(SP: 3)[Backend][UI] Harden Stripe refund handling & janitor auth; fix Admin Products currency + overflow (#120)

Author: liudmylasovetovs

.gitignore

@@ -64,4 +64,11 @@ next-env.d.ts
 # Documentation (development only)
 .claude/
 CLAUDE.md
-frontend/docs/
+frontend/docs/
+frontend/.env.bak
+
+
+# local env backups
+frontend/.env*.bak
+frontend/.env.bak
+

frontend/app/[locale]/shop/admin/layout.tsx

@@ -28,7 +28,7 @@ export default async function ShopAdminLayout({
   return (
     <>
       <div className="border-b border-border bg-background">
-        <div className="mx-auto flex max-w-6xl items-center justify-between px-4 py-3">
+        <div className="mx-auto flex max-w-7xl items-center justify-between px-4 py-3 sm:px-6 lg:px-8">
           <div className="flex items-center gap-3">
             <Link
               href="/shop/admin"

frontend/app/[locale]/shop/admin/orders/[id]/RefundButton.tsx

@@ -16,11 +16,19 @@ export function RefundButton({ orderId, disabled }: Props) {
   async function onRefund() {
     setError(null);
 
-    const res = await fetch(`/api/shop/admin/orders/${orderId}/refund`, {
-      method: 'POST',
-      credentials: 'same-origin',
-      headers: { 'Content-Type': 'application/json' },
-    });
+    let res: Response;
+    try {
+      res = await fetch(`/api/shop/admin/orders/${orderId}/refund`, {
+        method: 'POST',
+        credentials: 'same-origin',
+        headers: { 'Content-Type': 'application/json' },
+      });
+    } catch (err) {
+      const msg =
+        err instanceof Error && err.message ? err.message : 'NETWORK_ERROR';
+      setError(msg);
+      return;
+    }
 
     let json: any = null;
     try {
@@ -46,14 +54,16 @@ export function RefundButton({ orderId, disabled }: Props) {
         onClick={onRefund}
         disabled={disabled || isPending}
         className="rounded-md border border-border px-3 py-1.5 text-sm font-medium text-foreground transition-colors hover:bg-secondary disabled:cursor-not-allowed disabled:opacity-50"
-        title={disabled ? 'Refund is only available for paid Stripe orders' : undefined}
+        title={
+          disabled
+            ? 'Refund is only available for paid Stripe orders'
+            : undefined
+        }
       >
         {isPending ? 'Refunding…' : 'Refund'}
       </button>
 
-      {error ? (
-        <span className="text-xs text-destructive">{error}</span>
-      ) : null}
+      {error ? <span className="text-xs text-destructive">{error}</span> : null}
     </div>
   );
 }

frontend/app/[locale]/shop/admin/orders/[id]/page.tsx

@@ -23,7 +23,7 @@ function orderCurrency(
   locale: string
 ): CurrencyCode {
   const c = order?.currency ?? resolveCurrencyFromLocale(locale);
-  return (c === 'UAH' ? 'UAH' : 'USD') as CurrencyCode;
+  return c === 'UAH' ? 'UAH' : 'USD';
 }
 
 function formatDateTime(value: Date | null | undefined) {
@@ -41,9 +41,9 @@ export default async function AdminOrderDetailPage({
   if (!order) notFound();
 
   const canRefund =
-  order.paymentProvider === 'stripe' &&
-  order.paymentStatus === 'paid' &&
-  !!order.paymentIntentId;
+    order.paymentProvider === 'stripe' &&
+    order.paymentStatus === 'paid' &&
+    !!order.paymentIntentId;
 
   return (
     <div className="mx-auto max-w-6xl px-4 py-8">

frontend/app/[locale]/shop/admin/page.tsx

@@ -3,7 +3,8 @@ import { Link } from '@/i18n/routing';
 
 export default function ShopAdminHomePage() {
   return (
-    <div className="mx-auto max-w-6xl px-4 py-8">
+    <div className="mx-auto max-w-7xl px-4 py-8 sm:px-6 lg:px-8">
+
       <h1 className="text-2xl font-bold text-foreground">Shop Admin</h1>
       <p className="mt-2 text-sm text-muted-foreground">
         Administrative tools for the merch shop.

frontend/app/[locale]/shop/admin/products/_components/product-form.tsx

@@ -248,15 +248,13 @@ export function ProductForm({
           setError(
             `${p.currency}: price is required when original price is set.`
           );
-          setIsSubmitting(false);
           return;
         }
       }
 
       const usd = effectivePrices.find(p => p.currency === 'USD');
       if (!usd || !usd.price.length) {
         setError('USD price is required.');
-        setIsSubmitting(false);
         return;
       }
 
@@ -275,7 +273,6 @@ export function ProductForm({
         }));
       } catch (e) {
         setError(e instanceof Error ? e.message : 'Invalid price value.');
-        setIsSubmitting(false);
         return;
       }