 2rem;">
        <div style="flex: 1;">
            <h2>All Players ({{ players|length }})</h2>
            <table style="width: 100%; border-collapse: collapse;">
                <thead>
                    <tr style="background-color: #f2f2f2;">
                        <th>ID</th>
                        <th>Username</th>
                        <th>Email</th>
                        <th>Roles</th>
                        <th>Verified</th>
                    </tr>
                </thead>
                <tbody>
                    {% for player in players %}
                        <tr>
                            <td>{{ player.id }}</td>
                            <td>{{ player.username }}</td>
                            <td>{{ player.email }}</td>
                            <td>{{ player.roles|join(', ') }}</td>
                            <td>{{ player.isVerified ? 'Yes' : 'No' }}</td>
                        </tr>
                    {% else %}
                        <tr>
                            <td colspan="5">No players found.</td>
                        </tr>
                    {% endfor %}
                </tbody>
            </table>
        </div>
        <div style="flex: 2;">
            <h2>All Sessions ({{ sessions|length }})</h2>
            <table style="width: 100%; border-collapse: collapse;">
                <thead>
                    <tr style="background-color: #f2f2f2;">
                        <th>ID</th>
                        <th>Game</th>
                        <th>Status</th>
                        <th>Players Joined</th>
                        <th>Created At</th>
                        <th>Actions</th>
                    </tr>
                </thead>
                <tbody>
                    {% for session in sessions %}
                        <tr>
                            <td>{{ session.id }}</td>
                            <td>{{ session.game.name }}</td>
                            <td>{{ session.status.value }}</td>
                            <td>
                                <ul>
                                    {% for p in session.players %}
                                        <li>{{ p.user.username }} (Screen: {{ p.screen ?? 'N/A' }})</li>
                                    {% else %}
                                        <li>No players</li>
                                    {% endfor %}
                                </ul>
                                ({{ session.players|length }} / {{ session.game.numberOfPlayers }})
                            </td>
                            <td>{{ session.created|date('Y-m-d H:i') }}</td>
                            <td>
                                <a href="{{ path('game_admin_view_session', {session: session.id}) }}">View Game Logs</a>
                            </td>
                        </tr>
                    {% else %}
                        <tr>
                            <td colspan="6">No sessions found.</td>
                        </tr>
                    {% endfor %}
                </tbody>
            </table>
        </div>
    </div>
 {% endblock %}
--- a/templates/game/admin/session.html.twig
+++ b/templates/game/admin/session.html.twig
@@ -0,0 +1,49 @@
 {% extends 'base.html.twig' %}
 {% block title %}View Session Logs - {{ session.id }}{% endblock %}
 {% block body %}
    <h1>Session: {{ session.game.name }} (#{{ session.id }})</h1>
    <p><a href="{{ path('game_admin_dashboard') }}">Back to Dashboard</a></p>
    <div class="tabs">
        <ul style="display: flex; list-style: none; padding: 0; border-bottom: 1px solid #ccc;">
            {% for playerLog in playersLogs %}
                <li style="margin-right: 10px;">
                    <button
                        onclick="openTab(event, 'player-{{ loop.index }}')"
                        class="tablinks {{ loop.first ? 'active' : '' }}"
                        style="padding: 10px; cursor: pointer; border: 1px solid #ccc; border-bottom: none; background: {{ loop.first ? '#eee' : '#fff' }};"
                    >
                        {{ playerLog.username }}
                    </button>
                </li>
            {% endfor %}
        </ul>
    </div>
    {% for playerLog in playersLogs %}
        <div id="player-{{ loop.index }}" class="tabcontent" style="display: {{ loop.first ? 'block' : 'none' }}; border: 1px solid #ccc; border-top: none; padding: 20px;">
            <h3>Logs for {{ playerLog.username }}</h3>
            <pre style="background: #f4f4f4; padding: 15px; overflow-x: auto; white-space: pre-wrap; word-wrap: break-word;">{{ playerLog.logs ?: 'No logs found for this player.' }}</pre>
        </div>
    {% endfor %}
    <script>
        function openTab(evt, playerName) {
            var i, tabcontent, tablinks;
            tabcontent = document.getElementsByClassName("tabcontent");
            for (i = 0; i < tabcontent.length; i++) {
                tabcontent[i].style.display = "none";
            }
            tablinks = document.getElementsByClassName("tablinks");
            for (i = 0; i < tablinks.length; i++) {
                tablinks[i].className = tablinks[i].className.replace(" active", "");
                tablinks[i].style.background = "#fff";
            }
            document.getElementById(playerName).style.display = "block";
            evt.currentTarget.className += " active";
            evt.currentTarget.style.background = "#eee";
        }
    </script>
 {% endblock %}
--- a/templates/game/dashboard.html.twig
+++ b/templates/game/dashboard.html.twig
@@ -5,6 +5,10 @@
 {% block body %}
    <h1>Game Dashboard</h1>
    {% if is_granted('ROLE_ADMIN') %}
        <p><a href="{{ path('game_admin_dashboard') }}">Go to Game Admin Dashboard</a></p>
    {% endif %}
    <h2>Create New Session</h2>
    {% if availableGames is not empty %}
        <form method="post">
@@ -69,11 +73,19 @@
                        </td>
                        <td>
                            <a href="{{ path('game', {session: session.id}) }}">Enter Game</a>
-                            {% if session.status.value == 'created' and session.timer == 0 %}
+                            {% if session.status.value == 'created' %}
-                                <form method="post" style="display:inline;">
+                                {% if session.players|length >= session.game.numberOfPlayers %}
-                                    <input type="hidden" name="session_id" value="{{ session.id }}">
+                                    <form method="post" style="display:inline;">
-                                    <button type="submit" name="leave_session" onclick="return confirm('Are you sure you want to leave this session?')">Leave Session</button>
+                                        <input type="hidden" name="session_id" value="{{ session.id }}">
-                                </form>
+                                        <button type="submit" name="start_session">Start Session</button>
                                    </form>
                                {% endif %}
                                {% if session.timer == 0 %}
                                    <form method="post" style="display:inline;">
                                        <input type="hidden" name="session_id" value="{{ session.id }}">
                                        <button type="submit" name="leave_session" onclick="return confirm('Are you sure you want to leave this session?')">Leave Session</button>
                                    </form>
                                {% endif %}
                            {% endif %}
                        </td>
                    </tr>
--- a/templates/game/index.html.twig
+++ b/templates/game/index.html.twig
@@ -18,12 +18,14 @@
             data-topic="{{ (mercure_topic_base ~ '/game/hub-' ~ session.id)|e('html_attr') }}"
             data-api-ping-url="{{ path('game_api_ping')|e('html_attr') }}"
             data-api-echo-url="{{ path('game_api_message')|e('html_attr') }}"
             data-api-check-finished-url="{{ path('game_api_check_finished', {session: session.id})|e('html_attr') }}"
             data-lost-url="{{ path('game_lost', {session: session.id})|e('html_attr') }}"
             data-screen="{{ screen|e('html_attr') }}"
             style="display:none">
        </div>
-        <div id="game-timer">
+        <div id="game-timer" data-end-time="{{ session.timer }}">
-            00:30:00
+            --:--:--
        </div>
        <div id="message-container">
--- a/templates/game/lost.html.twig
+++ b/templates/game/lost.html.twig
@@ -0,0 +1,127 @@
 {% extends 'base.html.twig' %}
 {% block title %}Game Lost - {{ session.game.name }}{% endblock %}
 {% block stylesheets %}
    {{ parent() }}
    <style>
        body {
            background-color: #1a1a1a;
            color: #e0e0e0;
        }
        .card {
            background-color: #2d2d2d;
            border-color: #444;
            color: #e0e0e0;
        }
        .form-label {
            font-weight: bold;
        }
        .story-container {
            font-style: italic;
            border-left: 4px solid #dc3545;
            padding-left: 20px;
            margin-bottom: 30px;
        }
        .donation-section {
            background-color: #333;
            padding: 20px;
            border-radius: 8px;
            margin-bottom: 30px;
            text-align: center;
        }
        .form-range::-webkit-slider-runnable-track {
            background-color: #444;
        }
        .form-range::-moz-range-track {
            background-color: #444;
        }
        .form-range::-webkit-slider-thumb {
            background-color: #dc3545;
        }
        .form-range::-moz-range-thumb {
            background-color: #dc3545;
        }
    </style>
 {% endblock %}
 {% block body %}
 <div class="container mt-5 mb-5">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <div class="card shadow-lg">
                <div class="card-header bg-danger text-white">
                    <h3 class="card-title mb-0">Game Over - Time's Up!</h3>
                </div>
                <div class="card-body">
                    <h4>{{ session.game.name }}</h4>
                    <hr>
                    <div class="story-container">
                        <p>
                            The screens flickered one last time before going completely dark. The hum of the servers ceased, replaced by an eerie silence.
                            The server seems to have shut itself down before the AI virus could complete its task in decoding the undercover agents.
                        </p>
                        <p>
                            In the days after some people are arrested for sabotaging the agency, but in the end nobody is convicted for the actions.
                            Lets hope the agents which were undercover are safe and the information needed is still saved to put the other criminals behind bars.
                        </p>
                    </div>
                    <div class="donation-section">
                        <h5>Support the Developer</h5>
                        <p>If you enjoyed the experience (even if you lost!), please consider a small donation to help me create more games.</p>
                        <a href="https://www.paypal.com/donate?hosted_button_id=X9X8KB6R6GMRU" target="_blank" class="btn btn-primary">
                            <i class="bi bi-paypal"></i> Donate via PayPal
                        </a>
                    </div>
                    <div class="feedback-form mt-4">
                        <h5>Feedback</h5>
                        <form method="post">
                            <div class="mb-3">
                                <label for="difficulty" class="form-label">How would you rate the difficulty? (<span id="difficulty-val">5</span>/10)</label>
                                <input type="range" class="form-range" min="1" max="10" step="1" id="difficulty" name="difficulty" value="5" oninput="document.getElementById('difficulty-val').innerText = this.value">
                                <div class="d-flex justify-content-between mt-1">
                                    <small class="text-muted">Absolutely not</small>
                                    -
                                    <small class="text-muted">Absolutely</small>
                                </div>
                            </div>
                            <div class="mb-3">
                                <label for="entertaining" class="form-label">How entertaining was it? (<span id="entertaining-val">5</span>/10)</label>
                                <input type="range" class="form-range" min="1" max="10" step="1" id="entertaining" name="entertaining" value="5" oninput="document.getElementById('entertaining-val').innerText = this.value">
                                <div class="d-flex justify-content-between mt-1">
                                    <small class="text-muted">Absolutely not</small>
                                    -
                                    <small class="text-muted">Absolutely</small>
                                </div>
                            </div>
                            <div class="mb-3">
                                <label for="theme" class="form-label">How was the theme? (<span id="theme-val">5</span>/10)</label>
                                <input type="range" class="form-range" min="1" max="10" step="1" id="theme" name="theme" value="5" oninput="document.getElementById('theme-val').innerText = this.value">
                                <div class="d-flex justify-content-between mt-1">
                                    <small class="text-muted">Absolutely not</small>
                                    -
                                    <small class="text-muted">Absolutely</small>
                                </div>
                            </div>
                            <div class="mb-3">
                                <label for="feedback" class="form-label">Additional Feedback</label>
                                <textarea class="form-control" id="feedback" name="feedback" rows="4" placeholder="Tell us more about your experience..."></textarea>
                            </div>
                            <div class="d-grid gap-2">
                                <button type="submit" class="btn btn-success">Submit Feedback & Return to Dashboard</button>
                            </div>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </div>
 </div>
 {% endblock %}
--- a/templates/game/waiting.html.twig
+++ b/templates/game/waiting.html.twig
@@ -0,0 +1,125 @@
 {% extends 'base.html.twig' %}
 {% block title %}Waiting for players - {{ session.game.name }}{% endblock %}
 {% block body %}
 <div class="container mt-5">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <div class="card shadow-sm">
                <div class="card-header bg-primary text-white">
                    <h3 class="card-title mb-0">Waiting for all players to be ready</h3>
                </div>
                <div class="card-body">
                    <h4>{{ session.game.name }}</h4>
                    <p>Welcome to the game! Please wait for all players to join and signal they are ready to start.</p>
                    <div class="game-info">
                        Please keep the following things in mind:
                        <ul>
                            <li>This game is best played in full screen mode. For windows, press F11. For Mac, press Cmd+Ctrl+F.</li>
                            <li>There is no need to reload the page. There is even a chance this could break the game.</li>
                            <li>If your internet connection is lost, you can get back in the game after internet has been fixed.</li>
                        </ul>
                    </div>
                    <div class="alert alert-info">
                        <strong>Game Information:</strong>
                        <ul class="mb-0">
                            <li>Number of players: {{ session.game.numberOfPlayers }}</li>
                            <li>Current players: {{ session.players|length }} / {{ session.game.numberOfPlayers }}</li>
                        </ul>
                    </div>
                    <div class="mt-4">
                        <h5>Players status:</h5>
                        <ul class="list-group">
                            {% for player in session.players %}
                                <li class="list-group-item d-flex justify-content-between align-items-center">
                                    {{ player.user.username }}
                                    {% set playerReady = false %}
                                    {% set settingName = 'ReadyAtForPlayer' ~ player.screen %}
                                    {% for setting in session.settings %}
                                        {% if setting.name.value == settingName and setting.player == player %}
                                            {% set playerReady = true %}
                                        {% endif %}
                                    {% endfor %}
                                    {% if playerReady %}
                                        <span class="badge bg-success">Ready</span>
                                    {% else %}
                                        <span class="badge bg-secondary">Not ready</span>
                                    {% endif %}
                                </li>
                            {% endfor %}
                        </ul>
                    </div>
                    <hr>
                    <form method="post" class="mt-4">
                        <div class="form-check form-switch mb-3">
                            <input class="form-check-input" type="checkbox" id="toggle_ready" name="toggle_ready" onchange="this.form.submit()" {{ isReady ? 'checked' : '' }}>
                            <label class="form-check-label" for="toggle_ready">
                                <strong>I am ready to start!</strong>
                            </label>
                        </div>
                        <p class="text-muted small">
                            Note: If all players are not ready within 1 minute of you checking this, your status will be reset automatically.
                        </p>
                    </form>
                    <div class="mt-3">
                        <a href="{{ path('game_dashboard') }}" class="btn btn-outline-secondary">Back to Dashboard</a>
                    </div>
                </div>
            </div>
        </div>
    </div>
 </div>
 <div id="mercure-config"
     data-mercure-public-url="{{ mercure_public_url|e('html_attr') }}"
     data-topic="{{ (mercure_topic_base ~ '/game/hub-' ~ session.id)|e('html_attr') }}"
     data-ready-at="{{ readyAt|e('html_attr') }}"
     style="display:none">
 </div>
 <script>
    const config = document.getElementById('mercure-config');
    const publicUrl = config.dataset.mercurePublicUrl;
    const topic = config.dataset.topic;
    const readyAt = config.dataset.readyAt;
    if (publicUrl && topic) {
        const url = new URL(publicUrl);
        url.searchParams.append('topic', topic);
        const eventSource = new EventSource(url);
        eventSource.onmessage = event => {
            const data = JSON.parse(event.data);
            if (data.type === 'all_ready' || data.type === 'player_ready') {
                window.location.reload();
            }
        };
    }
    // Client-side timeout for ready status
    if (readyAt) {
        const timeoutMs = 61000; // 61 seconds (slightly more than server-side 60s)
        const now = Date.now();
        const readyAtMs = readyAt * 1000;
        const timeElapsed = now - readyAtMs;
        const timeLeft = timeoutMs - timeElapsed;
        if (timeLeft > 0) {
            setTimeout(() => {
                window.location.reload();
            }, timeLeft);
        } else {
            // Already timed out, reload to sync with server
            window.location.reload();
        }
    }
 </script>
 {% endblock %}
--- a/templates/tech/registration/confirmation_email.html.twig
+++ b/templates/tech/registration/confirmation_email.html.twig
@@ -4,6 +4,7 @@
    Please confirm your email address by clicking the following link: <br><br>
    <a href="{{ signedUrl }}">Confirm my Email</a>.
    This link will expire in {{ expiresAtMessageKey|trans(expiresAtMessageData, 'VerifyEmailBundle') }}.
    If the link has expired or doesn't work, you can <a href="{{ url('app_verify_resend_email') }}">request a new one</a>.
 </p>
 <p>
--- a/templates/tech/registration/register.html.twig
+++ b/templates/tech/registration/register.html.twig
@@ -11,6 +11,7 @@
        {{ form_row(registrationForm.email) }}
        {{ form_row(registrationForm.username) }}
        {{ form_row(registrationForm.plainPassword) }}
        {{ form_row(registrationForm.captcha) }}
        <button type="submit" class="btn">Register</button>
    {{ form_end(registrationForm) }}
--- a/templates/tech/registration/resend_verification_email.html.twig
+++ b/templates/tech/registration/resend_verification_email.html.twig
@@ -0,0 +1,17 @@
 {% extends 'base.html.twig' %}
 {% block title %}Resend verification email{% endblock %}
 {% block body %}
    <h1>Resend verification email</h1>
    <p>Enter your email address and we will send you a new link to verify your account.</p>
    {{ form_errors(resendForm) }}
    {{ form_start(resendForm) }}
        {{ form_row(resendForm.email) }}
        <button type="submit" class="btn">Resend email</button>
    {{ form_end(resendForm) }}
 {% endblock %}
--- a/templates/tech/security/login.html.twig
+++ b/templates/tech/security/login.html.twig
@@ -5,7 +5,12 @@
 {% block body %}
 <form method="post">
    {% if error %}
-        <div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
+        <div class="alert alert-danger">
            {{ error.messageKey|trans(error.messageData, 'security')|raw }}
            {% if error.messageData['%resend_link%'] is defined %}
                <a href="{{ error.messageData['%resend_link%'] }}">Resend activation link</a>
            {% endif %}
        </div>
    {% endif %}
    {% if app.user %}
@@ -41,5 +46,8 @@
    <div class="mt-3">
        <a href="{{ path('app_forgot_password_request') }}">Forgot your password?</a>
    </div>
    <div class="mt-1">
        <a href="{{ path('app_verify_resend_email') }}">Didn't receive activation email?</a>
    </div>
 </form>
 {% endblock %}
--- a/tests/Game/GameDashboardServiceTest.php
+++ b/tests/Game/GameDashboardServiceTest.php
@@ -8,12 +8,14 @@ use App\Game\Entity\Player;
 use App\Game\Entity\Session;
 use App\Game\Entity\SessionSetting;
 use App\Game\Enum\GameStatus;
 use App\Game\Enum\SessionStatus;
 use App\Game\Enum\SessionSettingType;
 use App\Game\Service\GameDashboardService;
 use App\Tech\Entity\User;
 use Doctrine\ORM\EntityManagerInterface;
 use App\Game\Repository\GameRepository;
 use App\Game\Repository\SessionRepository;
 use Symfony\Component\Mercure\HubInterface;
 use PHPUnit\Framework\TestCase;
 class GameDashboardServiceTest extends TestCase
@@ -21,6 +23,7 @@ class GameDashboardServiceTest extends TestCase
    private $entityManager;
    private $gameRepository;
    private $sessionRepository;
    private $hub;
    private $service;
    protected function setUp(): void
@@ -28,15 +31,18 @@ class GameDashboardServiceTest extends TestCase
        $this->entityManager = $this->createMock(EntityManagerInterface::class);
        $this->gameRepository = $this->createMock(GameRepository::class);
        $this->sessionRepository = $this->createMock(SessionRepository::class);
        $this->hub = $this->createMock(HubInterface::class);
        $this->service = new GameDashboardService(
            $this->gameRepository,
            $this->sessionRepository,
-            $this->entityManager
+            $this->entityManager,
            $this->hub,
            'http://localhost/topic'
        );
    }
-    public function testCreateSessionInitializesRightsAndPwd(): void
+    public function testCreateSessionDoesNotInitializeSettings(): void
    {
        $game = new Game();
        $game->setStatus(GameStatus::OPEN);
@@ -44,20 +50,23 @@ class GameDashboardServiceTest extends TestCase
        $user = new User();
        $user->setUsername('testuser');
-        $this->entityManager->expects($this->exactly(7))
+        $this->entityManager->expects($this->exactly(2))
            ->method('persist');
-            // 1. Session, 2. Player, 3. SessionSetting (rights), 4. SessionSetting (pwd), 5. SessionSetting (chat tracking), 6. SessionSetting (verify codes), 7. SessionSetting (verification progress)
+            // 1. Session, 2. Player
        $session = $this->service->createSession($game, $user, false);
        $this->assertInstanceOf(Session::class, $session);
    }
-    public function testJoinSessionInitializesRightsAndPwd(): void
+    public function testJoinSessionDoesNotInitializeSettings(): void
    {
        $user = new User();
        $user->setUsername('testuser');
        $game = new Game();
        $game->setNumberOfPlayers(3);
        $session = new Session();
        $session->setGame($game);
        $setting = new SessionSetting();
        $setting->setSession($session);
@@ -71,15 +80,93 @@ class GameDashboardServiceTest extends TestCase
        $repo->method('findOneBy')
            ->willReturn($setting);
-        $this->entityManager->expects($this->exactly(6))
+        $this->entityManager->expects($this->exactly(1))
            ->method('persist');
-            // 1. Player, 2. SessionSetting (rights), 3. SessionSetting (pwd), 4. SessionSetting (chat tracking), 5. SessionSetting (verify codes), 6. SessionSetting (verification progress)
+            // 1. Player
        $result = $this->service->joinSession('abc-123', $user);
        $this->assertTrue($result);
    }
    public function testStartSessionAssignsScreensAndInitializesSettings(): void
    {
        $game = new Game();
        $game->setNumberOfPlayers(2);
        $session = new Session();
        $session->setGame($game);
        $session->setStatus(\App\Game\Enum\SessionStatus::CREATED);
        $user1 = new User();
        $user1->setUsername('user1');
        $player1 = new Player();
        $player1->setUser($user1);
        $session->addPlayer($player1);
        $user2 = new User();
        $user2->setUsername('user2');
        $player2 = new Player();
        $player2->setUser($user2);
        $session->addPlayer($player2);
        // For each player (2):
        // Player (persist)
        // SessionSetting (rights)
        // SessionSetting (pwd)
        // SessionSetting (chat tracking)
        // SessionSetting (verify codes)
        // SessionSetting (verification progress)
        // Total = 2 * 6 = 12
        // PLUS Session (persist)
        // Total = 13
        $this->entityManager->expects($this->exactly(13))
            ->method('persist');
        $result = $this->service->startSession($session);
        $this->assertTrue($result);
        $this->assertEquals(\App\Game\Enum\SessionStatus::READY, $session->getStatus());
        $this->assertNotNull($player1->getScreen());
        $this->assertNotNull($player2->getScreen());
        $this->assertNotEquals($player1->getScreen(), $player2->getScreen());
    }
    public function testStartSessionWithFourPlayers(): void
    {
        $game = new Game();
        $game->setNumberOfPlayers(4);
        $session = new Session();
        $session->setGame($game);
        $session->setStatus(\App\Game\Enum\SessionStatus::CREATED);
        for ($i = 1; $i <= 4; $i++) {
            $user = new User();
            $user->setUsername('user' . $i);
            $player = new Player();
            $player->setUser($user);
            $session->addPlayer($player);
        }
        // For each player (4):
        // Player (persist) + 5 Settings = 6 persists
        // Total = 4 * 6 = 24
        // PLUS Session (persist)
        // Total = 25
        $this->entityManager->expects($this->exactly(25))
            ->method('persist');
        $result = $this->service->startSession($session);
        $this->assertTrue($result);
        foreach ($session->getPlayers() as $player) {
            $this->assertNotNull($player->getScreen());
            $this->assertGreaterThanOrEqual(1, $player->getScreen());
            $this->assertLessThanOrEqual(4, $player->getScreen());
        }
    }
    public function testLeaveSession(): void
    {
        $user = new User();
@@ -112,24 +199,225 @@ class GameDashboardServiceTest extends TestCase
        $this->assertCount(1, $session->getPlayers());
    }
-    public function testLeaveSessionDeletesSessionIfLastPlayer(): void
+    public function testToggleReady(): void
    {
        $user = new User();
        $game = new Game();
        $game->setNumberOfPlayers(1);
        $session = new Session();
-        $session->setStatus(\App\Game\Enum\SessionStatus::CREATED);
+        $session->setGame($game);
-        $session->setTimer(0);
+        $session->setStatus(SessionStatus::READY);
        $player = new Player();
        $player->setUser($user);
-        $player->setSession($session);
+        $player->setScreen(1);
        $session->addPlayer($player);
-        $this->entityManager->expects($this->exactly(2))
+        $repo = $this->createMock(\App\Game\Repository\SessionSettingRepository::class);
        $this->entityManager->method('getRepository')
            ->willReturn($repo);
        // First call: toggle ON
        $repo->expects($this->atLeastOnce())
            ->method('getSetting')
            ->willReturn(null); // No setting initially
        $this->entityManager->expects($this->atLeastOnce())
            ->method('persist')
            ->with($this->callback(function($entity) {
                return $entity instanceof SessionSetting && $entity->getName() === SessionSettingType::READY_AT_FOR_PLAYER1;
            }));
        $result = $this->service->toggleReady($session, $user);
        $this->assertTrue($result);
    }
    public function testCheckAllPlayersReadyTransitionsStatus(): void
    {
        $game = new Game();
        $game->setNumberOfPlayers(2);
        $session = new Session();
        $session->setGame($game);
        $session->setStatus(SessionStatus::READY);
        $player1 = new Player();
        $player1->setScreen(1);
        $session->addPlayer($player1);
        $player2 = new Player();
        $player2->setScreen(2);
        $session->addPlayer($player2);
        $repo = $this->createMock(\App\Game\Repository\SessionSettingRepository::class);
        $this->entityManager->method('getRepository')
            ->willReturn($repo);
        $setting1 = new SessionSetting();
        $setting1->setName(SessionSettingType::READY_AT_FOR_PLAYER1);
        $setting1->setValue((string)time());
        $setting1->setPlayer($player1);
        $setting2 = new SessionSetting();
        $setting2->setName(SessionSettingType::READY_AT_FOR_PLAYER2);
        $setting2->setValue((string)time());
        $setting2->setPlayer($player2);
        $repo->method('getSetting')
            ->willReturnCallback(function($s, $name, $p) use ($setting1, $setting2) {
                if ($name === SessionSettingType::READY_AT_FOR_PLAYER1) return $setting1;
                if ($name === SessionSettingType::READY_AT_FOR_PLAYER2) return $setting2;
                return null;
            });
        $this->service->checkAllPlayersReady($session);
        $this->assertEquals(SessionStatus::PLAYING, $session->getStatus());
    }
    public function testCheckAllPlayersReadyTimeouts(): void
    {
        $game = new Game();
        $game->setNumberOfPlayers(2);
        $session = new Session();
        $session->setGame($game);
        $session->setStatus(SessionStatus::READY);
        $player1 = new Player();
        $player1->setScreen(1);
        $session->addPlayer($player1);
        $player2 = new Player();
        $player2->setScreen(2);
        $session->addPlayer($player2);
        $repo = $this->createMock(\App\Game\Repository\SessionSettingRepository::class);
        $this->entityManager->method('getRepository')
            ->willReturn($repo);
        $setting1 = new SessionSetting();
        $setting1->setName(SessionSettingType::READY_AT_FOR_PLAYER1);
        $setting1->setValue((string)(time() - 70)); // Timed out
        $setting1->setPlayer($player1);
        $session->addSetting($setting1);
        $repo->method('getSetting')
            ->willReturnCallback(function($s, $name, $p) use ($setting1) {
                if ($name === SessionSettingType::READY_AT_FOR_PLAYER1) return $setting1;
                return null;
            });
        $this->entityManager->expects($this->once())
            ->method('remove')
            ->with($setting1);
        $this->entityManager->expects($this->atLeastOnce())
            ->method('flush');
        $this->hub->expects($this->once())
            ->method('publish');
        $this->service->checkAllPlayersReady($session);
        $this->assertEquals(SessionStatus::READY, $session->getStatus());
    }
    public function testJoinSessionTriggersStartSessionWhenFull(): void
    {
        $user = new User();
        $user->setUsername('testuser');
        $game = new Game();
        $game->setNumberOfPlayers(2);
        $session = new Session();
        $session->setGame($game);
        $session->setStatus(\App\Game\Enum\SessionStatus::CREATED);
        $existingUser = new User();
        $existingUser->setUsername('existing');
        $existingPlayer = new Player();
        $existingPlayer->setUser($existingUser);
        $session->addPlayer($existingPlayer);
        $setting = new SessionSetting();
        $setting->setSession($session);
        $setting->setName(SessionSettingType::INVITE_CODE);
        $setting->setValue('abc-123');
        $repo = $this->createMock(\Doctrine\ORM\EntityRepository::class);
        $this->entityManager->method('getRepository')
            ->willReturn($repo);
        $repo->method('findOneBy')
            ->willReturn($setting);
        // Expectation:
        // 1. Persist new Player
        // 2. Persist Player 1 (existing) screen update
        // 3. Persist Player 2 (new) screen update
        // 4. Persist Session status update
        // 5. 5 Settings for Player 1
        // 6. 5 Settings for Player 2
        // Total = 1 + 1 + 1 + 1 + 5 + 5 = 14 persists
        $this->entityManager->expects($this->exactly(14))
            ->method('persist');
        $result = $this->service->joinSession('abc-123', $user);
        $this->assertTrue($result);
        $this->assertEquals(\App\Game\Enum\SessionStatus::READY, $session->getStatus());
    }
    public function testLeaveSessionRevertsFromReady(): void
    {
        $user = new User();
        $user->setUsername('testuser');
        $session = new Session();
        $session->setStatus(\App\Game\Enum\SessionStatus::READY);
        $session->setTimer(0);
        $player1 = new Player();
        $player1->setUser($user);
        $player1->setScreen(1);
        $player1->setSession($session);
        $session->addPlayer($player1);
        $player2 = new Player();
        $player2->setUser(new User());
        $player2->setScreen(2);
        $player2->setSession($session);
        $session->addPlayer($player2);
        $this->entityManager->expects($this->exactly(1))
            ->method('remove');
-            // 1. Player, 2. Session
+            // 1. Player1, any settings (none in this test setup)
        $result = $this->service->leaveSession($session, $user);
        $this->assertTrue($result);
        $this->assertEquals(\App\Game\Enum\SessionStatus::CREATED, $session->getStatus());
        $this->assertNull($player2->getScreen());
    }
    public function testCreateSessionForOnePlayerGame(): void
    {
        $game = new Game();
        $game->setStatus(GameStatus::OPEN);
        $game->setNumberOfPlayers(1);
        $user = new User();
        $user->setUsername('testuser');
        // 1. Session persist
        // 2. Player persist
        // 3. Player screen persist (during startSession)
        // 4. Session status persist (during startSession)
        // 5. 5 Settings for Player (during startSession)
        // Total = 1 + 1 + 1 + 1 + 5 = 9 persists
        $this->entityManager->expects($this->exactly(9))
            ->method('persist');
        $session = $this->service->createSession($game, $user, false);
        $this->assertInstanceOf(Session::class, $session);
        $this->assertEquals(\App\Game\Enum\SessionStatus::READY, $session->getStatus());
    }
 }
--- a/tests/Game/GameResponseServiceChatVerifyCodeTest.php
+++ b/tests/Game/GameResponseServiceChatVerifyCodeTest.php
@@ -3,6 +3,7 @@ declare(strict_types=1);
 namespace App\Tests\Game;
 use App\Game\Entity\Game;
 use App\Game\Entity\Player;
 use App\Game\Entity\Session;
 use App\Game\Entity\SessionSetting;
@@ -39,7 +40,8 @@ class GameResponseServiceChatVerifyCodeTest extends TestCase
            $this->playerService,
            $this->sessionSettingRepository,
            $this->hub,
-            $this->entityManager
+            $this->entityManager,
            'H:\escapepage'
        );
        $_ENV['MERCURE_TOPIC_BASE'] = 'http://test';
@@ -50,8 +52,12 @@ class GameResponseServiceChatVerifyCodeTest extends TestCase
        $user = new User();
        $user->setUsername('testuser');
        $game = $this->createMock(Game::class);
        $game->method('getNumberOfPlayers')->willReturn(4);
        $session = $this->createMock(Session::class);
        $session->method('getId')->willReturn(123);
        $session->method('getGame')->willReturn($game);
        $player = $this->createMock(Player::class);
        $player->method('getUser')->willReturn($user);
--- a/tests/Game/SessionLoggingTest.php
+++ b/tests/Game/SessionLoggingTest.php
@@ -0,0 +1,102 @@
 <?php
 declare(strict_types=1);
 namespace App\Tests\Game;
 use App\Game\Entity\Player;
 use App\Game\Entity\Session;
 use App\Game\Entity\SessionSetting;
 use App\Game\Enum\SessionSettingType;
 use App\Game\Repository\SessionSettingRepository;
 use App\Game\Service\GameResponseService;
 use App\Game\Service\PlayerService;
 use App\Tech\Entity\User;
 use Doctrine\ORM\EntityManagerInterface;
 use PHPUnit\Framework\TestCase;
 use Symfony\Bundle\SecurityBundle\Security;
 use Symfony\Component\Mercure\HubInterface;
 class SessionLoggingTest extends TestCase
 {
    private string $tempDir;
    private $security;
    private $playerService;
    private $sessionSettingRepository;
    private $hub;
    private $entityManager;
    private $service;
    protected function setUp(): void
    {
        $this->tempDir = sys_get_temp_dir() . '/escapepage_test_' . uniqid();
        mkdir($this->tempDir, 0777, true);
        $this->security = $this->createMock(Security::class);
        $this->playerService = $this->createMock(PlayerService::class);
        $this->sessionSettingRepository = $this->createMock(SessionSettingRepository::class);
        $this->hub = $this->createMock(HubInterface::class);
        $this->entityManager = $this->createMock(EntityManagerInterface::class);
        $this->service = new GameResponseService(
            $this->security,
            $this->playerService,
            $this->sessionSettingRepository,
            $this->hub,
            $this->entityManager,
            $this->tempDir
        );
    }
    protected function tearDown(): void
    {
        $this->removeDir($this->tempDir);
    }
    private function removeDir(string $dir): void
    {
        if (!is_dir($dir)) return;
        $files = array_diff(scandir($dir), ['.', '..']);
        foreach ($files as $file) {
            (is_dir("$dir/$file")) ? $this->removeDir("$dir/$file") : unlink("$dir/$file");
        }
        rmdir($dir);
    }
    public function testLogging(): void
    {
        $user = new User();
        $user->setUsername('player1');
        $session = $this->createMock(Session::class);
        $session->method('getId')->willReturn(456);
        $player = $this->createMock(Player::class);
        $player->method('getUser')->willReturn($user);
        $player->method('getSession')->willReturn($session);
        $player->method('getScreen')->willReturn(1);
        $this->security->method('getUser')->willReturn($user);
        $this->playerService->method('GetCurrentlyActiveAsPlayer')->willReturn($player);
        // Mock rights
        $rightsSetting = new SessionSetting();
        $rightsSetting->setValue(json_encode(['chat']));
        $this->sessionSettingRepository->method('getSetting')
            ->willReturnMap([
                [$session, SessionSettingType::RIGHTS_FOR_PLAYER1, $player, $rightsSetting],
            ]);
        // Simulate 'help' command (always returns something)
        $raw = json_encode(['message' => 'help', 'ts' => '123']);
        $result = $this->service->getGameResponse($raw);
        $this->assertNotEmpty($result);
        $logFilePath = $this->tempDir . '/var/log/sessions/456/player1.txt';
        $this->assertFileExists($logFilePath);
        $logContent = file_get_contents($logFilePath);
        $this->assertStringContainsString('PLAYER: help', $logContent);
        $this->assertStringContainsString('SERVER:', $logContent);
    }
 }
Author	SHA1	Message	Date
Frank	0a9c0f0052	Fixed network v4	2026-03-11 07:59:23 +01:00
Frank	57af01ea6f	Fixed network v3	2026-03-11 07:57:49 +01:00
Frank	4b0f8fb5c6	Fixed network v2	2026-03-11 07:55:47 +01:00
Frank	a68eeb3ac6	Fixed network	2026-03-11 07:52:11 +01:00
Frank	cc6c6a6456	Fixed ip addresses	2026-03-10 22:13:22 +01:00
Frank	184a5ff0de	Fix database container creation	2026-03-10 22:04:23 +01:00
Frank	170ae2ce43	Unfixed ips	2026-03-10 22:00:08 +01:00
Frank	16625c557c	Fixed ips	2026-03-10 21:55:21 +01:00
Frank	a15edfabed	network defined	2026-03-10 21:52:05 +01:00
Frank	66a682f69f	Prod development	2026-02-21 14:28:48 +00:00
Frank	576d86f602	Mercure ssl	2026-01-17 22:56:34 +01:00
Frank	891c1b4ecb	Mercure cors error 3	2026-01-17 19:36:01 +01:00
Frank	f5bac0fe2d	Mercure cors error 2	2026-01-17 19:27:01 +01:00
Frank	0276199488	Mercure cors error	2026-01-17 19:03:25 +01:00
Frank	83381ef57f	Mercure links	2026-01-17 15:49:58 +01:00
Frank	c6153c62f1	nullable screen	2026-01-17 15:35:26 +01:00
Frank	4f7471ab0f	Remote allowance	2026-01-17 15:12:08 +01:00
Frank	9237d9ad49	captcha keys	2026-01-17 14:51:14 +01:00
Frank	a3573d5a09	Update passwords MySql	2026-01-17 14:29:04 +01:00
Frank	5e87ae90d8	executable	2026-01-17 14:24:54 +01:00
Frank	05a514bad6	restart via 1 script.	2026-01-17 14:22:08 +01:00
Frank	3a34266461	Verification mails solving try 1	2026-01-17 14:12:57 +01:00
Frank	7fe8f9322a	Verification mails solving try 1	2026-01-17 13:47:56 +01:00
Frank	27827bd2a9	Added domain to verification mail	2026-01-16 21:01:01 +01:00
Frank	de1c6f4ed2	Send variables to containers.	2026-01-14 14:00:11 +01:00
Frank	a6df6cbf0c	Request resend of verification mail	2026-01-14 13:09:32 +01:00
Frank	a90489da28	captcha	2026-01-13 21:54:26 +01:00
Frank	498ba1bfca	Verifying mail addresses	2026-01-13 17:43:17 +01:00
Frank	f96e51420f	Mailer From	2026-01-11 23:10:30 +01:00
Frank	f3bf472bc6	Try to fix 3	2026-01-11 16:00:43 +01:00
Frank	34d89129ae	Try to fix 2	2026-01-11 15:56:52 +01:00
Frank	0c0c71c7b4	Try to fix 1	2026-01-11 15:46:46 +01:00
Frank	d70ef9282e	Revert compose files	2026-01-11 15:41:40 +01:00
Frank	de67d95d4f	Niet weggooien van images 4	2026-01-11 15:38:33 +01:00
Frank	bcb42a27b8	Niet weggooien van images 3	2026-01-11 15:37:13 +01:00
Frank	bc4f7a8c79	Niet weggooien van images 2	2026-01-11 15:35:10 +01:00
Frank	3b98e8650b	onbekende flag 5	2026-01-11 15:30:21 +01:00
Frank	09f9abcfb8	onbekende flag 4	2026-01-11 15:28:40 +01:00
Frank	3b3cb69aa7	onbekende flag 3	2026-01-11 15:26:34 +01:00
Frank	badca1af53	onbekende flag 2	2026-01-11 15:25:03 +01:00
Frank	b649d48250	onbekende flag	2026-01-11 15:21:19 +01:00
Frank	0e3a3992fa	container en cache clear erin en image clear eruit	2026-01-10 17:21:59 +01:00
Frank	cfac6d10ec	csrf error solve. try 6	2026-01-10 16:25:07 +01:00
Frank	a10ad7de58	csrf error solve. try 5	2026-01-10 14:28:03 +01:00
Frank	f810ad07b7	csrf error solve. try 4	2026-01-10 14:19:57 +01:00
Frank	41f3547f6f	csrf error solve. try 3	2026-01-10 14:06:29 +01:00
Frank	09b7e78fdd	csrf error solve. try 2	2026-01-10 13:37:14 +01:00
Frank	47091cd4e3	csrf error solve. try 1	2026-01-10 00:39:33 +01:00
Frank	ac4c5ef261	Validation fails	2026-01-10 00:25:57 +01:00
Frank	490f730c97	pass on token	2026-01-10 00:17:36 +01:00
Frank	73d6ea478c	Restart containers	2026-01-09 23:40:25 +01:00
Frank	9da6a60dbe	Add error log	2026-01-09 23:36:50 +01:00
Frank	7ca0bec145	Mercure en hostfile	2026-01-09 18:38:57 +01:00
Frank	ea54c87426	database volume	2026-01-09 16:53:47 +01:00
Frank	12e87edc4d	Fixed ips	2026-01-09 16:42:15 +01:00
Frank	85416f5a07	rights to user	2026-01-09 16:10:44 +01:00
Frank	2f81a60ff7	Meer updates. Next try 7	2026-01-09 15:47:44 +01:00
Frank	0e27217ab4	Meer updates. Next try 6	2026-01-09 15:42:43 +01:00
Frank	b3531b5d7c	Meer updates. Next try 5	2026-01-09 15:33:52 +01:00
Frank	239b1e136a	Meer updates. Next try 4	2026-01-09 15:25:41 +01:00
Frank	db04cafcb1	Meer updates. Next try 3	2026-01-09 15:18:25 +01:00
Frank	5ce7e15565	Meer updates. Next try 2	2026-01-09 15:10:44 +01:00
Frank	df12c4bd11	Meer updates. Next try	2026-01-09 15:01:12 +01:00
Frank	769d8b4e74	Meer updates. Hopelijk beter nu.	2026-01-09 14:51:31 +01:00
Frank	14871336a3	Updated dockerfile om migrations uit te kunnen voeren	2026-01-09 14:41:59 +01:00
Frank	3604c63940	Running containers	2026-01-09 14:30:05 +01:00
Frank	7257c51bdf	Merge pull request 'Settings from env files' (#13 ) from env-settings into main Reviewed-on: #13	2026-01-09 13:21:02 +00:00
Frank	641573842c	Settings from env files	2026-01-09 13:08:09 +01:00
Frank	abc3712d97	Merge pull request 'timer-af-laten-lopen' (#12 ) from timer-af-laten-lopen into main Reviewed-on: #12	2026-01-09 11:23:39 +00:00
Frank	66cb356955	Remove .env.* files from tracking and update .gitignore	2026-01-09 12:13:31 +01:00
Frank	ffd20f5535	Lost page	2026-01-08 20:32:21 +01:00
Frank	1b52f80448	Merge pull request 'start-all-at-the-same-time' (#11 ) from start-all-at-the-same-time into main Reviewed-on: #11	2026-01-08 19:12:17 +00:00
Frank	b965f0f085	Added mercure to update when everyone is ready	2026-01-08 20:11:14 +01:00
Frank	c4c989db4c	Trying to add waiting pages	2026-01-08 19:32:13 +01:00
Frank	37507bd169	Merge pull request 'admin-side' (#10 ) from admin-side into main Reviewed-on: #10	2026-01-08 17:34:48 +00:00
Frank	732148a533	Look into session logfiles	2026-01-08 18:26:32 +01:00
Frank	50d7ce745c	Logfiles for sessions	2026-01-08 18:14:56 +01:00
Frank	a475c1a268	Merge pull request 'set-correct-screens-for-players' (#9 ) from set-correct-screens-for-players into main Reviewed-on: #9	2026-01-08 17:02:10 +00:00
Frank	1ae0f651d8	Most of the cat command	2026-01-08 17:02:16 +01:00
Frank	8e933631b2	Dynamic number of players	2026-01-08 15:49:47 +01:00
Frank	f8746207e6	Merge pull request 'plaatsen-return-messages' (#8 ) from plaatsen-return-messages into main Reviewed-on: #8	2026-01-08 14:35:12 +00:00