PhantomDave · PhantomDave · Nov 14, 2025 · Nov 14, 2025 · Nov 14, 2025 · Nov 14, 2025
diff --git a/.github/workflows/deploy-tailscale.yml b/.github/workflows/deploy-tailscale.yml
@@ -120,8 +120,8 @@ jobs:
 
       - name: Log in to GitHub Container Registry
         run: |
-          tailscale ssh "${{ steps.ssh.outputs.target }}" \
-            "echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin"
+          echo "${{ secrets.GITHUB_TOKEN }}" | tailscale ssh "${{ steps.ssh.outputs.target }}" \
+            "docker login ghcr.io -u ${{ github.actor }} --password-stdin"
 
       - name: Clean up old Docker images
         run: |

diff --git a/PhantomDave.BankTracking.Api/Program.cs b/PhantomDave.BankTracking.Api/Program.cs
@@ -58,7 +58,9 @@ public static void Main(string[] args)
             })
             .AddJwtBearer(options =>
             {
-                options.RequireHttpsMetadata = false; // enable HTTPS in production
+                // WARNING: RequireHttpsMetadata should be true in production environments
+                // Set to false only for local development
-                // WARNING: RequireHttpsMetadata should be true in production environments
-                // Set to false only for local development
+                // RequireHttpsMetadata is disabled in development and enabled in production
+                // (i.e., set to false in development, true in production)
-                // WARNING: RequireHttpsMetadata should be true in production environments
-                // Set to false only for local development
+                // RequireHttpsMetadata is disabled in development and enabled in production
+                // (i.e., set to false in development, true in production)
+                options.RequireHttpsMetadata = builder.Environment.IsDevelopment() == false;
-                options.RequireHttpsMetadata = builder.Environment.IsDevelopment() == false;
+                options.RequireHttpsMetadata = !builder.Environment.IsDevelopment();
-                options.RequireHttpsMetadata = builder.Environment.IsDevelopment() == false;
+                options.RequireHttpsMetadata = !builder.Environment.IsDevelopment();
                 options.SaveToken = true;
                 options.TokenValidationParameters = new TokenValidationParameters
                 {
@@ -79,7 +81,7 @@ public static void Main(string[] args)
         {
             options.AddDefaultPolicy(policy =>
                 policy
-                    .WithOrigins("http://localhost:4200", "http://localhost:5095/graphql", "*")
+                    .WithOrigins("http://localhost:4200", "http://localhost:5095")
                     .AllowAnyHeader()
                     .AllowAnyMethod()
                     .AllowCredentials());

diff --git a/PhantomDave.BankTracking.Api/Services/FileImportService.cs b/PhantomDave.BankTracking.Api/Services/FileImportService.cs
@@ -2,6 +2,7 @@
 using System.Text;
 using CsvHelper;
 using CsvHelper.Configuration;
+using Microsoft.Extensions.Logging;
 using OfficeOpenXml;
 using PhantomDave.BankTracking.Api.Types.ObjectTypes;
 using PhantomDave.BankTracking.Library.Models;
@@ -24,8 +25,10 @@ public class ParsedFileData
     public FileType FileTypeExt { get; set; } = FileType.Xlsx;
     public int HeaderRowIndex { get; set; } = 1;
 }
-public class FileImportService
+public class FileImportService(ILogger<FileImportService> logger)
 {
+    private readonly ILogger<FileImportService> _logger = logger;
+
     public async Task<ParsedFileData> ParseFileAsync(IFile file)
     {
         await using var reader = file.OpenReadStream();
@@ -239,8 +242,9 @@ private static Encoding DetectEncoding(Stream stream)
             Encoding.UTF8.GetString(buffer, 0, bytesRead);
-            Encoding.UTF8.GetString(buffer, 0, bytesRead);
+            var strictUtf8 = Encoding.GetEncoding("UTF-8", new EncoderExceptionFallback(), new DecoderExceptionFallback());
+            strictUtf8.GetString(buffer, 0, bytesRead);
-            Encoding.UTF8.GetString(buffer, 0, bytesRead);
+            var strictUtf8 = Encoding.GetEncoding("UTF-8", new EncoderExceptionFallback(), new DecoderExceptionFallback());
+            strictUtf8.GetString(buffer, 0, bytesRead);
             return Encoding.UTF8;
         }
-        catch
+        catch (DecoderFallbackException)
         {
+            // If UTF-8 decoding fails, fall back to ISO-8859-1
             return Encoding.GetEncoding("ISO-8859-1");
         }
     }
@@ -283,11 +287,13 @@ public IEnumerable<FinanceRecord> FromParsedData(int accountId, ParsedFileData p
 
                 records.Add(record);
             }
-            catch
+            catch (Exception ex)
             {
                 failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} during import", records.Count + failedCount);
             }
-            catch (Exception ex)
-            {
-                failedCount++;
-                _logger.LogWarning(ex, "Failed to parse row {RowIndex} during import", records.Count + failedCount);
-            }
+            catch (FormatException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to format error during import", records.Count + failedCount);
+            }
+            catch (KeyNotFoundException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to missing column during import", records.Count + failedCount);
+            }
+            catch (InvalidCastException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to invalid cast during import", records.Count + failedCount);
+            }
-            catch (Exception ex)
-            {
-                failedCount++;
-                _logger.LogWarning(ex, "Failed to parse row {RowIndex} during import", records.Count + failedCount);
-            }
+            catch (FormatException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to format error during import", records.Count + failedCount);
+            }
+            catch (KeyNotFoundException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to missing column during import", records.Count + failedCount);
+            }
+            catch (InvalidCastException ex)
+            {
+                failedCount++;
+                _logger.LogWarning(ex, "Failed to parse row {RowIndex} due to invalid cast during import", records.Count + failedCount);
+            }
-            Console.WriteLine($"Processed {records.Count + failedCount} / {parsedData.Rows.Count}, Failed: {failedCount}");
+            _logger.LogDebug("Processed {ProcessedRows} / {TotalRows}, Failed: {FailedRows}", 
+                records.Count + failedCount, parsedData.Rows.Count, failedCount);
         }
 
-            _logger.LogDebug("Processed {ProcessedRows} / {TotalRows}, Failed: {FailedRows}", 
-                records.Count + failedCount, parsedData.Rows.Count, failedCount);
-        }
+        }
+
+        _logger.LogDebug("Processed {ProcessedRows} / {TotalRows}, Failed: {FailedRows}",
+            records.Count + failedCount, parsedData.Rows.Count, failedCount);
-            _logger.LogDebug("Processed {ProcessedRows} / {TotalRows}, Failed: {FailedRows}", 
-                records.Count + failedCount, parsedData.Rows.Count, failedCount);
-        }
+        }
+
+        _logger.LogDebug("Processed {ProcessedRows} / {TotalRows}, Failed: {FailedRows}",
+            records.Count + failedCount, parsedData.Rows.Count, failedCount);
         return records;