# CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

## Project Overview

Meme Studio is a homophone pun game operation platform built with Next.js 14 (App Router). It provides level configuration management for a wordplay game.

## Commands

```bash
npm run dev          # Start development server
npm run build        # Production build
npm run lint         # Run ESLint

# Database (Prisma + MySQL)
npm run db:generate  # Generate Prisma client
npm run db:push      # Push schema changes (dev)
npm run db:migrate   # Create migration
npm run db:studio    # Open Prisma Studio
npm run db:seed      # Create/update admin user
```

## Architecture

### Tech Stack
- **Framework**: Next.js 14 App Router
- **Auth**: Better Auth with Prisma adapter (email/password)
- **Database**: MySQL via Prisma ORM
- **UI**: shadcn/ui + Tailwind CSS
- **State**: TanStack Query for server state
- **Drag & Drop**: @dnd-kit/sortable

### Key Patterns

**Route Groups**:
- `app/(auth)/` - Login page (no sidebar)
- `app/(dashboard)/` - Protected pages with sidebar layout

**Auth Flow**:
- `lib/auth.ts` - Server-side Better Auth config
- `lib/auth-client.ts` - Client-side auth hooks (`useSession`, `signIn`, `signOut`)
- `middleware.ts` - Cookie-based session check (cannot use Prisma in Edge Runtime)

**API Routes**:
- `/api/auth/[...all]` - Better Auth endpoints
- `/api/levels` - CRUD for game levels
- `/api/levels/reorder` - Batch update sort order
- `/api/cos/temp-key` - Tencent COS temporary credentials

**Database Models**:
- `Level` - Game levels with image, answer, hints, sortOrder
- `User`, `Session`, `Account`, `Verification` - Better Auth models

### Environment Variables

Required in `.env`:
```
DATABASE_URL=mysql://...
BETTER_AUTH_SECRET=     # 32+ chars, generate with: openssl rand -base64 32
BETTER_AUTH_URL=http://localhost:3000
ADMIN_EMAIL=
ADMIN_PASSWORD=
COS_SECRET_ID=          # Tencent Cloud COS
COS_SECRET_KEY=
COS_BUCKET=
COS_REGION=
COS_APPID=
```

## Important Notes

- Middleware uses cookie check only (Prisma doesn't work in Edge Runtime)
- Password hashing must use `hashPassword` from `better-auth/crypto` for compatibility
- Session model requires `token` field with unique constraint
- **Git commit messages must be written in Chinese**