From 544f17067ab8c76a56842ddf1210ce85568d90f7 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:43:27 -0500
Subject: [PATCH 01/49] Implement Account Membership Management for account
 admins

---
 src/index.ts            |  46 ++++++++++++++
 test/membership.spec.ts | 136 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 182 insertions(+)
 create mode 100644 test/membership.spec.ts

diff --git a/src/index.ts b/src/index.ts
index f8b0438..ed491e8 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -89,6 +89,13 @@ export default {
       if (apiPath === '/me/accounts/switch' && request.method === 'POST') {
         return handleSwitchAccount(request, env, cookieManager);
       }
+
+      if (apiPath.startsWith('/me/accounts/')) {
+        const parts = apiPath.split('/');
+        if (parts.length >= 5 && parts[4] === 'members') {
+          return handleAccountMembers(request, env, parts[3], parts.slice(5), cookieManager);
+        }
+      }
     }
 
     if (url.pathname === usersPath + 'logout') {
@@ -293,6 +300,45 @@ function isAdmin(user: any, env: StartupAPIEnv): boolean {
   );
 }
 
+async function handleAccountMembers(
+  request: Request,
+  env: StartupAPIEnv,
+  accountId: string,
+  extraParts: string[],
+  cookieManager: CookieManager,
+): Promise<Response> {
+  const user = await getUserFromSession(request, env, cookieManager);
+  if (!user) return new Response('Unauthorized', { status: 401 });
+
+  const userStub = env.USER.get(env.USER.idFromString(user.id));
+  const memberships = await userStub.getMemberships();
+  const membership = memberships.find((m: any) => m.account_id === accountId);
+
+  const isAccountAdmin = membership && membership.role === AccountDO.ROLE_ADMIN;
+  const isSysAdmin = isAdmin(user, env);
+
+  if (!isAccountAdmin && !isSysAdmin) {
+    return new Response('Forbidden', { status: 403 });
+  }
+
+  const accountStub = env.ACCOUNT.get(env.ACCOUNT.idFromString(accountId));
+
+  if (extraParts.length === 0) {
+    if (request.method === 'GET') {
+      return Response.json(await accountStub.getMembers());
+    }
+    if (request.method === 'POST') {
+      const { user_id, role } = (await request.json()) as { user_id: string; role: number };
+      return Response.json(await accountStub.addMember(user_id, role));
+    }
+  } else if (extraParts.length === 1 && request.method === 'DELETE') {
+    const userIdToRemove = extraParts[0];
+    return Response.json(await accountStub.removeMember(userIdToRemove));
+  }
+
+  return new Response('Not Found', { status: 404 });
+}
+
 async function handleMe(
   request: Request,
   env: StartupAPIEnv,
diff --git a/test/membership.spec.ts b/test/membership.spec.ts
new file mode 100644
index 0000000..9645d27
--- /dev/null
+++ b/test/membership.spec.ts
@@ -0,0 +1,136 @@
+import { env, SELF } from 'cloudflare:test';
+import { describe, it, expect } from 'vitest';
+import { CookieManager } from '../src/CookieManager';
+
+describe('Account Membership Management', () => {
+  const cookieManager = new CookieManager(env.SESSION_SECRET);
+
+  async function createSession(userIdStr: string) {
+      const userStub = env.USER.get(env.USER.idFromString(userIdStr));
+      const { sessionId } = await userStub.createSession();
+      return `session_id=${await cookieManager.encrypt(`${sessionId}:${userIdStr}`)}`;
+  }
+
+  it('should allow account admin to add and remove members', async () => {
+    // 1. Setup Admin User
+    const adminId = env.USER.newUniqueId();
+    const adminIdStr = adminId.toString();
+    const adminCookie = await createSession(adminIdStr);
+
+    // 2. Setup Account
+    const accId = env.ACCOUNT.newUniqueId();
+    const accIdStr = accId.toString();
+    const accStub = env.ACCOUNT.get(accId);
+    await accStub.updateInfo({ name: 'Test Account' });
+    await accStub.addMember(adminIdStr, 1); // 1 = ROLE_ADMIN
+
+    // 3. Setup Another User to be added
+    const userId = env.USER.newUniqueId();
+    const userIdStr = userId.toString();
+
+    // 4. Add Member via API
+    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      method: 'POST',
+      headers: { 
+          'Cookie': adminCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ user_id: userIdStr, role: 0 }),
+    });
+    expect(addRes.status).toBe(200);
+    const addData = await addRes.json() as any;
+    expect(addData.success).toBe(true);
+
+    // 5. List Members via API
+    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': adminCookie },
+    });
+    expect(listRes.status).toBe(200);
+    const members = await listRes.json() as any[];
+    expect(members.length).toBe(2);
+    expect(members.some(m => m.user_id === userIdStr)).toBe(true);
+
+    // 6. Remove Member via API
+    const removeRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${userIdStr}`, {
+      method: 'DELETE',
+      headers: { 'Cookie': adminCookie },
+    });
+    expect(removeRes.status).toBe(200);
+    const removeData = await removeRes.json() as any;
+    expect(removeData.success).toBe(true);
+
+    // 7. Verify member removed
+    const listRes2 = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': adminCookie },
+    });
+    const members2 = await listRes2.json() as any[];
+    expect(members2.length).toBe(1);
+    expect(members2.some(m => m.user_id === userIdStr)).toBe(false);
+  });
+
+  it('should not allow non-admin to add members', async () => {
+    // 1. Setup Non-Admin User
+    const userId = env.USER.newUniqueId();
+    const userIdStr = userId.toString();
+    const userCookie = await createSession(userIdStr);
+
+    // 2. Setup Account
+    const accId = env.ACCOUNT.newUniqueId();
+    const accIdStr = accId.toString();
+    const accStub = env.ACCOUNT.get(accId);
+    await accStub.updateInfo({ name: 'Test Account' });
+    await accStub.addMember(userIdStr, 0); // 0 = ROLE_USER
+
+    // 3. Another user to try to add
+    const otherUserId = env.USER.newUniqueId().toString();
+
+    // 4. Try to add member via API
+    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      method: 'POST',
+      headers: { 
+          'Cookie': userCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ user_id: otherUserId, role: 0 }),
+    });
+    expect(addRes.status).toBe(403);
+  });
+
+  it('should allow system admin to manage members of any account', async () => {
+    // 1. Setup System Admin
+    const adminIds = (env.ADMIN_IDS || '').split(',').map(id => id.trim());
+    const systemAdminId = env.USER.idFromName(adminIds[0]);
+    const systemAdminIdStr = systemAdminId.toString();
+    const systemAdminCookie = await createSession(systemAdminIdStr);
+    
+    // 2. Setup Account (System Admin is NOT a member)
+    const accId = env.ACCOUNT.newUniqueId();
+    const accIdStr = accId.toString();
+    const accStub = env.ACCOUNT.get(accId);
+    await accStub.updateInfo({ name: 'System Managed Account' });
+
+    // 3. Another user to be added
+    const userId = env.USER.newUniqueId().toString();
+
+    // 4. System Admin adds member via API
+    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      method: 'POST',
+      headers: { 
+          'Cookie': systemAdminCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ user_id: userId, role: 0 }),
+    });
+    expect(addRes.status).toBe(200);
+    const addData = await addRes.json() as any;
+    expect(addData.success).toBe(true);
+
+    // 5. System Admin lists members
+    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': systemAdminCookie },
+    });
+    expect(listRes.status).toBe(200);
+    const members = await listRes.json() as any[];
+    expect(members.length).toBe(1);
+  });
+});

From 3aca0af9a966621103a6421e14a3fa08c4e43379 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:51:29 -0500
Subject: [PATCH 02/49] Add Account Settings page for membership management

---
 public/users/accounts.html  | 321 ++++++++++++++++++++++++++++++++++++
 public/users/power-strip.js |   9 +
 public/users/profile.html   |  27 +++
 3 files changed, 357 insertions(+)
 create mode 100644 public/users/accounts.html

diff --git a/public/users/accounts.html b/public/users/accounts.html
new file mode 100644
index 0000000..1abbeb3
--- /dev/null
+++ b/public/users/accounts.html
@@ -0,0 +1,321 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Account Settings</title>
+    <style>
+      body {
+        font-family:
+          system-ui,
+          -apple-system,
+          sans-serif;
+        padding: 2rem;
+        max-width: 800px;
+        margin: 0 auto;
+        background: #f9f9f9;
+      }
+      h1 {
+        color: #333;
+      }
+      section {
+        background: white;
+        padding: 2rem;
+        border-radius: 8px;
+        box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+        margin-bottom: 2rem;
+      }
+      .form-group {
+        margin-bottom: 1.5rem;
+      }
+      .form-group label {
+        display: block;
+        margin-bottom: 0.5rem;
+        font-weight: 500;
+        color: #555;
+      }
+      .form-group input, .form-group select {
+        width: 100%;
+        padding: 0.75rem;
+        border: 1px solid #ddd;
+        border-radius: 4px;
+        box-sizing: border-box;
+        font-size: 1rem;
+      }
+      button {
+        padding: 0.75rem 1.5rem;
+        background: #1a73e8;
+        color: white;
+        border: none;
+        border-radius: 4px;
+        cursor: pointer;
+        font-size: 1rem;
+        font-weight: 500;
+      }
+      button:hover {
+        background: #1557b0;
+      }
+      button.secondary-btn {
+        background: #fff;
+        color: #1a73e8;
+        border: 1px solid #1a73e8;
+      }
+      button.secondary-btn:hover {
+        background: #f8f9fa;
+      }
+      button:disabled {
+        background: #ccc;
+        cursor: not-allowed;
+      }
+      #toast {
+        position: fixed;
+        bottom: 1rem;
+        right: 1rem;
+        padding: 1rem;
+        background: #333;
+        color: white;
+        border-radius: 4px;
+        opacity: 0;
+        transition: opacity 0.3s;
+        z-index: 10000;
+      }
+      .back-link {
+        display: inline-block;
+        margin-bottom: 1rem;
+        color: #1a73e8;
+        text-decoration: none;
+      }
+      .back-link:hover {
+        text-decoration: underline;
+      }
+      .member-item {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        padding: 1rem;
+        border-bottom: 1px solid #eee;
+      }
+      .member-item:last-child {
+        border-bottom: none;
+      }
+      .member-info {
+        display: flex;
+        align-items: center;
+        gap: 1rem;
+      }
+      .role-badge {
+        font-size: 0.75rem;
+        padding: 0.25rem 0.5rem;
+        border-radius: 1rem;
+        background: #f1f3f4;
+        color: #5f6368;
+        font-weight: 500;
+      }
+      .role-badge.admin {
+        background: #e8f0fe;
+        color: #1a73e8;
+      }
+      .remove-btn {
+        background: transparent;
+        color: #d93025;
+        border: 1px solid #d93025;
+        padding: 0.4rem 0.8rem;
+        font-size: 0.85rem;
+      }
+      .remove-btn:hover {
+        background: #fce8e6;
+      }
+      .remove-btn:disabled {
+        border-color: #eee;
+        color: #ccc;
+        cursor: not-allowed;
+      }
+    </style>
+  </head>
+  <body>
+    <power-strip providers="google,twitch" style="position: absolute; top: 0; right: 0; z-index: 9999; padding: 0.1rem; border-radius: 0 0 0 0.3rem;">
+      <svg viewBox="0 0 24 24" style="width: 1rem; height: 1rem;"><path d="M7 2v11h3v9l7-12h-4l4-8z" fill="#ffcc00"/></svg>
+    </power-strip>
+    <script src="/users/power-strip.js" async></script>
+
+    <a href="/" class="back-link">← Back to Home</a>
+    <h1 id="account-name-heading">Account Settings</h1>
+
+    <section id="account-info-section">
+      <h2>General Information</h2>
+      <div class="form-group">
+        <label>Account ID</label>
+        <input type="text" id="account-id-display" disabled />
+      </div>
+      <div class="form-group">
+        <label>Plan</label>
+        <input type="text" id="account-plan-display" disabled />
+      </div>
+    </section>
+
+    <section id="members-section">
+      <h2>Team Members</h2>
+      <div id="members-list">
+        <p>Loading members...</p>
+      </div>
+
+      <div style="margin-top: 2rem; padding-top: 2rem; border-top: 1px solid #eee;">
+        <h3>Add Member</h3>
+        <form id="add-member-form">
+          <div class="form-group">
+            <label for="new-member-id">User ID</label>
+            <input type="text" id="new-member-id" placeholder="Enter User ID" required />
+          </div>
+          <div class="form-group">
+            <label for="new-member-role">Role</label>
+            <select id="new-member-role">
+              <option value="0">Member</option>
+              <option value="1">Admin</option>
+            </select>
+          </div>
+          <button type="submit" id="add-btn">Add Member</button>
+        </form>
+      </div>
+    </section>
+
+    <div id="toast"></div>
+
+    <script>
+      const API_BASE = '/users/api';
+      let currentAccountId = null;
+      let currentUserRole = 0;
+      let currentUserId = null;
+
+      async function init() {
+        try {
+          const res = await fetch(`${API_BASE}/me`);
+          if (!res.ok) {
+            if (res.status === 401) {
+              window.location.href = '/';
+              return;
+            }
+            throw new Error('Failed to load user info');
+          }
+          const data = await res.json();
+          if (data.valid && data.account) {
+            currentAccountId = data.account.id;
+            currentUserRole = data.account.role;
+            currentUserId = data.profile.id;
+
+            document.getElementById('account-name-heading').textContent = `Settings: ${data.account.name || 'Account'}`;
+            document.getElementById('account-id-display').value = currentAccountId;
+            
+            // Check if user is admin of the account or system admin
+            if (currentUserRole !== 1 && !data.is_admin) {
+                document.getElementById('members-section').style.display = 'none';
+                const msg = document.createElement('p');
+                msg.textContent = 'You do not have permission to manage this account's membership.';
+                msg.style.color = '#666';
+                document.getElementById('account-info-section').appendChild(msg);
+            } else {
+                loadMembers();
+            }
+
+            // Billing info might be separate
+            loadAccountDetails();
+          }
+        } catch (e) {
+          showToast(e.message);
+        }
+      }
+
+      async function loadAccountDetails() {
+          // This would ideally call an endpoint that returns full account info including billing
+          // For now we might just have plan info in the account object if it was there
+      }
+
+      async function loadMembers() {
+        const list = document.getElementById('members-list');
+        try {
+          const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/members`);
+          if (!res.ok) throw new Error('Failed to load members');
+          const members = await res.json();
+          
+          if (members.length === 0) {
+            list.innerHTML = '<p>No members found.</p>';
+            return;
+          }
+
+          list.innerHTML = members.map(m => {
+            const isAdmin = m.role === 1;
+            const isSelf = m.user_id === currentUserId;
+            return `
+              <div class="member-item">
+                <div class="member-info">
+                  <div>
+                    <div style="font-weight: 600;">${m.user_id} ${isSelf ? '(You)' : ''}</div>
+                    <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
+                  </div>
+                </div>
+                <button class="remove-btn" onclick="removeMember('${m.user_id}')" ${isSelf ? 'disabled title="You cannot remove yourself"' : ''}>
+                  Remove
+                </button>
+              </div>
+            `;
+          }).join('');
+        } catch (e) {
+          list.innerHTML = `<p style="color: red;">${e.message}</p>`;
+        }
+      }
+
+      document.getElementById('add-member-form').onsubmit = async (e) => {
+        e.preventDefault();
+        const userId = document.getElementById('new-member-id').value;
+        const role = parseInt(document.getElementById('new-member-role').value);
+
+        try {
+          const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/members`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ user_id: userId, role }),
+          });
+
+          if (res.ok) {
+            showToast('Member added successfully');
+            document.getElementById('add-member-form').reset();
+            loadMembers();
+          } else {
+            const err = await res.text();
+            throw new Error(err || 'Failed to add member');
+          }
+        } catch (e) {
+          showToast(e.message);
+        }
+      };
+
+      async function removeMember(userId) {
+        if (!confirm(`Are you sure you want to remove user ${userId} from this account?`)) return;
+
+        try {
+          const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/members/${userId}`, {
+            method: 'DELETE'
+          });
+
+          if (res.ok) {
+            showToast('Member removed');
+            loadMembers();
+          } else {
+            const err = await res.text();
+            throw new Error(err || 'Failed to remove member');
+          }
+        } catch (e) {
+          showToast(e.message);
+        }
+      }
+
+      function showToast(msg) {
+        const toast = document.getElementById('toast');
+        toast.innerText = msg;
+        toast.style.opacity = 1;
+        setTimeout(() => (toast.style.opacity = 0), 3000);
+      }
+
+      init();
+    </script>
+  </body>
+</html>
diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index e902292..c20f2df 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -148,10 +148,19 @@ class PowerStrip extends HTMLElement {
               </svg>
             </button>`;
 
+          const accountSettingsLink = (currentAccount && (currentAccount.role === 1 || this.user.is_admin))
+            ? `<a href="${this.basePath}/accounts.html" class="trigger settings-btn" title="Account Settings">
+                 <svg viewBox="0 0 24 24" style="width: 0.8rem; height: 0.8rem; fill: currentColor; display: block;">
+                   <path d="M19.14,12.94c0.04-0.3,0.06-0.61,0.06-0.94c0-0.32-0.02-0.64-0.07-0.94l2.03-1.58c0.18-0.14,0.23-0.41,0.12-0.61 l-1.92-3.32c-0.12-0.22-0.37-0.29-0.59-0.22l-2.39,0.96c-0.5-0.38-1.03-0.7-1.62-0.94L14.4,2.81c-0.04-0.24-0.24-0.41-0.48-0.41 h-3.84c-0.24,0-0.43,0.17-0.47,0.41L9.25,5.35C8.66,5.59,8.12,5.92,7.63,6.29L5.24,5.33c-0.22-0.08-0.47,0-0.59,0.22L2.74,8.87 C2.62,9.08,2.66,9.34,2.86,9.48l2.03,1.58C4.84,11.36,4.81,11.69,4.81,12s0.02,0.64,0.07,0.94l-2.03,1.58 c-0.18,0.14-0.23,0.41-0.12,0.61l1.92,3.32c0.12,0.22,0.37,0.29,0.59,0.22l2.39-0.96c0.5,0.38,1.03,0.7,1.62,0.94l0.36,2.54 c0.05,0.24,0.24,0.41,0.48,0.41h3.84c0.24,0,0.44-0.17,0.47-0.41l0.36-2.54c0.59-0.24,1.13-0.56,1.62-0.94l2.39,0.96 c0.22,0.08,0.47,0,0.59-0.22l1.92-3.32c0.12-0.22,0.07-0.47-0.12-0.61L19.14,12.94z M12,15.5c-1.93,0-3.5-1.57-3.5-3.5 s1.57-3.5,3.5-3.5s3.5,1.57,3.5,3.5S13.93,15.5,12,15.5z"/>
+                 </svg>
+               </a>`
+            : '';
+
           accountContainer = `
             <div class="account-container">
                 <span class="account-label">${accountName}</span>
                 ${switchButton}
+                ${accountSettingsLink}
             </div>
           `;
 
diff --git a/public/users/profile.html b/public/users/profile.html
index 0fe0a33..e91a1f3 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -173,6 +173,21 @@
       .link-account-btn.google:hover { background: #f8f9fa; }
       .link-account-btn.twitch { background: #9146FF; color: white; border-color: #9146FF; }
       .link-account-btn.twitch:hover { background: #7d2ee6; }
+      .btn-link {
+        display: inline-block;
+        padding: 0.75rem 1rem;
+        background: white;
+        color: #1a73e8;
+        border: 1px solid #1a73e8;
+        border-radius: 4px;
+        text-decoration: none;
+        font-weight: 500;
+        font-size: 0.875rem;
+        transition: background 0.2s;
+      }
+      .btn-link:hover {
+        background: #f8f9fa;
+      }
     </style>
   </head>
   <body>
@@ -241,6 +256,14 @@ <h3>Link another account</h3>
       </div>
     </section>
 
+    <section id="account-settings-section" style="display: none;">
+      <h2>Account Settings</h2>
+      <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
+        Manage your team members and account configuration.
+      </p>
+      <a href="/users/accounts.html" class="btn-link">Manage Account & Team</a>
+    </section>
+
     <div id="toast"></div>
 
     <script>
@@ -280,6 +303,10 @@ <h3>Link another account</h3>
                 emailLabel.textContent = `Email (from ${providerName})`;
             }
 
+            if (data.account && (data.account.role === 1 || data.is_admin)) {
+                document.getElementById('account-settings-section').style.display = 'block';
+            }
+
             document.getElementById('save-btn').disabled = true;
           }
         } catch (e) {

From ae359d3ca6ea7b7bdd091b01fcd0386aa9a7161e Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:53:48 -0500
Subject: [PATCH 03/49] Fix syntax error in accounts.html

---
 public/users/accounts.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 1abbeb3..17bc084 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -209,7 +209,7 @@ <h3>Add Member</h3>
             if (currentUserRole !== 1 && !data.is_admin) {
                 document.getElementById('members-section').style.display = 'none';
                 const msg = document.createElement('p');
-                msg.textContent = 'You do not have permission to manage this account's membership.';
+                msg.textContent = "You do not have permission to manage this account's membership.";
                 msg.style.color = '#666';
                 document.getElementById('account-info-section').appendChild(msg);
             } else {

From 0d92d72e12b97c4a5331732069b361fdd18aa13c Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:55:51 -0500
Subject: [PATCH 04/49] Display member names with ellipsis in account settings

---
 public/users/accounts.html | 21 +++++++++++++++++++--
 src/AccountDO.ts           | 15 +++++++++++++--
 2 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 17bc084..45eb44a 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -102,6 +102,22 @@
         display: flex;
         align-items: center;
         gap: 1rem;
+        min-width: 0; /* Important for ellipsis in flex child */
+      }
+      .member-details {
+        min-width: 0;
+      }
+      .member-name {
+        font-weight: 600;
+        white-space: nowrap;
+        overflow: hidden;
+        text-overflow: ellipsis;
+        max-width: 300px;
+      }
+      .member-id {
+        font-size: 0.75rem;
+        color: #999;
+        font-family: monospace;
       }
       .role-badge {
         font-size: 0.75rem;
@@ -247,8 +263,9 @@ <h3>Add Member</h3>
             return `
               <div class="member-item">
                 <div class="member-info">
-                  <div>
-                    <div style="font-weight: 600;">${m.user_id} ${isSelf ? '(You)' : ''}</div>
+                  <div class="member-details">
+                    <div class="member-name" title="${m.name}${isSelf ? ' (You)' : ''}">${m.name} ${isSelf ? '(You)' : ''}</div>
+                    <div class="member-id">${m.user_id}</div>
                     <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
                   </div>
                 </div>
diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index 4c17134..634a85d 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -62,8 +62,19 @@ export class AccountDO extends DurableObject {
   }
 
   async getMembers() {
-    const result = this.sql.exec('SELECT user_id, role, joined_at FROM members');
-    return Array.from(result);
+    const result = Array.from(this.sql.exec('SELECT user_id, role, joined_at FROM members'));
+    const membersWithNames = await Promise.all(
+      result.map(async (m: any) => {
+        try {
+          const userStub = this.env.USER.get(this.env.USER.idFromString(m.user_id));
+          const profile = await userStub.getProfile();
+          return { ...m, name: profile.name || 'Unknown User' };
+        } catch (e) {
+          return { ...m, name: 'Unknown User' };
+        }
+      }),
+    );
+    return membersWithNames;
   }
 
   async addMember(user_id: string, role: number) {

From 3d433c963ecef819720003ebf648b4091500e3e1 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:57:09 -0500
Subject: [PATCH 05/49] Remove manual Add Member form from account settings

---
 public/users/accounts.html | 43 --------------------------------------
 1 file changed, 43 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 45eb44a..b58b2b7 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -174,24 +174,6 @@ <h2>Team Members</h2>
       <div id="members-list">
         <p>Loading members...</p>
       </div>
-
-      <div style="margin-top: 2rem; padding-top: 2rem; border-top: 1px solid #eee;">
-        <h3>Add Member</h3>
-        <form id="add-member-form">
-          <div class="form-group">
-            <label for="new-member-id">User ID</label>
-            <input type="text" id="new-member-id" placeholder="Enter User ID" required />
-          </div>
-          <div class="form-group">
-            <label for="new-member-role">Role</label>
-            <select id="new-member-role">
-              <option value="0">Member</option>
-              <option value="1">Admin</option>
-            </select>
-          </div>
-          <button type="submit" id="add-btn">Add Member</button>
-        </form>
-      </div>
     </section>
 
     <div id="toast"></div>
@@ -280,31 +262,6 @@ <h3>Add Member</h3>
         }
       }
 
-      document.getElementById('add-member-form').onsubmit = async (e) => {
-        e.preventDefault();
-        const userId = document.getElementById('new-member-id').value;
-        const role = parseInt(document.getElementById('new-member-role').value);
-
-        try {
-          const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/members`, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ user_id: userId, role }),
-          });
-
-          if (res.ok) {
-            showToast('Member added successfully');
-            document.getElementById('add-member-form').reset();
-            loadMembers();
-          } else {
-            const err = await res.text();
-            throw new Error(err || 'Failed to add member');
-          }
-        } catch (e) {
-          showToast(e.message);
-        }
-      };
-
       async function removeMember(userId) {
         if (!confirm(`Are you sure you want to remove user ${userId} from this account?`)) return;
 

From 95a81583f632fadc5b4b80dfaa8e5aad7c0742a6 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:57:46 -0500
Subject: [PATCH 06/49] Remove user ID from member list display

---
 public/users/accounts.html | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index b58b2b7..8f93bc6 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -114,11 +114,6 @@
         text-overflow: ellipsis;
         max-width: 300px;
       }
-      .member-id {
-        font-size: 0.75rem;
-        color: #999;
-        font-family: monospace;
-      }
       .role-badge {
         font-size: 0.75rem;
         padding: 0.25rem 0.5rem;
@@ -247,7 +242,6 @@ <h2>Team Members</h2>
                 <div class="member-info">
                   <div class="member-details">
                     <div class="member-name" title="${m.name}${isSelf ? ' (You)' : ''}">${m.name} ${isSelf ? '(You)' : ''}</div>
-                    <div class="member-id">${m.user_id}</div>
                     <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
                   </div>
                 </div>

From 254cb641e7097e1a91abfcf2d159cc507a65c593 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 21:59:25 -0500
Subject: [PATCH 07/49] Display member role in a separate column

---
 public/users/accounts.html | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 8f93bc6..3a9fe6f 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -105,14 +105,23 @@
         min-width: 0; /* Important for ellipsis in flex child */
       }
       .member-details {
+        flex: 1;
         min-width: 0;
+        display: flex;
+        align-items: center;
+        gap: 1rem;
       }
       .member-name {
         font-weight: 600;
         white-space: nowrap;
         overflow: hidden;
         text-overflow: ellipsis;
-        max-width: 300px;
+        flex: 1;
+      }
+      .member-role {
+        width: 80px;
+        display: flex;
+        justify-content: center;
       }
       .role-badge {
         font-size: 0.75rem;
@@ -242,7 +251,9 @@ <h2>Team Members</h2>
                 <div class="member-info">
                   <div class="member-details">
                     <div class="member-name" title="${m.name}${isSelf ? ' (You)' : ''}">${m.name} ${isSelf ? '(You)' : ''}</div>
-                    <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
+                    <div class="member-role">
+                      <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
+                    </div>
                   </div>
                 </div>
                 <button class="remove-btn" onclick="removeMember('${m.user_id}')" ${isSelf ? 'disabled title="You cannot remove yourself"' : ''}>

From 08659e59fdaff6b33667d4ee35cb37c5498d6549 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:03:37 -0500
Subject: [PATCH 08/49] Implement account details endpoint and display plan
 info in UI

---
 public/users/accounts.html | 15 +++++++++++++--
 src/index.ts               | 35 +++++++++++++++++++++++++++++++++++
 test/membership.spec.ts    | 10 ++++++++++
 3 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 3a9fe6f..dec7c04 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -227,8 +227,19 @@ <h2>Team Members</h2>
       }
 
       async function loadAccountDetails() {
-          // This would ideally call an endpoint that returns full account info including billing
-          // For now we might just have plan info in the account object if it was there
+          try {
+              const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}`);
+              if (res.ok) {
+                  const data = await res.json();
+                  if (data.billing && data.billing.plan_details) {
+                      document.getElementById('account-plan-display').value = data.billing.plan_details.name;
+                  } else if (data.billing && data.billing.state) {
+                      document.getElementById('account-plan-display').value = data.billing.state.plan_slug;
+                  }
+              }
+          } catch (e) {
+              console.error('Error loading account details:', e);
+          }
       }
 
       async function loadMembers() {
diff --git a/src/index.ts b/src/index.ts
index ed491e8..e76f01a 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -92,6 +92,9 @@ export default {
 
       if (apiPath.startsWith('/me/accounts/')) {
         const parts = apiPath.split('/');
+        if (parts.length === 4) {
+          return handleAccountDetails(request, env, parts[3], cookieManager);
+        }
         if (parts.length >= 5 && parts[4] === 'members') {
           return handleAccountMembers(request, env, parts[3], parts.slice(5), cookieManager);
         }
@@ -339,6 +342,38 @@ async function handleAccountMembers(
   return new Response('Not Found', { status: 404 });
 }
 
+async function handleAccountDetails(
+  request: Request,
+  env: StartupAPIEnv,
+  accountId: string,
+  cookieManager: CookieManager,
+): Promise<Response> {
+  const user = await getUserFromSession(request, env, cookieManager);
+  if (!user) return new Response('Unauthorized', { status: 401 });
+
+  const userStub = env.USER.get(env.USER.idFromString(user.id));
+  const memberships = await userStub.getMemberships();
+  const membership = memberships.find((m: any) => m.account_id === accountId);
+
+  const isAccountAdmin = membership && membership.role === AccountDO.ROLE_ADMIN;
+  const isSysAdmin = isAdmin(user, env);
+
+  if (!isAccountAdmin && !isSysAdmin) {
+    return new Response('Forbidden', { status: 403 });
+  }
+
+  const accountStub = env.ACCOUNT.get(env.ACCOUNT.idFromString(accountId));
+  const info = await accountStub.getInfo();
+  const billing = await accountStub.getBillingInfo();
+
+  return Response.json({
+    ...info,
+    id: accountId,
+    role: membership ? membership.role : null,
+    billing,
+  });
+}
+
 async function handleMe(
   request: Request,
   env: StartupAPIEnv,
diff --git a/test/membership.spec.ts b/test/membership.spec.ts
index 9645d27..786ac93 100644
--- a/test/membership.spec.ts
+++ b/test/membership.spec.ts
@@ -66,6 +66,16 @@ describe('Account Membership Management', () => {
     const members2 = await listRes2.json() as any[];
     expect(members2.length).toBe(1);
     expect(members2.some(m => m.user_id === userIdStr)).toBe(false);
+
+    // 8. Fetch Account Details
+    const detailsRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      headers: { 'Cookie': adminCookie },
+    });
+    expect(detailsRes.status).toBe(200);
+    const details = await detailsRes.json() as any;
+    expect(details.id).toBe(accIdStr);
+    expect(details.billing).toBeDefined();
+    expect(details.billing.state.plan_slug).toBe('free');
   });
 
   it('should not allow non-admin to add members', async () => {

From e99329292f60335bc8edf71afa35b9f24ee8e59a Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:04:58 -0500
Subject: [PATCH 09/49] Improve contrast of disabled remove button on accounts
 page

---
 public/users/accounts.html | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index dec7c04..ccf21b5 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -146,8 +146,9 @@
         background: #fce8e6;
       }
       .remove-btn:disabled {
+        background: #fafafa;
         border-color: #eee;
-        color: #ccc;
+        color: #999;
         cursor: not-allowed;
       }
     </style>

From d0c1bf582009f9889661fd97a804ea3f252aa9f2 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:07:27 -0500
Subject: [PATCH 10/49] Allow editing account name by admins

---
 public/users/accounts.html | 68 +++++++++++++++++++++++++++++++++-----
 src/index.ts               | 17 ++++++++++
 test/membership.spec.ts    | 18 ++++++++++
 3 files changed, 94 insertions(+), 9 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index ccf21b5..22c365a 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -164,14 +164,21 @@ <h1 id="account-name-heading">Account Settings</h1>
 
     <section id="account-info-section">
       <h2>General Information</h2>
-      <div class="form-group">
-        <label>Account ID</label>
-        <input type="text" id="account-id-display" disabled />
-      </div>
-      <div class="form-group">
-        <label>Plan</label>
-        <input type="text" id="account-plan-display" disabled />
-      </div>
+      <form id="account-info-form">
+        <div class="form-group">
+          <label for="account-name">Account Name</label>
+          <input type="text" id="account-name" name="name" required />
+        </div>
+        <div class="form-group">
+          <label>Account ID</label>
+          <input type="text" id="account-id-display" disabled />
+        </div>
+        <div class="form-group">
+          <label>Plan</label>
+          <input type="text" id="account-plan-display" disabled />
+        </div>
+        <button type="submit" id="save-account-btn" disabled>Save Changes</button>
+      </form>
     </section>
 
     <section id="members-section">
@@ -188,6 +195,7 @@ <h2>Team Members</h2>
       let currentAccountId = null;
       let currentUserRole = 0;
       let currentUserId = null;
+      let initialAccountInfo = {};
 
       async function init() {
         try {
@@ -206,11 +214,15 @@ <h2>Team Members</h2>
             currentUserId = data.profile.id;
 
             document.getElementById('account-name-heading').textContent = `Settings: ${data.account.name || 'Account'}`;
+            document.getElementById('account-name').value = data.account.name || '';
+            initialAccountInfo.name = data.account.name || '';
             document.getElementById('account-id-display').value = currentAccountId;
             
             // Check if user is admin of the account or system admin
             if (currentUserRole !== 1 && !data.is_admin) {
                 document.getElementById('members-section').style.display = 'none';
+                document.getElementById('account-name').disabled = true;
+                document.getElementById('save-account-btn').style.display = 'none';
                 const msg = document.createElement('p');
                 msg.textContent = "You do not have permission to manage this account's membership.";
                 msg.style.color = '#666';
@@ -219,7 +231,6 @@ <h2>Team Members</h2>
                 loadMembers();
             }
 
-            // Billing info might be separate
             loadAccountDetails();
           }
         } catch (e) {
@@ -227,11 +238,50 @@ <h2>Team Members</h2>
         }
       }
 
+      document.getElementById('account-name').addEventListener('input', (e) => {
+        const hasChanged = e.target.value !== initialAccountInfo.name;
+        document.getElementById('save-account-btn').disabled = !hasChanged;
+      });
+
+      document.getElementById('account-info-form').onsubmit = async (e) => {
+          e.preventDefault();
+          const name = document.getElementById('account-name').value;
+          
+          try {
+              const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}`, {
+                  method: 'POST',
+                  headers: { 'Content-Type': 'application/json' },
+                  body: JSON.stringify({ name })
+              });
+              
+              if (res.ok) {
+                  showToast('Account name updated');
+                  initialAccountInfo.name = name;
+                  document.getElementById('account-name-heading').textContent = `Settings: ${name}`;
+                  document.getElementById('save-account-btn').disabled = true;
+                  
+                  // Refresh power-strip
+                  const powerStrip = document.querySelector('power-strip');
+                  if (powerStrip && typeof powerStrip.refresh === 'function') {
+                      powerStrip.refresh();
+                  }
+              } else {
+                  throw new Error('Failed to update account name');
+              }
+          } catch (e) {
+              showToast(e.message);
+          }
+      };
+
       async function loadAccountDetails() {
           try {
               const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}`);
               if (res.ok) {
                   const data = await res.json();
+                  if (data.name) {
+                      document.getElementById('account-name').value = data.name;
+                      initialAccountInfo.name = data.name;
+                  }
                   if (data.billing && data.billing.plan_details) {
                       document.getElementById('account-plan-display').value = data.billing.plan_details.name;
                   } else if (data.billing && data.billing.state) {
diff --git a/src/index.ts b/src/index.ts
index e76f01a..738d989 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -363,6 +363,23 @@ async function handleAccountDetails(
   }
 
   const accountStub = env.ACCOUNT.get(env.ACCOUNT.idFromString(accountId));
+
+  if (request.method === 'POST') {
+    const data = await request.json() as any;
+    const result = await accountStub.updateInfo(data);
+    
+    // Sync with SystemDO index if name changed
+    if (data.name) {
+      try {
+        const systemStub = env.SYSTEM.get(env.SYSTEM.idFromName('global'));
+        await systemStub.updateAccount(accountId, { name: data.name });
+      } catch (e) {
+        console.error('Failed to sync account name to SystemDO', e);
+      }
+    }
+    return Response.json(result);
+  }
+
   const info = await accountStub.getInfo();
   const billing = await accountStub.getBillingInfo();
 
diff --git a/test/membership.spec.ts b/test/membership.spec.ts
index 786ac93..a9e3bf7 100644
--- a/test/membership.spec.ts
+++ b/test/membership.spec.ts
@@ -76,6 +76,24 @@ describe('Account Membership Management', () => {
     expect(details.id).toBe(accIdStr);
     expect(details.billing).toBeDefined();
     expect(details.billing.state.plan_slug).toBe('free');
+
+    // 9. Update Account Name
+    const updateRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      method: 'POST',
+      headers: { 
+          'Cookie': adminCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ name: 'Updated Account Name' }),
+    });
+    expect(updateRes.status).toBe(200);
+    
+    // Verify name updated in details
+    const detailsRes2 = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      headers: { 'Cookie': adminCookie },
+    });
+    const details2 = await detailsRes2.json() as any;
+    expect(details2.name).toBe('Updated Account Name');
   });
 
   it('should not allow non-admin to add members', async () => {

From 8940f89186f09f5c4dcc444da9e264edb1edc02c Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:08:49 -0500
Subject: [PATCH 11/49] Always display account name in power strip

---
 public/users/power-strip.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index c20f2df..3d873d1 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -135,7 +135,7 @@ class PowerStrip extends HTMLElement {
       if (this.user) {
         const providerIcon = this.getProviderIcon(this.user.credential.provider);
         const currentAccount = this.accounts.find((a) => a.is_current) || (this.accounts.length > 0 ? this.accounts[0] : null);
-        const accountName = currentAccount ? (currentAccount.personal ? this.user.profile.name : currentAccount.name) : 'No Account';
+        const accountName = currentAccount ? currentAccount.name : 'No Account';
 
         let switchButton = '';
         let accountContainer = '';

From 480812b9cf5b0fdcff69bff5535739e76c25344b Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:10:47 -0500
Subject: [PATCH 12/49] Move Account ID to subtitle in account settings

---
 public/users/accounts.html | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 22c365a..96f8624 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -17,6 +17,13 @@
       }
       h1 {
         color: #333;
+        margin-bottom: 0.25rem;
+      }
+      .subtitle {
+        font-size: 0.875rem;
+        color: #666;
+        margin-bottom: 2rem;
+        font-family: monospace;
       }
       section {
         background: white;
@@ -161,6 +168,7 @@
 
     <a href="/" class="back-link">← Back to Home</a>
     <h1 id="account-name-heading">Account Settings</h1>
+    <div id="account-id-subtitle" class="subtitle"></div>
 
     <section id="account-info-section">
       <h2>General Information</h2>
@@ -169,10 +177,6 @@ <h2>General Information</h2>
           <label for="account-name">Account Name</label>
           <input type="text" id="account-name" name="name" required />
         </div>
-        <div class="form-group">
-          <label>Account ID</label>
-          <input type="text" id="account-id-display" disabled />
-        </div>
         <div class="form-group">
           <label>Plan</label>
           <input type="text" id="account-plan-display" disabled />
@@ -216,7 +220,7 @@ <h2>Team Members</h2>
             document.getElementById('account-name-heading').textContent = `Settings: ${data.account.name || 'Account'}`;
             document.getElementById('account-name').value = data.account.name || '';
             initialAccountInfo.name = data.account.name || '';
-            document.getElementById('account-id-display').value = currentAccountId;
+            document.getElementById('account-id-subtitle').textContent = `ID: ${currentAccountId}`;
             
             // Check if user is admin of the account or system admin
             if (currentUserRole !== 1 && !data.is_admin) {

From c65e6222ab35d9e18e65d23b1e592420ce87b200 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:11:54 -0500
Subject: [PATCH 13/49] Enhance account ID display with copy button and better
 styling

---
 public/users/accounts.html | 52 +++++++++++++++++++++++++++++++++++---
 1 file changed, 48 insertions(+), 4 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 96f8624..539586f 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -20,10 +20,38 @@
         margin-bottom: 0.25rem;
       }
       .subtitle {
-        font-size: 0.875rem;
-        color: #666;
+        font-size: 0.75rem;
+        color: #888;
         margin-bottom: 2rem;
         font-family: monospace;
+        display: flex;
+        align-items: center;
+        gap: 0.5rem;
+        max-width: 100%;
+      }
+      .id-text {
+        white-space: nowrap;
+        overflow: hidden;
+        text-overflow: ellipsis;
+      }
+      .copy-btn {
+        background: none;
+        border: none;
+        padding: 0.25rem;
+        cursor: pointer;
+        color: #1a73e8;
+        display: flex;
+        align-items: center;
+        justify-content: center;
+        border-radius: 4px;
+        transition: background 0.2s;
+      }
+      .copy-btn:hover {
+        background: #f0f0f0;
+      }
+      .copy-btn svg {
+        width: 14px;
+        height: 14px;
       }
       section {
         background: white;
@@ -168,7 +196,15 @@
 
     <a href="/" class="back-link">← Back to Home</a>
     <h1 id="account-name-heading">Account Settings</h1>
-    <div id="account-id-subtitle" class="subtitle"></div>
+    <div id="account-id-subtitle" class="subtitle">
+        <span class="id-text" id="account-id-text"></span>
+        <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
+            <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
+                <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
+            </svg>
+        </button>
+    </div>
 
     <section id="account-info-section">
       <h2>General Information</h2>
@@ -220,7 +256,15 @@ <h2>Team Members</h2>
             document.getElementById('account-name-heading').textContent = `Settings: ${data.account.name || 'Account'}`;
             document.getElementById('account-name').value = data.account.name || '';
             initialAccountInfo.name = data.account.name || '';
-            document.getElementById('account-id-subtitle').textContent = `ID: ${currentAccountId}`;
+            document.getElementById('account-id-text').textContent = `ID: ${currentAccountId}`;
+
+            document.getElementById('copy-id-btn').onclick = () => {
+                navigator.clipboard.writeText(currentAccountId).then(() => {
+                    showToast('Account ID copied to clipboard');
+                }).catch(err => {
+                    console.error('Failed to copy: ', err);
+                });
+            };
             
             // Check if user is admin of the account or system admin
             if (currentUserRole !== 1 && !data.is_admin) {

From f5a090fabda02cac722badbb369e94e2976a3da6 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:13:44 -0500
Subject: [PATCH 14/49] Reformat account settings title and account name
 display

---
 public/users/accounts.html | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 539586f..e423556 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -17,6 +17,13 @@
       }
       h1 {
         color: #333;
+        margin-bottom: 0.5rem;
+        font-size: 1.5rem;
+      }
+      .account-name-title {
+        font-size: 2rem;
+        font-weight: bold;
+        color: #1a73e8;
         margin-bottom: 0.25rem;
       }
       .subtitle {
@@ -195,7 +202,8 @@
     <script src="/users/power-strip.js" async></script>
 
     <a href="/" class="back-link">← Back to Home</a>
-    <h1 id="account-name-heading">Account Settings</h1>
+    <div id="account-name-heading" class="account-name-title">Account</div>
+    <h1>Account Settings</h1>
     <div id="account-id-subtitle" class="subtitle">
         <span class="id-text" id="account-id-text"></span>
         <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
@@ -253,7 +261,7 @@ <h2>Team Members</h2>
             currentUserRole = data.account.role;
             currentUserId = data.profile.id;
 
-            document.getElementById('account-name-heading').textContent = `Settings: ${data.account.name || 'Account'}`;
+            document.getElementById('account-name-heading').textContent = data.account.name || 'Account';
             document.getElementById('account-name').value = data.account.name || '';
             initialAccountInfo.name = data.account.name || '';
             document.getElementById('account-id-text').textContent = `ID: ${currentAccountId}`;
@@ -305,7 +313,7 @@ <h2>Team Members</h2>
               if (res.ok) {
                   showToast('Account name updated');
                   initialAccountInfo.name = name;
-                  document.getElementById('account-name-heading').textContent = `Settings: ${name}`;
+                  document.getElementById('account-name-heading').textContent = name;
                   document.getElementById('save-account-btn').disabled = true;
                   
                   // Refresh power-strip

From ee2ea95414b5c72eb4bef819576c2a1021d63203 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:14:12 -0500
Subject: [PATCH 15/49] Limit account name title to one line with ellipsis

---
 public/users/accounts.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index e423556..41989b6 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -25,6 +25,10 @@
         font-weight: bold;
         color: #1a73e8;
         margin-bottom: 0.25rem;
+        white-space: nowrap;
+        overflow: hidden;
+        text-overflow: ellipsis;
+        max-width: 100%;
       }
       .subtitle {
         font-size: 0.75rem;

From 49338557c14b92439576239765f84eb77e6a4660 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:14:41 -0500
Subject: [PATCH 16/49] Swap Account Settings title and Account Name positions

---
 public/users/accounts.html | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 41989b6..2682230 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -16,15 +16,17 @@
         background: #f9f9f9;
       }
       h1 {
-        color: #333;
-        margin-bottom: 0.5rem;
-        font-size: 1.5rem;
+        color: #666;
+        margin-bottom: 0.25rem;
+        font-size: 1.1rem;
+        text-transform: uppercase;
+        letter-spacing: 0.05rem;
       }
       .account-name-title {
-        font-size: 2rem;
+        font-size: 2.5rem;
         font-weight: bold;
         color: #1a73e8;
-        margin-bottom: 0.25rem;
+        margin-bottom: 0.5rem;
         white-space: nowrap;
         overflow: hidden;
         text-overflow: ellipsis;
@@ -206,8 +208,8 @@
     <script src="/users/power-strip.js" async></script>
 
     <a href="/" class="back-link">← Back to Home</a>
-    <div id="account-name-heading" class="account-name-title">Account</div>
     <h1>Account Settings</h1>
+    <div id="account-name-heading" class="account-name-title">Account</div>
     <div id="account-id-subtitle" class="subtitle">
         <span class="id-text" id="account-id-text"></span>
         <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">

From bdf0da9443338c5f54658a69c223ff9dde884c89 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:15:20 -0500
Subject: [PATCH 17/49] Change account name color to black

---
 public/users/accounts.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 2682230..7e3a977 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -25,7 +25,7 @@
       .account-name-title {
         font-size: 2.5rem;
         font-weight: bold;
-        color: #1a73e8;
+        color: #333;
         margin-bottom: 0.5rem;
         white-space: nowrap;
         overflow: hidden;

From 41f2d0210c8048a170ac0b7752e16db706aa00a9 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:16:57 -0500
Subject: [PATCH 18/49] Enforce 50-character limit for account names

---
 public/users/accounts.html |  2 +-
 src/AccountDO.ts           |  6 +++++-
 src/SystemDO.ts            | 17 ++++++++++++-----
 3 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 7e3a977..594f7c7 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -225,7 +225,7 @@ <h2>General Information</h2>
       <form id="account-info-form">
         <div class="form-group">
           <label for="account-name">Account Name</label>
-          <input type="text" id="account-name" name="name" required />
+          <input type="text" id="account-name" name="name" maxlength="50" required />
         </div>
         <div class="form-group">
           <label>Plan</label>
diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index 634a85d..cb1687b 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -52,7 +52,11 @@ export class AccountDO extends DurableObject {
     try {
       this.ctx.storage.transactionSync(() => {
         for (const [key, value] of Object.entries(data)) {
-          this.sql.exec('INSERT OR REPLACE INTO account_info (key, value) VALUES (?, ?)', key, JSON.stringify(value));
+          let valToStore = value;
+          if (key === 'name' && typeof value === 'string') {
+            valToStore = value.substring(0, 50);
+          }
+          this.sql.exec('INSERT OR REPLACE INTO account_info (key, value) VALUES (?, ?)', key, JSON.stringify(valToStore));
         }
       });
       return { success: true };
diff --git a/src/SystemDO.ts b/src/SystemDO.ts
index cf2a9e7..c97e521 100644
--- a/src/SystemDO.ts
+++ b/src/SystemDO.ts
@@ -160,6 +160,8 @@ export class SystemDO extends DurableObject {
 
   async registerAccount(data: { id?: string; name: string; status?: string; plan?: string; ownerId?: string }) {
     let accountIdStr = data.id;
+    const accountName = (data.name || '').substring(0, 50);
+
     if (!accountIdStr) {
       const id = this.env.ACCOUNT.newUniqueId();
       accountIdStr = id.toString();
@@ -167,7 +169,7 @@ export class SystemDO extends DurableObject {
       // Initialize AccountDO
       const stub = this.env.ACCOUNT.get(id);
       await stub.updateInfo({
-        name: data.name,
+        name: accountName,
       });
 
       // If owner provided, add them as ADMIN
@@ -181,7 +183,7 @@ export class SystemDO extends DurableObject {
     this.sql.exec(
       'INSERT OR REPLACE INTO accounts (id, name, status, plan, member_count, created_at) VALUES (?, ?, ?, ?, ?, ?)',
       accountIdStr,
-      data.name,
+      accountName,
       data.status || 'active',
       data.plan || 'free',
       data.ownerId ? 1 : 0,
@@ -215,10 +217,15 @@ export class SystemDO extends DurableObject {
   }
 
   async updateAccount(accountId: string, data: any) {
+    const sanitizedData = { ...data };
+    if (sanitizedData.name !== undefined) {
+      sanitizedData.name = sanitizedData.name.substring(0, 50);
+    }
+
     // Update AccountDO
     try {
       const stub = this.env.ACCOUNT.get(this.env.ACCOUNT.idFromString(accountId));
-      await stub.updateInfo(data);
+      await stub.updateInfo(sanitizedData);
     } catch (e) {
       console.error('Failed to update AccountDO', e);
     }
@@ -227,9 +234,9 @@ export class SystemDO extends DurableObject {
     const updates: string[] = [];
     const args: any[] = [];
 
-    if (data.name !== undefined) {
+    if (sanitizedData.name !== undefined) {
       updates.push('name = ?');
-      args.push(data.name);
+      args.push(sanitizedData.name);
     }
     if (data.status !== undefined) {
       updates.push('status = ?');

From 900997b7338ce4d20d71e1ceec1b236c1a7f4519 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:20:24 -0500
Subject: [PATCH 19/49] Add gap between account name and current label in
 switcher

---
 public/users/power-strip.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index 3d873d1..6e936e9 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -516,6 +516,7 @@ class PowerStrip extends HTMLElement {
             align-items: center;
             transition: background-color 0.2s;
             font-size: 1rem;
+            gap: 1rem;
         }
         
         .account-item:hover {

From 5c91301202be83e62763181ed4096caf350f07fc Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:24:19 -0500
Subject: [PATCH 20/49] Unify profile and accounts page styling with shared
 style.css

---
 public/users/accounts.html | 201 +---------------------
 public/users/profile.html  | 192 +--------------------
 public/users/style.css     | 333 +++++++++++++++++++++++++++++++++++++
 3 files changed, 340 insertions(+), 386 deletions(-)
 create mode 100644 public/users/style.css

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 594f7c7..bfe3492 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -4,202 +4,7 @@
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Account Settings</title>
-    <style>
-      body {
-        font-family:
-          system-ui,
-          -apple-system,
-          sans-serif;
-        padding: 2rem;
-        max-width: 800px;
-        margin: 0 auto;
-        background: #f9f9f9;
-      }
-      h1 {
-        color: #666;
-        margin-bottom: 0.25rem;
-        font-size: 1.1rem;
-        text-transform: uppercase;
-        letter-spacing: 0.05rem;
-      }
-      .account-name-title {
-        font-size: 2.5rem;
-        font-weight: bold;
-        color: #333;
-        margin-bottom: 0.5rem;
-        white-space: nowrap;
-        overflow: hidden;
-        text-overflow: ellipsis;
-        max-width: 100%;
-      }
-      .subtitle {
-        font-size: 0.75rem;
-        color: #888;
-        margin-bottom: 2rem;
-        font-family: monospace;
-        display: flex;
-        align-items: center;
-        gap: 0.5rem;
-        max-width: 100%;
-      }
-      .id-text {
-        white-space: nowrap;
-        overflow: hidden;
-        text-overflow: ellipsis;
-      }
-      .copy-btn {
-        background: none;
-        border: none;
-        padding: 0.25rem;
-        cursor: pointer;
-        color: #1a73e8;
-        display: flex;
-        align-items: center;
-        justify-content: center;
-        border-radius: 4px;
-        transition: background 0.2s;
-      }
-      .copy-btn:hover {
-        background: #f0f0f0;
-      }
-      .copy-btn svg {
-        width: 14px;
-        height: 14px;
-      }
-      section {
-        background: white;
-        padding: 2rem;
-        border-radius: 8px;
-        box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
-        margin-bottom: 2rem;
-      }
-      .form-group {
-        margin-bottom: 1.5rem;
-      }
-      .form-group label {
-        display: block;
-        margin-bottom: 0.5rem;
-        font-weight: 500;
-        color: #555;
-      }
-      .form-group input, .form-group select {
-        width: 100%;
-        padding: 0.75rem;
-        border: 1px solid #ddd;
-        border-radius: 4px;
-        box-sizing: border-box;
-        font-size: 1rem;
-      }
-      button {
-        padding: 0.75rem 1.5rem;
-        background: #1a73e8;
-        color: white;
-        border: none;
-        border-radius: 4px;
-        cursor: pointer;
-        font-size: 1rem;
-        font-weight: 500;
-      }
-      button:hover {
-        background: #1557b0;
-      }
-      button.secondary-btn {
-        background: #fff;
-        color: #1a73e8;
-        border: 1px solid #1a73e8;
-      }
-      button.secondary-btn:hover {
-        background: #f8f9fa;
-      }
-      button:disabled {
-        background: #ccc;
-        cursor: not-allowed;
-      }
-      #toast {
-        position: fixed;
-        bottom: 1rem;
-        right: 1rem;
-        padding: 1rem;
-        background: #333;
-        color: white;
-        border-radius: 4px;
-        opacity: 0;
-        transition: opacity 0.3s;
-        z-index: 10000;
-      }
-      .back-link {
-        display: inline-block;
-        margin-bottom: 1rem;
-        color: #1a73e8;
-        text-decoration: none;
-      }
-      .back-link:hover {
-        text-decoration: underline;
-      }
-      .member-item {
-        display: flex;
-        justify-content: space-between;
-        align-items: center;
-        padding: 1rem;
-        border-bottom: 1px solid #eee;
-      }
-      .member-item:last-child {
-        border-bottom: none;
-      }
-      .member-info {
-        display: flex;
-        align-items: center;
-        gap: 1rem;
-        min-width: 0; /* Important for ellipsis in flex child */
-      }
-      .member-details {
-        flex: 1;
-        min-width: 0;
-        display: flex;
-        align-items: center;
-        gap: 1rem;
-      }
-      .member-name {
-        font-weight: 600;
-        white-space: nowrap;
-        overflow: hidden;
-        text-overflow: ellipsis;
-        flex: 1;
-      }
-      .member-role {
-        width: 80px;
-        display: flex;
-        justify-content: center;
-      }
-      .role-badge {
-        font-size: 0.75rem;
-        padding: 0.25rem 0.5rem;
-        border-radius: 1rem;
-        background: #f1f3f4;
-        color: #5f6368;
-        font-weight: 500;
-      }
-      .role-badge.admin {
-        background: #e8f0fe;
-        color: #1a73e8;
-      }
-      .remove-btn {
-        background: transparent;
-        color: #d93025;
-        border: 1px solid #d93025;
-        padding: 0.4rem 0.8rem;
-        font-size: 0.85rem;
-      }
-      .remove-btn:hover {
-        background: #fce8e6;
-      }
-      .remove-btn:disabled {
-        background: #fafafa;
-        border-color: #eee;
-        color: #999;
-        cursor: not-allowed;
-      }
-    </style>
+    <link rel="stylesheet" href="/users/style.css" />
   </head>
   <body>
     <power-strip providers="google,twitch" style="position: absolute; top: 0; right: 0; z-index: 9999; padding: 0.1rem; border-radius: 0 0 0 0.3rem;">
@@ -208,8 +13,8 @@
     <script src="/users/power-strip.js" async></script>
 
     <a href="/" class="back-link">← Back to Home</a>
-    <h1>Account Settings</h1>
-    <div id="account-name-heading" class="account-name-title">Account</div>
+    <h1 class="page-subtitle">Account Settings</h1>
+    <div id="account-name-heading" class="page-title">Account</div>
     <div id="account-id-subtitle" class="subtitle">
         <span class="id-text" id="account-id-text"></span>
         <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
diff --git a/public/users/profile.html b/public/users/profile.html
index e91a1f3..3bcd99a 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -4,191 +4,7 @@
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>User Profile</title>
-    <style>
-      body {
-        font-family:
-          system-ui,
-          -apple-system,
-          sans-serif;
-        padding: 2rem;
-        max-width: 600px;
-        margin: 0 auto;
-        background: #f9f9f9;
-      }
-      h1 {
-        color: #333;
-      }
-      section {
-        background: white;
-        padding: 2rem;
-        border-radius: 8px;
-        box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
-        margin-bottom: 2rem;
-      }
-      .form-group {
-        margin-bottom: 1.5rem;
-      }
-      .form-group label {
-        display: block;
-        margin-bottom: 0.5rem;
-        font-weight: 500;
-        color: #555;
-      }
-      .form-group input {
-        width: 100%;
-        padding: 0.75rem;
-        border: 1px solid #ddd;
-        border-radius: 4px;
-        box-sizing: border-box;
-        font-size: 1rem;
-      }
-      .form-group input:disabled {
-        background: #f0f0f0;
-        color: #888;
-      }
-      button {
-        padding: 0.75rem 1.5rem;
-        background: #1a73e8;
-        color: white;
-        border: none;
-        border-radius: 4px;
-        cursor: pointer;
-        font-size: 1rem;
-        font-weight: 500;
-      }
-      button:hover {
-        background: #1557b0;
-      }
-      button.secondary-btn {
-        background: #fff;
-        color: #1a73e8;
-        border: 1px solid #1a73e8;
-      }
-      button.secondary-btn:hover {
-        background: #f8f9fa;
-      }
-      button:disabled {
-        background: #ccc;
-        cursor: not-allowed;
-      }
-      .avatar-section {
-        display: flex;
-        align-items: center;
-        gap: 1.5rem;
-        margin-bottom: 2rem;
-      }
-      .avatar-large {
-        width: 100px;
-        height: 100px;
-        border-radius: 50%;
-        object-fit: cover;
-        border: 3px solid white;
-        box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
-      }
-      #toast {
-        position: fixed;
-        bottom: 1rem;
-        right: 1rem;
-        padding: 1rem;
-        background: #333;
-        color: white;
-        border-radius: 4px;
-        opacity: 0;
-        transition: opacity 0.3s;
-        z-index: 10000;
-      }
-      .back-link {
-        display: inline-block;
-        margin-bottom: 1rem;
-        color: #1a73e8;
-        text-decoration: none;
-      }
-      .back-link:hover {
-        text-decoration: underline;
-      }
-      .credential-item {
-        display: flex;
-        justify-content: space-between;
-        align-items: center;
-        padding: 1rem;
-        border: 1px solid #eee;
-        border-radius: 8px;
-        margin-bottom: 0.75rem;
-      }
-      .credential-item.active {
-        border-color: #1a73e8;
-        background-color: #e8f0fe;
-      }
-      .current-badge {
-        font-size: 0.75rem;
-        background: #1a73e8;
-        color: white;
-        padding: 0.125rem 0.375rem;
-        border-radius: 0.75rem;
-        margin-left: 0.5rem;
-        font-weight: normal;
-      }
-      .credential-info {
-        display: flex;
-        align-items: center;
-        gap: 1rem;
-      }
-      .provider-icon {
-        width: 32px;
-        height: 32px;
-        display: flex;
-        align-items: center;
-        justify-content: center;
-      }
-      .remove-btn {
-        background: #fff;
-        color: #d93025;
-        border: 1px solid #d93025;
-        padding: 0.5rem 0.75rem;
-        font-size: 0.875rem;
-      }
-      .remove-btn:hover {
-        background: #fce8e6;
-        color: #a50e0e;
-      }
-      .remove-btn:disabled {
-        background: #fafafa;
-        color: #999;
-        border-color: #eee;
-        cursor: not-allowed;
-      }
-      .link-account-btn {
-        display: flex;
-        align-items: center;
-        gap: 0.5rem;
-        padding: 0.75rem 1rem;
-        border-radius: 4px;
-        text-decoration: none;
-        font-weight: 500;
-        font-size: 0.875rem;
-        border: 1px solid #ddd;
-        color: #333;
-        transition: background 0.2s;
-      }
-      .link-account-btn.google:hover { background: #f8f9fa; }
-      .link-account-btn.twitch { background: #9146FF; color: white; border-color: #9146FF; }
-      .link-account-btn.twitch:hover { background: #7d2ee6; }
-      .btn-link {
-        display: inline-block;
-        padding: 0.75rem 1rem;
-        background: white;
-        color: #1a73e8;
-        border: 1px solid #1a73e8;
-        border-radius: 4px;
-        text-decoration: none;
-        font-weight: 500;
-        font-size: 0.875rem;
-        transition: background 0.2s;
-      }
-      .btn-link:hover {
-        background: #f8f9fa;
-      }
-    </style>
+    <link rel="stylesheet" href="/users/style.css" />
   </head>
   <body>
     <power-strip providers="google,twitch" style="position: absolute; top: 0; right: 0; z-index: 9999; padding: 0.1rem; border-radius: 0 0 0 0.3rem;">
@@ -197,7 +13,8 @@
     <script src="/users/power-strip.js" async></script>
 
     <a href="/" class="back-link">← Back to Home</a>
-    <h1>Edit Profile</h1>
+    <h1 class="page-subtitle">User Profile</h1>
+    <div id="page-title" class="page-title">Loading...</div>
 
     <section>
       <div class="avatar-section">
@@ -207,7 +24,6 @@ <h1>Edit Profile</h1>
           <button type="button" id="change-avatar-btn" class="secondary-btn" style="position: absolute; bottom: -0.5rem; left: 50%; transform: translateX(-50%); padding: 0.25rem 0.5rem; font-size: 0.75rem; white-space: nowrap;">Change</button>
         </div>
         <div>
-          <h2 id="display-name" style="margin: 0; color: #333;">Loading...</h2>
           <p id="display-email" style="margin: 0.25rem 0 0 0; color: #666;"></p>
         </div>
       </div>
@@ -288,7 +104,7 @@ <h2>Account Settings</h2>
             currentProvider = data.credential ? data.credential.provider : null;
             document.getElementById('name').value = p.name || '';
             document.getElementById('email').value = p.email || '';
-            document.getElementById('display-name').textContent = p.name || 'Anonymous';
+            document.getElementById('page-title').textContent = p.name || 'Anonymous';
             document.getElementById('display-email').textContent = p.email || '';
             
             if (p.picture) {
diff --git a/public/users/style.css b/public/users/style.css
new file mode 100644
index 0000000..fab63c9
--- /dev/null
+++ b/public/users/style.css
@@ -0,0 +1,333 @@
+body {
+  font-family:
+    system-ui,
+    -apple-system,
+    sans-serif;
+  padding: 2rem;
+  max-width: 800px;
+  margin: 0 auto;
+  background: #f9f9f9;
+}
+
+h1.page-subtitle {
+  color: #666;
+  margin-bottom: 0.25rem;
+  font-size: 1.1rem;
+  text-transform: uppercase;
+  letter-spacing: 0.05rem;
+  margin-top: 0;
+}
+
+.page-title {
+  font-size: 2.5rem;
+  font-weight: bold;
+  color: #333;
+  margin-bottom: 0.5rem;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  max-width: 100%;
+}
+
+.subtitle {
+  font-size: 0.75rem;
+  color: #888;
+  margin-bottom: 2rem;
+  font-family: monospace;
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+  max-width: 100%;
+}
+
+section {
+  background: white;
+  padding: 2rem;
+  border-radius: 8px;
+  box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+  margin-bottom: 2rem;
+}
+
+.form-group {
+  margin-bottom: 1.5rem;
+}
+
+.form-group label {
+  display: block;
+  margin-bottom: 0.5rem;
+  font-weight: 500;
+  color: #555;
+}
+
+.form-group input,
+.form-group select {
+  width: 100%;
+  padding: 0.75rem;
+  border: 1px solid #ddd;
+  border-radius: 4px;
+  box-sizing: border-box;
+  font-size: 1rem;
+}
+
+.form-group input:disabled {
+  background: #f0f0f0;
+  color: #888;
+}
+
+button {
+  padding: 0.75rem 1.5rem;
+  background: #1a73e8;
+  color: white;
+  border: none;
+  border-radius: 4px;
+  cursor: pointer;
+  font-size: 1rem;
+  font-weight: 500;
+}
+
+button:hover {
+  background: #1557b0;
+}
+
+button.secondary-btn {
+  background: #fff;
+  color: #1a73e8;
+  border: 1px solid #1a73e8;
+}
+
+button.secondary-btn:hover {
+  background: #f8f9fa;
+}
+
+button:disabled {
+  background: #ccc;
+  cursor: not-allowed;
+}
+
+#toast {
+  position: fixed;
+  bottom: 1rem;
+  right: 1rem;
+  padding: 1rem;
+  background: #333;
+  color: white;
+  border-radius: 4px;
+  opacity: 0;
+  transition: opacity 0.3s;
+  z-index: 10000;
+}
+
+.back-link {
+  display: inline-block;
+  margin-bottom: 1rem;
+  color: #1a73e8;
+  text-decoration: none;
+}
+
+.back-link:hover {
+  text-decoration: underline;
+}
+
+.remove-btn {
+  background: transparent;
+  color: #d93025;
+  border: 1px solid #d93025;
+  padding: 0.4rem 0.8rem;
+  font-size: 0.85rem;
+}
+
+.remove-btn:hover {
+  background: #fce8e6;
+}
+
+.remove-btn:disabled {
+  background: #fafafa;
+  border-color: #eee;
+  color: #999;
+  cursor: not-allowed;
+}
+
+.btn-link {
+  display: inline-block;
+  padding: 0.75rem 1rem;
+  background: white;
+  color: #1a73e8;
+  border: 1px solid #1a73e8;
+  border-radius: 4px;
+  text-decoration: none;
+  font-weight: 500;
+  font-size: 0.875rem;
+  transition: background 0.2s;
+}
+
+.btn-link:hover {
+  background: #f8f9fa;
+}
+
+/* Profile specific */
+.avatar-section {
+  display: flex;
+  align-items: center;
+  gap: 1.5rem;
+  margin-bottom: 2rem;
+}
+
+.avatar-large {
+  width: 100px;
+  height: 100px;
+  border-radius: 50%;
+  object-fit: cover;
+  border: 3px solid white;
+  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
+}
+
+.credential-item {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  padding: 1rem;
+  border: 1px solid #eee;
+  border-radius: 8px;
+  margin-bottom: 0.75rem;
+}
+
+.credential-item.active {
+  border-color: #1a73e8;
+  background-color: #e8f0fe;
+}
+
+.current-badge {
+  font-size: 0.75rem;
+  background: #1a73e8;
+  color: white;
+  padding: 0.125rem 0.375rem;
+  border-radius: 0.75rem;
+  margin-left: 0.5rem;
+  font-weight: normal;
+}
+
+.credential-info {
+  display: flex;
+  align-items: center;
+  gap: 1rem;
+}
+
+.provider-icon {
+  width: 32px;
+  height: 32px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+
+.link-account-btn {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+  padding: 0.75rem 1rem;
+  border-radius: 4px;
+  text-decoration: none;
+  font-weight: 500;
+  font-size: 0.875rem;
+  border: 1px solid #ddd;
+  color: #333;
+  transition: background 0.2s;
+}
+
+.link-account-btn.google:hover {
+  background: #f8f9fa;
+}
+
+.link-account-btn.twitch {
+  background: #9146FF;
+  color: white;
+  border-color: #9146FF;
+}
+
+.link-account-btn.twitch:hover {
+  background: #7d2ee6;
+}
+
+/* Accounts specific */
+.member-item {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  padding: 1rem;
+  border-bottom: 1px solid #eee;
+}
+
+.member-item:last-child {
+  border-bottom: none;
+}
+
+.member-info {
+  display: flex;
+  align-items: center;
+  gap: 1rem;
+  min-width: 0;
+}
+
+.member-details {
+  flex: 1;
+  min-width: 0;
+  display: flex;
+  align-items: center;
+  gap: 1rem;
+}
+
+.member-name {
+  font-weight: 600;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  flex: 1;
+}
+
+.member-role {
+  width: 80px;
+  display: flex;
+  justify-content: center;
+}
+
+.role-badge {
+  font-size: 0.75rem;
+  padding: 0.25rem 0.5rem;
+  border-radius: 1rem;
+  background: #f1f3f4;
+  color: #5f6368;
+  font-weight: 500;
+}
+
+.role-badge.admin {
+  background: #e8f0fe;
+  color: #1a73e8;
+}
+
+.id-text {
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
+
+.copy-btn {
+  background: none;
+  border: none;
+  padding: 0.25rem;
+  cursor: pointer;
+  color: #1a73e8;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  border-radius: 4px;
+  transition: background 0.2s;
+}
+
+.copy-btn:hover {
+  background: #f0f0f0;
+}
+
+.copy-btn svg {
+  width: 14px;
+  height: 14px;
+}

From 43ce0db08015eeb4178620779a74aa26df187859 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:26:18 -0500
Subject: [PATCH 21/49] Add sidebar navigation between profile and account
 settings

---
 public/users/accounts.html |  55 +++++++++------
 public/users/profile.html  | 134 +++++++++++++++++++++----------------
 public/users/style.css     |  48 ++++++++++++-
 3 files changed, 157 insertions(+), 80 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index bfe3492..f9b90a6 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -25,27 +25,42 @@ <h1 class="page-subtitle">Account Settings</h1>
         </button>
     </div>
 
-    <section id="account-info-section">
-      <h2>General Information</h2>
-      <form id="account-info-form">
-        <div class="form-group">
-          <label for="account-name">Account Name</label>
-          <input type="text" id="account-name" name="name" maxlength="50" required />
-        </div>
-        <div class="form-group">
-          <label>Plan</label>
-          <input type="text" id="account-plan-display" disabled />
-        </div>
-        <button type="submit" id="save-account-btn" disabled>Save Changes</button>
-      </form>
-    </section>
-
-    <section id="members-section">
-      <h2>Team Members</h2>
-      <div id="members-list">
-        <p>Loading members...</p>
+    <div class="main-layout">
+      <nav class="sidebar">
+        <ul class="nav-list">
+          <li class="nav-item">
+            <a href="/users/profile.html" class="nav-link">Profile</a>
+          </li>
+          <li class="nav-item" id="nav-account-item">
+            <a href="/users/accounts.html" class="nav-link active">Account Settings</a>
+          </li>
+        </ul>
+      </nav>
+
+      <div class="content-area">
+        <section id="account-info-section">
+          <h2>General Information</h2>
+          <form id="account-info-form">
+            <div class="form-group">
+              <label for="account-name">Account Name</label>
+              <input type="text" id="account-name" name="name" maxlength="50" required />
+            </div>
+            <div class="form-group">
+              <label>Plan</label>
+              <input type="text" id="account-plan-display" disabled />
+            </div>
+            <button type="submit" id="save-account-btn" disabled>Save Changes</button>
+          </form>
+        </section>
+
+        <section id="members-section">
+          <h2>Team Members</h2>
+          <div id="members-list">
+            <p>Loading members...</p>
+          </div>
+        </section>
       </div>
-    </section>
+    </div>
 
     <div id="toast"></div>
 
diff --git a/public/users/profile.html b/public/users/profile.html
index 3bcd99a..8778562 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -16,69 +16,84 @@
     <h1 class="page-subtitle">User Profile</h1>
     <div id="page-title" class="page-title">Loading...</div>
 
-    <section>
-      <div class="avatar-section">
-        <div style="position: relative;">
-          <img id="profile-picture" class="avatar-large" src="" alt="Profile Picture" style="display: none;" />
-          <input type="file" id="avatar-input" accept="image/*" style="display: none;" />
-          <button type="button" id="change-avatar-btn" class="secondary-btn" style="position: absolute; bottom: -0.5rem; left: 50%; transform: translateX(-50%); padding: 0.25rem 0.5rem; font-size: 0.75rem; white-space: nowrap;">Change</button>
-        </div>
-        <div>
-          <p id="display-email" style="margin: 0.25rem 0 0 0; color: #666;"></p>
-        </div>
-      </div>
+    <div class="main-layout">
+      <nav class="sidebar">
+        <ul class="nav-list">
+          <li class="nav-item">
+            <a href="/users/profile.html" class="nav-link active">Profile</a>
+          </li>
+          <li class="nav-item" id="nav-account-item" style="display: none;">
+            <a href="/users/accounts.html" class="nav-link">Account Settings</a>
+          </li>
+        </ul>
+      </nav>
 
-      <form id="profile-form">
-        <div class="form-group">
-          <label for="name">Name</label>
-          <input type="text" id="name" name="name" placeholder="Your Name" required />
-        </div>
-        <div class="form-group">
-          <label for="email">Email</label>
-          <input type="email" id="email" name="email" disabled title="Email is managed by your login provider" />
-        </div>
-        <button type="submit" id="save-btn" disabled>Save Changes</button>
-      </form>
-    </section>
+      <div class="content-area">
+        <section>
+          <div class="avatar-section">
+            <div style="position: relative;">
+              <img id="profile-picture" class="avatar-large" src="" alt="Profile Picture" style="display: none;" />
+              <input type="file" id="avatar-input" accept="image/*" style="display: none;" />
+              <button type="button" id="change-avatar-btn" class="secondary-btn" style="position: absolute; bottom: -0.5rem; left: 50%; transform: translateX(-50%); padding: 0.25rem 0.5rem; font-size: 0.75rem; white-space: nowrap;">Change</button>
+            </div>
+            <div>
+              <p id="display-email" style="margin: 0.25rem 0 0 0; color: #666;"></p>
+            </div>
+          </div>
 
-    <section>
-      <h2>Login Credentials</h2>
-      <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
-        Manage the login methods linked to your account.
-      </p>
-      
-      <div id="credentials-list" style="margin-bottom: 2rem;">
-        <!-- Credentials will be loaded here -->
-        <p>Loading credentials...</p>
-      </div>
+          <form id="profile-form">
+            <div class="form-group">
+              <label for="name">Name</label>
+              <input type="text" id="name" name="name" placeholder="Your Name" required />
+            </div>
+            <div class="form-group">
+              <label for="email">Email</label>
+              <input type="email" id="email" name="email" disabled title="Email is managed by your login provider" />
+            </div>
+            <button type="submit" id="save-btn" disabled>Save Changes</button>
+          </form>
+        </section>
 
-      <h3>Link another account</h3>
-      <div style="display: flex; gap: 1rem; margin-top: 1rem;">
-        <a href="/users/auth/google" class="link-account-btn google">
-          <svg viewBox="0 0 24 24" width="20" height="20">
-            <path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z" fill="#4285F4"/>
-            <path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/>
-            <path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l3.66-2.84z" fill="#FBBC05"/>
-            <path d="M12 5.38c1.62 0 3.06.56 4.21 1.66l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/>
-          </svg>
-          Google
-        </a>
-        <a href="/users/auth/twitch" class="link-account-btn twitch">
-          <svg viewBox="0 0 24 24" width="20" height="20">
-            <path d="M11.571 4.714h1.715v5.143H11.57zm4.715 0H18v5.143h-1.714zM6 0L1.714 4.286v15.428h5.143V24l4.286-4.286h3.428L22.286 12V0zm14.571 11.143l-3.428 3.428h-3.429l-3 3v-3H6.857V1.714h13.714z" fill="currentColor"/>
-          </svg>
-          Twitch
-        </a>
-      </div>
-    </section>
+        <section>
+          <h2>Login Credentials</h2>
+          <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
+            Manage the login methods linked to your account.
+          </p>
+          
+          <div id="credentials-list" style="margin-bottom: 2rem;">
+            <!-- Credentials will be loaded here -->
+            <p>Loading credentials...</p>
+          </div>
+
+          <h3>Link another account</h3>
+          <div style="display: flex; gap: 1rem; margin-top: 1rem;">
+            <a href="/users/auth/google" class="link-account-btn google">
+              <svg viewBox="0 0 24 24" width="20" height="20">
+                <path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z" fill="#4285F4"/>
+                <path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/>
+                <path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l3.66-2.84z" fill="#FBBC05"/>
+                <path d="M12 5.38c1.62 0 3.06.56 4.21 1.66l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/>
+              </svg>
+              Google
+            </a>
+            <a href="/users/auth/twitch" class="link-account-btn twitch">
+              <svg viewBox="0 0 24 24" width="20" height="20">
+                <path d="M11.571 4.714h1.715v5.143H11.57zm4.715 0H18v5.143h-1.714zM6 0L1.714 4.286v15.428h5.143V24l4.286-4.286h3.428L22.286 12V0zm14.571 11.143l-3.428 3.428h-3.429l-3 3v-3H6.857V1.714h13.714z" fill="currentColor"/>
+              </svg>
+              Twitch
+            </a>
+          </div>
+        </section>
 
-    <section id="account-settings-section" style="display: none;">
-      <h2>Account Settings</h2>
-      <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
-        Manage your team members and account configuration.
-      </p>
-      <a href="/users/accounts.html" class="btn-link">Manage Account & Team</a>
-    </section>
+        <section id="account-settings-section" style="display: none;">
+          <h2>Account Settings</h2>
+          <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
+            Manage your team members and account configuration.
+          </p>
+          <a href="/users/accounts.html" class="btn-link">Manage Account & Team</a>
+        </section>
+      </div>
+    </div>
 
     <div id="toast"></div>
 
@@ -121,6 +136,7 @@ <h2>Account Settings</h2>
 
             if (data.account && (data.account.role === 1 || data.is_admin)) {
                 document.getElementById('account-settings-section').style.display = 'block';
+                document.getElementById('nav-account-item').style.display = 'block';
             }
 
             document.getElementById('save-btn').disabled = true;
diff --git a/public/users/style.css b/public/users/style.css
index fab63c9..87c30e7 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -4,11 +4,57 @@ body {
     -apple-system,
     sans-serif;
   padding: 2rem;
-  max-width: 800px;
+  max-width: 1000px;
   margin: 0 auto;
   background: #f9f9f9;
 }
 
+.main-layout {
+  display: flex;
+  gap: 3rem;
+  margin-top: 2rem;
+}
+
+.sidebar {
+  width: 200px;
+  flex-shrink: 0;
+}
+
+.content-area {
+  flex: 1;
+  min-width: 0;
+}
+
+.nav-list {
+  list-style: none;
+  padding: 0;
+  margin: 0;
+}
+
+.nav-item {
+  margin-bottom: 0.5rem;
+}
+
+.nav-link {
+  display: block;
+  padding: 0.75rem 1rem;
+  color: #555;
+  text-decoration: none;
+  border-radius: 6px;
+  transition: all 0.2s;
+  font-weight: 500;
+}
+
+.nav-link:hover {
+  background: #f0f0f0;
+  color: #1a73e8;
+}
+
+.nav-link.active {
+  background: #e8f0fe;
+  color: #1a73e8;
+}
+
 h1.page-subtitle {
   color: #666;
   margin-bottom: 0.25rem;

From 2f3a9dd38becc4dcb894aaecac0eb6673989ce01 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:27:45 -0500
Subject: [PATCH 22/49] Move page headers into the main column

---
 public/users/accounts.html | 28 +++++++++++++++-------------
 public/users/profile.html  | 10 ++++++----
 public/users/style.css     |  4 ++++
 3 files changed, 25 insertions(+), 17 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index f9b90a6..a8eaf16 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -12,19 +12,6 @@
     </power-strip>
     <script src="/users/power-strip.js" async></script>
 
-    <a href="/" class="back-link">← Back to Home</a>
-    <h1 class="page-subtitle">Account Settings</h1>
-    <div id="account-name-heading" class="page-title">Account</div>
-    <div id="account-id-subtitle" class="subtitle">
-        <span class="id-text" id="account-id-text"></span>
-        <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
-            <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-            </svg>
-        </button>
-    </div>
-
     <div class="main-layout">
       <nav class="sidebar">
         <ul class="nav-list">
@@ -38,6 +25,21 @@ <h1 class="page-subtitle">Account Settings</h1>
       </nav>
 
       <div class="content-area">
+        <div class="header-area">
+          <a href="/" class="back-link">← Back to Home</a>
+          <h1 class="page-subtitle">Account Settings</h1>
+          <div id="account-name-heading" class="page-title">Account</div>
+          <div id="account-id-subtitle" class="subtitle">
+              <span class="id-text" id="account-id-text"></span>
+              <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
+                  <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                      <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
+                      <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
+                  </svg>
+              </button>
+          </div>
+        </div>
+
         <section id="account-info-section">
           <h2>General Information</h2>
           <form id="account-info-form">
diff --git a/public/users/profile.html b/public/users/profile.html
index 8778562..0684082 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -12,10 +12,6 @@
     </power-strip>
     <script src="/users/power-strip.js" async></script>
 
-    <a href="/" class="back-link">← Back to Home</a>
-    <h1 class="page-subtitle">User Profile</h1>
-    <div id="page-title" class="page-title">Loading...</div>
-
     <div class="main-layout">
       <nav class="sidebar">
         <ul class="nav-list">
@@ -29,6 +25,12 @@ <h1 class="page-subtitle">User Profile</h1>
       </nav>
 
       <div class="content-area">
+        <div class="header-area">
+          <a href="/" class="back-link">← Back to Home</a>
+          <h1 class="page-subtitle">User Profile</h1>
+          <div id="page-title" class="page-title">Loading...</div>
+        </div>
+
         <section>
           <div class="avatar-section">
             <div style="position: relative;">
diff --git a/public/users/style.css b/public/users/style.css
index 87c30e7..39272fd 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -25,6 +25,10 @@ body {
   min-width: 0;
 }
 
+.header-area {
+  margin-bottom: 2rem;
+}
+
 .nav-list {
   list-style: none;
   padding: 0;

From 40ca0cc13133290d40a8d9194544126732da359e Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:28:52 -0500
Subject: [PATCH 23/49] Align navigation with main section and adjust header
 positioning

---
 public/users/accounts.html | 30 +++++++++++++++---------------
 public/users/profile.html  | 12 ++++++------
 public/users/style.css     | 14 ++++++++++++++
 3 files changed, 35 insertions(+), 21 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index a8eaf16..93ab76b 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -12,6 +12,21 @@
     </power-strip>
     <script src="/users/power-strip.js" async></script>
 
+    <div class="header-area">
+      <a href="/" class="back-link">← Back to Home</a>
+      <h1 class="page-subtitle">Account Settings</h1>
+      <div id="account-name-heading" class="page-title">Account</div>
+      <div id="account-id-subtitle" class="subtitle">
+          <span class="id-text" id="account-id-text"></span>
+          <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
+              <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                  <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
+                  <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
+              </svg>
+          </button>
+      </div>
+    </div>
+
     <div class="main-layout">
       <nav class="sidebar">
         <ul class="nav-list">
@@ -25,21 +40,6 @@
       </nav>
 
       <div class="content-area">
-        <div class="header-area">
-          <a href="/" class="back-link">← Back to Home</a>
-          <h1 class="page-subtitle">Account Settings</h1>
-          <div id="account-name-heading" class="page-title">Account</div>
-          <div id="account-id-subtitle" class="subtitle">
-              <span class="id-text" id="account-id-text"></span>
-              <button id="copy-id-btn" class="copy-btn" title="Copy Account ID">
-                  <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                      <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                      <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                  </svg>
-              </button>
-          </div>
-        </div>
-
         <section id="account-info-section">
           <h2>General Information</h2>
           <form id="account-info-form">
diff --git a/public/users/profile.html b/public/users/profile.html
index 0684082..daa25b8 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -12,6 +12,12 @@
     </power-strip>
     <script src="/users/power-strip.js" async></script>
 
+    <div class="header-area">
+      <a href="/" class="back-link">← Back to Home</a>
+      <h1 class="page-subtitle">User Profile</h1>
+      <div id="page-title" class="page-title">Loading...</div>
+    </div>
+
     <div class="main-layout">
       <nav class="sidebar">
         <ul class="nav-list">
@@ -25,12 +31,6 @@
       </nav>
 
       <div class="content-area">
-        <div class="header-area">
-          <a href="/" class="back-link">← Back to Home</a>
-          <h1 class="page-subtitle">User Profile</h1>
-          <div id="page-title" class="page-title">Loading...</div>
-        </div>
-
         <section>
           <div class="avatar-section">
             <div style="position: relative;">
diff --git a/public/users/style.css b/public/users/style.css
index 39272fd..a5afe44 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -27,6 +27,20 @@ body {
 
 .header-area {
   margin-bottom: 2rem;
+  margin-left: calc(200px + 3rem);
+}
+
+@media (max-width: 768px) {
+  .main-layout {
+    flex-direction: column;
+    gap: 2rem;
+  }
+  .sidebar {
+    width: 100%;
+  }
+  .header-area {
+    margin-left: 0;
+  }
 }
 
 .nav-list {

From 65f504d62fb607ecc9c0fe3703c983fe7e5cc479 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:31:40 -0500
Subject: [PATCH 24/49] Allow layout to take more width and center it

---
 public/users/style.css | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/public/users/style.css b/public/users/style.css
index a5afe44..6257cd2 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -4,11 +4,16 @@ body {
     -apple-system,
     sans-serif;
   padding: 2rem;
-  max-width: 1000px;
   margin: 0 auto;
   background: #f9f9f9;
 }
 
+.main-layout, .header-area {
+  max-width: 1200px;
+  margin-left: auto;
+  margin-right: auto;
+}
+
 .main-layout {
   display: flex;
   gap: 3rem;
@@ -27,7 +32,7 @@ body {
 
 .header-area {
   margin-bottom: 2rem;
-  margin-left: calc(200px + 3rem);
+  padding-left: calc(200px + 3rem);
 }
 
 @media (max-width: 768px) {
@@ -39,7 +44,7 @@ body {
     width: 100%;
   }
   .header-area {
-    margin-left: 0;
+    padding-left: 0;
   }
 }
 

From d7438ba8109ee536707f7f3987adc412e74ffd25 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:32:50 -0500
Subject: [PATCH 25/49] Reduce section padding to 1.5rem

---
 public/users/style.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/style.css b/public/users/style.css
index 6257cd2..1909112 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -111,7 +111,7 @@ h1.page-subtitle {
 
 section {
   background: white;
-  padding: 2rem;
+  padding: 1.5rem;
   border-radius: 8px;
   box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
   margin-bottom: 2rem;

From 15573d1c4fffacd0e6b3910242f5a2f5c1de5a65 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:35:02 -0500
Subject: [PATCH 26/49] Set content-area to display: flex

---
 public/users/style.css | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/public/users/style.css b/public/users/style.css
index 1909112..a3333cb 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -28,6 +28,8 @@ body {
 .content-area {
   flex: 1;
   min-width: 0;
+  display: flex;
+  flex-direction: column;
 }
 
 .header-area {

From f49234c10a35e092b329f97d4a1d3337a09eb56e Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:35:44 -0500
Subject: [PATCH 27/49] Remove blue background from active nav link

---
 public/users/style.css | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/public/users/style.css b/public/users/style.css
index a3333cb..ad7b965 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -76,8 +76,11 @@ body {
 }
 
 .nav-link.active {
-  background: #e8f0fe;
   color: #1a73e8;
+  font-weight: 600;
+  border-left: 3px solid #1a73e8;
+  border-radius: 0;
+  padding-left: calc(1rem - 3px);
 }
 
 h1.page-subtitle {

From b488262629936524acc9e5ca5ba88d4b740efd6b Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:37:14 -0500
Subject: [PATCH 28/49] Increase sidebar width and reduce nav font size

---
 public/users/style.css | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/public/users/style.css b/public/users/style.css
index ad7b965..703f39e 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -21,7 +21,7 @@ body {
 }
 
 .sidebar {
-  width: 200px;
+  width: 240px;
   flex-shrink: 0;
 }
 
@@ -34,7 +34,7 @@ body {
 
 .header-area {
   margin-bottom: 2rem;
-  padding-left: calc(200px + 3rem);
+  padding-left: calc(240px + 3rem);
 }
 
 @media (max-width: 768px) {
@@ -68,6 +68,7 @@ body {
   border-radius: 6px;
   transition: all 0.2s;
   font-weight: 500;
+  font-size: 0.9rem;
 }
 
 .nav-link:hover {

From 5356b1f1b108be6b021bd6e9b4adb01a5c6b065e Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:38:24 -0500
Subject: [PATCH 29/49] Remove max-width constraint on main layout

---
 public/users/style.css | 1 -
 1 file changed, 1 deletion(-)

diff --git a/public/users/style.css b/public/users/style.css
index 703f39e..c46fbbb 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -9,7 +9,6 @@ body {
 }
 
 .main-layout, .header-area {
-  max-width: 1200px;
   margin-left: auto;
   margin-right: auto;
 }

From b8bda40b1b3f6df777dbc3269b5af90479040c85 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:39:10 -0500
Subject: [PATCH 30/49] Remove redundant Account Settings section from profile
 page

---
 public/users/profile.html | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/public/users/profile.html b/public/users/profile.html
index daa25b8..928f652 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -86,14 +86,6 @@ <h3>Link another account</h3>
             </a>
           </div>
         </section>
-
-        <section id="account-settings-section" style="display: none;">
-          <h2>Account Settings</h2>
-          <p style="color: #666; font-size: 0.9rem; margin-bottom: 1.5rem;">
-            Manage your team members and account configuration.
-          </p>
-          <a href="/users/accounts.html" class="btn-link">Manage Account & Team</a>
-        </section>
       </div>
     </div>
 
@@ -137,7 +129,6 @@ <h2>Account Settings</h2>
             }
 
             if (data.account && (data.account.role === 1 || data.is_admin)) {
-                document.getElementById('account-settings-section').style.display = 'block';
                 document.getElementById('nav-account-item').style.display = 'block';
             }
 

From 0dccb265e822cf92bd2b30cc3acd09d4e084437f Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:41:45 -0500
Subject: [PATCH 31/49] Display member avatars/icons in account settings

---
 public/users/accounts.html | 10 ++++++++++
 public/users/style.css     | 18 ++++++++++++++++++
 src/AccountDO.ts           |  8 ++++++--
 3 files changed, 34 insertions(+), 2 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 93ab76b..ba74c98 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -192,9 +192,19 @@ <h2>Team Members</h2>
           list.innerHTML = members.map(m => {
             const isAdmin = m.role === 1;
             const isSelf = m.user_id === currentUserId;
+            const avatarContent = m.picture 
+                ? `<img src="${m.picture}" class="member-avatar" alt="${m.name}" />`
+                : `<div class="member-avatar">
+                    <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                        <path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"></path>
+                        <circle cx="12" cy="7" r="4"></circle>
+                    </svg>
+                   </div>`;
+
             return `
               <div class="member-item">
                 <div class="member-info">
+                  ${avatarContent}
                   <div class="member-details">
                     <div class="member-name" title="${m.name}${isSelf ? ' (You)' : ''}">${m.name} ${isSelf ? '(You)' : ''}</div>
                     <div class="member-role">
diff --git a/public/users/style.css b/public/users/style.css
index c46fbbb..799e52f 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -342,6 +342,24 @@ button:disabled {
   min-width: 0;
 }
 
+.member-avatar {
+  width: 32px;
+  height: 32px;
+  border-radius: 50%;
+  object-fit: cover;
+  flex-shrink: 0;
+  background: #f1f3f4;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  color: #5f6368;
+}
+
+.member-avatar svg {
+  width: 20px;
+  height: 20px;
+}
+
 .member-details {
   flex: 1;
   min-width: 0;
diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index cb1687b..497ea2d 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -72,9 +72,13 @@ export class AccountDO extends DurableObject {
         try {
           const userStub = this.env.USER.get(this.env.USER.idFromString(m.user_id));
           const profile = await userStub.getProfile();
-          return { ...m, name: profile.name || 'Unknown User' };
+          return {
+            ...m,
+            name: profile.name || 'Unknown User',
+            picture: profile.picture || null,
+          };
         } catch (e) {
-          return { ...m, name: 'Unknown User' };
+          return { ...m, name: 'Unknown User', picture: null };
         }
       }),
     );

From 93897b30294aa0d12dcee2759ef45577b71678bd Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:43:56 -0500
Subject: [PATCH 32/49] Fix member avatars showing current user's picture

---
 src/AccountDO.ts |  9 ++++++++-
 src/index.ts     | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index 497ea2d..5cab39b 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -72,10 +72,17 @@ export class AccountDO extends DurableObject {
         try {
           const userStub = this.env.USER.get(this.env.USER.idFromString(m.user_id));
           const profile = await userStub.getProfile();
+          const image = await userStub.getImage('avatar');
+          
+          let picture = profile.picture || null;
+          if (image) {
+            picture = `/users/api/users/${m.user_id}/avatar`;
+          }
+
           return {
             ...m,
             name: profile.name || 'Unknown User',
-            picture: profile.picture || null,
+            picture: picture,
           };
         } catch (e) {
           return { ...m, name: 'Unknown User', picture: null };
diff --git a/src/index.ts b/src/index.ts
index 738d989..4911d99 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -99,6 +99,13 @@ export default {
           return handleAccountMembers(request, env, parts[3], parts.slice(5), cookieManager);
         }
       }
+
+      if (apiPath.startsWith('/users/') && apiPath.endsWith('/avatar')) {
+        const parts = apiPath.split('/');
+        if (parts.length === 4) {
+          return handleUserImage(request, env, parts[2], 'avatar', cookieManager);
+        }
+      }
     }
 
     if (url.pathname === usersPath + 'logout') {
@@ -420,6 +427,14 @@ async function handleMe(
 
     if (!data.valid) return Response.json(data, { status: 401 });
 
+    const profile = { ...data.profile };
+    const image = await userStub.getImage('avatar');
+    if (image) {
+      const usersPath = env.USERS_PATH || DEFAULT_USERS_PATH;
+      profile.picture = usersPath + 'me/avatar';
+    }
+
+    data.profile = profile;
     data.is_admin = isAdmin({ id: doId, ...data.profile }, env);
     data.is_impersonated = !!cookies['backup_session_id'];
 
@@ -585,6 +600,27 @@ async function handleMeImage(
       return Response.json({ success: true });
     }
 
+    return handleUserImage(request, env, doId, type, cookieManager);
+  } catch (e) {
+    return new Response('Error fetching image', { status: 500 });
+  }
+}
+
+async function handleUserImage(
+  request: Request,
+  env: StartupAPIEnv,
+  userId: string,
+  type: string,
+  cookieManager: CookieManager,
+): Promise<Response> {
+  // Public access to user avatars (if we want them to be public in member lists)
+  // Or we could check if current user has permission to see it.
+  // For now, let's make it public if you know the ID.
+
+  try {
+    const id = env.USER.idFromString(userId);
+    const stub = env.USER.get(id);
+
     const image = await stub.getImage(type);
     if (!image) return new Response('Not Found', { status: 404 });
     return new Response(image.value, { headers: { 'Content-Type': image.mime_type } });

From f3bba6a908e1d9281d27a7c3654ff4989dfa92b0 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:45:52 -0500
Subject: [PATCH 33/49] Allow editing member roles and protect admins from
 self-removal/demotion

---
 public/users/accounts.html | 26 +++++++++++++++++++++++++-
 public/users/style.css     | 17 +++++++++++++++++
 src/AccountDO.ts           | 14 ++++++++++++++
 src/index.ts               | 18 +++++++++++++++---
 test/membership.spec.ts    | 32 ++++++++++++++++++++++++++++++++
 5 files changed, 103 insertions(+), 4 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index ba74c98..e8f27c5 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -208,7 +208,10 @@ <h2>Team Members</h2>
                   <div class="member-details">
                     <div class="member-name" title="${m.name}${isSelf ? ' (You)' : ''}">${m.name} ${isSelf ? '(You)' : ''}</div>
                     <div class="member-role">
-                      <div class="role-badge ${isAdmin ? 'admin' : ''}">${isAdmin ? 'Admin' : 'Member'}</div>
+                      <select onchange="updateRole('${m.user_id}', this.value)" ${isSelf ? 'disabled title="You cannot change your own role"' : ''} class="role-select">
+                        <option value="0" ${m.role === 0 ? 'selected' : ''}>Member</option>
+                        <option value="1" ${m.role === 1 ? 'selected' : ''}>Admin</option>
+                      </select>
                     </div>
                   </div>
                 </div>
@@ -223,6 +226,27 @@ <h2>Team Members</h2>
         }
       }
 
+      async function updateRole(userId, newRole) {
+          try {
+              const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/members/${userId}`, {
+                  method: 'PATCH',
+                  headers: { 'Content-Type': 'application/json' },
+                  body: JSON.stringify({ role: parseInt(newRole) }),
+              });
+
+              if (res.ok) {
+                  showToast('Role updated');
+                  loadMembers();
+              } else {
+                  const err = await res.text();
+                  throw new Error(err || 'Failed to update role');
+              }
+          } catch (e) {
+              showToast(e.message);
+              loadMembers(); // Refresh to reset select
+          }
+      }
+
       async function removeMember(userId) {
         if (!confirm(`Are you sure you want to remove user ${userId} from this account?`)) return;
 
diff --git a/public/users/style.css b/public/users/style.css
index 799e52f..9b26f06 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -396,6 +396,23 @@ button:disabled {
   color: #1a73e8;
 }
 
+.role-select {
+  padding: 0.25rem 0.5rem;
+  border-radius: 4px;
+  border: 1px solid #ddd;
+  font-size: 0.85rem;
+  background: #fff;
+}
+
+.role-select:disabled {
+  background: #f1f3f4;
+  color: #5f6368;
+  border-color: transparent;
+  appearance: none;
+  -webkit-appearance: none;
+  cursor: default;
+}
+
 .id-text {
   white-space: nowrap;
   overflow: hidden;
diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index 5cab39b..a89acca 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -117,6 +117,20 @@ export class AccountDO extends DurableObject {
     return { success: true };
   }
 
+  async updateMemberRole(userId: string, role: number) {
+    this.sql.exec('UPDATE members SET role = ? WHERE user_id = ?', role, userId);
+
+    // Sync with User DO
+    try {
+      const userStub = this.env.USER.get(this.env.USER.idFromString(userId));
+      await userStub.addMembership(this.ctx.id.toString(), role, false);
+    } catch (e) {
+      console.error('Failed to sync membership role to UserDO', e);
+    }
+
+    return { success: true };
+  }
+
   async removeMember(userId: string) {
     this.sql.exec('DELETE FROM members WHERE user_id = ?', userId);
 
diff --git a/src/index.ts b/src/index.ts
index 4911d99..7736838 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -341,9 +341,21 @@ async function handleAccountMembers(
       const { user_id, role } = (await request.json()) as { user_id: string; role: number };
       return Response.json(await accountStub.addMember(user_id, role));
     }
-  } else if (extraParts.length === 1 && request.method === 'DELETE') {
-    const userIdToRemove = extraParts[0];
-    return Response.json(await accountStub.removeMember(userIdToRemove));
+  } else if (extraParts.length === 1) {
+    const userIdToManage = extraParts[0];
+    if (request.method === 'DELETE') {
+      if (userIdToManage === user.id) {
+        return new Response('Cannot remove yourself', { status: 400 });
+      }
+      return Response.json(await accountStub.removeMember(userIdToManage));
+    }
+    if (request.method === 'PATCH') {
+      const { role } = (await request.json()) as { role: number };
+      if (userIdToManage === user.id && role !== AccountDO.ROLE_ADMIN) {
+        return new Response('Cannot demote yourself', { status: 400 });
+      }
+      return Response.json(await accountStub.updateMemberRole(userIdToManage, role));
+    }
   }
 
   return new Response('Not Found', { status: 404 });
diff --git a/test/membership.spec.ts b/test/membership.spec.ts
index a9e3bf7..294d274 100644
--- a/test/membership.spec.ts
+++ b/test/membership.spec.ts
@@ -94,6 +94,38 @@ describe('Account Membership Management', () => {
     });
     const details2 = await detailsRes2.json() as any;
     expect(details2.name).toBe('Updated Account Name');
+
+    // 10. Update Member Role
+    const userIdToUpdate = env.USER.newUniqueId().toString();
+    await (env.ACCOUNT.get(env.ACCOUNT.idFromString(accIdStr))).addMember(userIdToUpdate, 0);
+    
+    const patchRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${userIdToUpdate}`, {
+      method: 'PATCH',
+      headers: { 
+          'Cookie': adminCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ role: 1 }),
+    });
+    expect(patchRes.status).toBe(200);
+
+    // 11. Protect self from removal
+    const selfRemoveRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${adminIdStr}`, {
+      method: 'DELETE',
+      headers: { 'Cookie': adminCookie },
+    });
+    expect(selfRemoveRes.status).toBe(400);
+
+    // 12. Protect self from demotion
+    const selfDemoteRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${adminIdStr}`, {
+      method: 'PATCH',
+      headers: { 
+          'Cookie': adminCookie,
+          'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ role: 0 }),
+    });
+    expect(selfDemoteRes.status).toBe(400);
   });
 
   it('should not allow non-admin to add members', async () => {

From 68e2822dcdc2203ffd65e8a56c3894b0c8f19480 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:49:21 -0500
Subject: [PATCH 34/49] Update permission error message wording

---
 public/users/accounts.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index e8f27c5..54a6685 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -108,7 +108,7 @@ <h2>Team Members</h2>
                 document.getElementById('account-name').disabled = true;
                 document.getElementById('save-account-btn').style.display = 'none';
                 const msg = document.createElement('p');
-                msg.textContent = "You do not have permission to manage this account's membership.";
+                msg.textContent = "You do not have permission to manage this account's information.";
                 msg.style.color = '#666';
                 document.getElementById('account-info-section').appendChild(msg);
             } else {

From a272f01b11c51e1c2f9882bb03555cb8a4bec8a7 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:50:15 -0500
Subject: [PATCH 35/49] Hide General Information section if user has no
 permission

---
 public/users/accounts.html | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 54a6685..b37d7d3 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -105,12 +105,11 @@ <h2>Team Members</h2>
             // Check if user is admin of the account or system admin
             if (currentUserRole !== 1 && !data.is_admin) {
                 document.getElementById('members-section').style.display = 'none';
-                document.getElementById('account-name').disabled = true;
-                document.getElementById('save-account-btn').style.display = 'none';
+                document.getElementById('account-info-section').style.display = 'none';
                 const msg = document.createElement('p');
                 msg.textContent = "You do not have permission to manage this account's information.";
                 msg.style.color = '#666';
-                document.getElementById('account-info-section').appendChild(msg);
+                document.querySelector('.content-area').appendChild(msg);
             } else {
                 loadMembers();
             }

From f60a1f1528062dc05b991cceb023648c6e936616 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:51:15 -0500
Subject: [PATCH 36/49] Wrap permission error message in a section box

---
 public/users/accounts.html | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index b37d7d3..e3e765f 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -106,10 +106,14 @@ <h2>Team Members</h2>
             if (currentUserRole !== 1 && !data.is_admin) {
                 document.getElementById('members-section').style.display = 'none';
                 document.getElementById('account-info-section').style.display = 'none';
+                
+                const section = document.createElement('section');
                 const msg = document.createElement('p');
                 msg.textContent = "You do not have permission to manage this account's information.";
                 msg.style.color = '#666';
-                document.querySelector('.content-area').appendChild(msg);
+                msg.style.margin = '0';
+                section.appendChild(msg);
+                document.querySelector('.content-area').appendChild(section);
             } else {
                 loadMembers();
             }

From c950afea6d98a3b3ff9dfd12b4a7d4586fbbf346 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:52:25 -0500
Subject: [PATCH 37/49] Show user ID with copy button on profile page

---
 public/users/profile.html | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/public/users/profile.html b/public/users/profile.html
index 928f652..fd8bdc6 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -16,6 +16,15 @@
       <a href="/" class="back-link">← Back to Home</a>
       <h1 class="page-subtitle">User Profile</h1>
       <div id="page-title" class="page-title">Loading...</div>
+      <div id="user-id-subtitle" class="subtitle">
+          <span class="id-text" id="user-id-text"></span>
+          <button id="copy-id-btn" class="copy-btn" title="Copy User ID">
+              <svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
+                  <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
+                  <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
+              </svg>
+          </button>
+      </div>
     </div>
 
     <div class="main-layout">
@@ -116,6 +125,16 @@ <h3>Link another account</h3>
             document.getElementById('page-title').textContent = p.name || 'Anonymous';
             document.getElementById('display-email').textContent = p.email || '';
             
+            const userId = p.id;
+            document.getElementById('user-id-text').textContent = `ID: ${userId}`;
+            document.getElementById('copy-id-btn').onclick = () => {
+                navigator.clipboard.writeText(userId).then(() => {
+                    showToast('User ID copied to clipboard');
+                }).catch(err => {
+                    console.error('Failed to copy: ', err);
+                });
+            };
+
             if (p.picture) {
               const img = document.getElementById('profile-picture');
               img.src = p.picture;

From be68ad88c6cd43be07d9256d787ef2c8cde51553 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:53:47 -0500
Subject: [PATCH 38/49] Limit visible width of account and user IDs to 15
 characters

---
 public/users/style.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/users/style.css b/public/users/style.css
index 9b26f06..25c7550 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -417,6 +417,7 @@ button:disabled {
   white-space: nowrap;
   overflow: hidden;
   text-overflow: ellipsis;
+  max-width: 15ch;
 }
 
 .copy-btn {

From bf0fb4b4b1be06e063e592e556f17be4fcbd4998 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:54:09 -0500
Subject: [PATCH 39/49] Increase visible width of IDs to 25 characters

---
 public/users/style.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/users/style.css b/public/users/style.css
index 25c7550..a56b96d 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -417,7 +417,7 @@ button:disabled {
   white-space: nowrap;
   overflow: hidden;
   text-overflow: ellipsis;
-  max-width: 15ch;
+  max-width: 25ch;
 }
 
 .copy-btn {

From bcc7a3ba711139981c8487f9f55aad64a6965349 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:55:19 -0500
Subject: [PATCH 40/49] Set max-width of main layout to 1280px

---
 public/users/style.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/users/style.css b/public/users/style.css
index a56b96d..81cde8f 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -9,6 +9,7 @@ body {
 }
 
 .main-layout, .header-area {
+  max-width: 1280px;
   margin-left: auto;
   margin-right: auto;
 }

From 1ef4849f242e1e868bc221c4144e980bd85d32ea Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 22:56:55 -0500
Subject: [PATCH 41/49] Set global box-sizing to border-box for better
 alignment

---
 public/users/style.css | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/public/users/style.css b/public/users/style.css
index 81cde8f..79f1762 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -1,3 +1,7 @@
+* {
+  box-sizing: border-box;
+}
+
 body {
   font-family:
     system-ui,

From 7c3cad3a0c28fca5630d28335f23decae41e968b Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:02:42 -0500
Subject: [PATCH 42/49] Implement image resizing to 500x500 for user and
 account avatars

---
 package-lock.json          |  7 ++++
 package.json               |  1 +
 public/users/accounts.html | 68 ++++++++++++++++++++++++++++++++++++++
 src/AccountDO.ts           | 17 ++++++++++
 src/ImageUtils.ts          | 48 +++++++++++++++++++++++++++
 src/auth/index.ts          |  4 ++-
 src/index.ts               | 58 +++++++++++++++++++++++++++++---
 7 files changed, 198 insertions(+), 5 deletions(-)
 create mode 100644 src/ImageUtils.ts

diff --git a/package-lock.json b/package-lock.json
index ebf512c..0768e6e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,6 +9,7 @@
       "version": "0.0.1",
       "license": "Apache-2.0",
       "dependencies": {
+        "@silvia-odwyer/photon": "^0.3.3",
         "prettier": "^3.8.1"
       },
       "devDependencies": {
@@ -1919,6 +1920,12 @@
         "win32"
       ]
     },
+    "node_modules/@silvia-odwyer/photon": {
+      "version": "0.3.3",
+      "resolved": "https://registry.npmjs.org/@silvia-odwyer/photon/-/photon-0.3.3.tgz",
+      "integrity": "sha512-8BhUjEch4slwRe8uXnaA4vcA5uiiOTT90UMsxulOj2gN98X1p0q9Z4Ysk4DkD05uNgbR9XoSqtZ37w+33w4QKQ==",
+      "license": "Apache-2.0"
+    },
     "node_modules/@sindresorhus/is": {
       "version": "7.2.0",
       "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.2.0.tgz",
diff --git a/package.json b/package.json
index 35559ad..c44f73f 100644
--- a/package.json
+++ b/package.json
@@ -26,6 +26,7 @@
     "wrangler": "^4.60.0"
   },
   "dependencies": {
+    "@silvia-odwyer/photon": "^0.3.3",
     "prettier": "^3.8.1"
   }
 }
diff --git a/public/users/accounts.html b/public/users/accounts.html
index e3e765f..11140e4 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -41,6 +41,23 @@ <h1 class="page-subtitle">Account Settings</h1>
 
       <div class="content-area">
         <section id="account-info-section">
+          <div class="avatar-section">
+            <div style="position: relative;">
+              <img id="account-avatar" class="avatar-large" src="" alt="Account Avatar" style="display: none;" />
+              <div id="account-avatar-placeholder" class="avatar-large" style="background: #f1f3f4; display: flex; align-items: center; justify-content: center; color: #5f6368;">
+                <svg viewBox="0 0 24 24" style="width: 48px; height: 48px; fill: currentColor;">
+                  <path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm0 18c-4.41 0-8-3.59-8-8s3.59-8 8-8 8 3.59 8 8-3.59 8-8 8zm-5-9h10v2H7z"/>
+                </svg>
+              </div>
+              <input type="file" id="avatar-input" accept="image/*" style="display: none;" />
+              <button type="button" id="change-avatar-btn" class="secondary-btn" style="position: absolute; bottom: -0.5rem; left: 50%; transform: translateX(-50%); padding: 0.25rem 0.5rem; font-size: 0.75rem; white-space: nowrap;">Change</button>
+            </div>
+            <div>
+              <h2 id="display-account-name" style="margin: 0; color: #333;">Loading...</h2>
+              <p id="display-account-plan" style="margin: 0.25rem 0 0 0; color: #666;"></p>
+            </div>
+          </div>
+
           <h2>General Information</h2>
           <form id="account-info-form">
             <div class="form-group">
@@ -130,6 +147,45 @@ <h2>Team Members</h2>
         document.getElementById('save-account-btn').disabled = !hasChanged;
       });
 
+      document.getElementById('change-avatar-btn').onclick = () => {
+        document.getElementById('avatar-input').click();
+      };
+
+      document.getElementById('avatar-input').onchange = async (e) => {
+        const file = e.target.files[0];
+        if (!file) return;
+
+        try {
+          const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/avatar`, {
+            method: 'PUT',
+            headers: {
+              'Content-Type': file.type
+            },
+            body: await file.arrayBuffer()
+          });
+
+          if (res.ok) {
+            showToast('Account avatar updated');
+            // Refresh image
+            const img = document.getElementById('account-avatar');
+            img.src = `${API_BASE}/me/accounts/${currentAccountId}/avatar?t=${Date.now()}`;
+            img.style.display = 'block';
+            document.getElementById('account-avatar-placeholder').style.display = 'none';
+            
+            // Refresh power-strip
+            const powerStrip = document.querySelector('power-strip');
+            if (powerStrip && typeof powerStrip.refresh === 'function') {
+              powerStrip.refresh();
+            }
+          } else {
+            const err = await res.text();
+            throw new Error(err || 'Failed to upload avatar');
+          }
+        } catch (e) {
+          showToast(e.message);
+        }
+      };
+
       document.getElementById('account-info-form').onsubmit = async (e) => {
           e.preventDefault();
           const name = document.getElementById('account-name').value;
@@ -167,12 +223,24 @@ <h2>Team Members</h2>
                   const data = await res.json();
                   if (data.name) {
                       document.getElementById('account-name').value = data.name;
+                      document.getElementById('display-account-name').textContent = data.name;
                       initialAccountInfo.name = data.name;
                   }
                   if (data.billing && data.billing.plan_details) {
                       document.getElementById('account-plan-display').value = data.billing.plan_details.name;
+                      document.getElementById('display-account-plan').textContent = data.billing.plan_details.name;
                   } else if (data.billing && data.billing.state) {
                       document.getElementById('account-plan-display').value = data.billing.state.plan_slug;
+                      document.getElementById('display-account-plan').textContent = data.billing.state.plan_slug;
+                  }
+
+                  // Load avatar
+                  const avatarRes = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/avatar`);
+                  if (avatarRes.ok) {
+                      const img = document.getElementById('account-avatar');
+                      img.src = `${API_BASE}/me/accounts/${currentAccountId}/avatar`;
+                      img.style.display = 'block';
+                      document.getElementById('account-avatar-placeholder').style.display = 'none';
                   }
               }
           } catch (e) {
diff --git a/src/AccountDO.ts b/src/AccountDO.ts
index a89acca..acc08fb 100644
--- a/src/AccountDO.ts
+++ b/src/AccountDO.ts
@@ -35,9 +35,26 @@ export class AccountDO extends DurableObject {
         role INTEGER,
         joined_at INTEGER
       );
+
+      CREATE TABLE IF NOT EXISTS images (
+        key TEXT PRIMARY KEY,
+        value BLOB,
+        mime_type TEXT
+      );
     `);
   }
 
+  async getImage(key: string) {
+    const result = this.sql.exec('SELECT value, mime_type FROM images WHERE key = ?', key);
+    const row = result.next().value as any;
+    return row || null;
+  }
+
+  async storeImage(key: string, value: ArrayBuffer, mime_type: string) {
+    this.sql.exec('INSERT OR REPLACE INTO images (key, value, mime_type) VALUES (?, ?, ?)', key, value, mime_type);
+    return { success: true };
+  }
+
   async getInfo() {
     const result = this.sql.exec('SELECT key, value FROM account_info');
     const info: Record<string, any> = {};
diff --git a/src/ImageUtils.ts b/src/ImageUtils.ts
new file mode 100644
index 0000000..bb11612
--- /dev/null
+++ b/src/ImageUtils.ts
@@ -0,0 +1,48 @@
+import init, { PhotonImage, resize, sampling_filter } from '@silvia-odwyer/photon';
+
+let photonInitialized = false;
+
+async function ensurePhoton() {
+  if (!photonInitialized) {
+    await init();
+    photonInitialized = true;
+  }
+}
+
+/**
+ * Resizes an image to a square of specified size, cropping if necessary.
+ */
+export async function resizeToSquare(imageBuffer: ArrayBuffer, size: number = 500): Promise<ArrayBuffer> {
+  await ensurePhoton();
+
+  const uint8Array = new Uint8Array(imageBuffer);
+  const photonImage = PhotonImage.new_from_bytes(uint8Array);
+  
+  const width = photonImage.get_width();
+  const height = photonImage.get_height();
+  
+  // Crop to square if needed
+  let finalImage = photonImage;
+  if (width !== height) {
+    const minDim = Math.min(width, height);
+    const x = Math.floor((width - minDim) / 2);
+    const y = Math.floor((height - minDim) / 2);
+    // crop(photonImage, x, y, x + minDim, y + minDim)
+    // Actually photon has crop method on image itself
+    // But photon's crop is a bit different in some versions. 
+    // Let's use simpler approach: resize first then we might need to use a different tool if crop is complex.
+    // For now, let's just resize to specified size preserving aspect ratio or stretching.
+    // Ideally we want to crop.
+  }
+
+  // sampling_filter: 1 = Nearest, 2 = Triangle, 3 = CatmullRom, 4 = Gaussian, 5 = Lanczos3
+  const resizedImage = resize(photonImage, size, size, 5);
+  
+  const resultBytes = resizedImage.get_bytes();
+  
+  // Cleanup
+  photonImage.free();
+  resizedImage.free();
+
+  return resultBytes.buffer as ArrayBuffer;
+}
diff --git a/src/auth/index.ts b/src/auth/index.ts
index 757cd87..813e162 100644
--- a/src/auth/index.ts
+++ b/src/auth/index.ts
@@ -4,6 +4,7 @@ import { GoogleProvider } from './GoogleProvider';
 import { TwitchProvider } from './TwitchProvider';
 import { OAuthProvider } from './OAuthProvider';
 import { CookieManager } from '../CookieManager';
+import { resizeToSquare } from '../ImageUtils';
 
 export async function handleAuth(
   request: Request,
@@ -85,7 +86,8 @@ export async function handleAuth(
             const picRes = await fetch(profile.picture);
             if (picRes.ok) {
               const picBlob = await picRes.arrayBuffer();
-              await userStub.storeImage('avatar', picBlob, picRes.headers.get('Content-Type') || 'image/jpeg');
+              const resizedPic = await resizeToSquare(picBlob, 500);
+              await userStub.storeImage('avatar', resizedPic, picRes.headers.get('Content-Type') || 'image/jpeg');
               // Update profile.picture to point to our worker
               profile.picture = usersPath + 'me/avatar';
             }
diff --git a/src/index.ts b/src/index.ts
index 7736838..3ecd980 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -5,6 +5,7 @@ import { AccountDO } from './AccountDO';
 import { SystemDO } from './SystemDO';
 import { CredentialDO } from './CredentialDO';
 import { CookieManager } from './CookieManager';
+import { resizeToSquare } from './ImageUtils';
 
 const DEFAULT_USERS_PATH = '/users/';
 
@@ -95,6 +96,9 @@ export default {
         if (parts.length === 4) {
           return handleAccountDetails(request, env, parts[3], cookieManager);
         }
+        if (parts.length === 5 && parts[4] === 'avatar') {
+          return handleAccountImage(request, env, parts[3], 'avatar', cookieManager);
+        }
         if (parts.length >= 5 && parts[4] === 'members') {
           return handleAccountMembers(request, env, parts[3], parts.slice(5), cookieManager);
         }
@@ -604,11 +608,9 @@ async function handleMeImage(
       }
 
       const blob = await request.arrayBuffer();
-      if (blob.byteLength > 1024 * 1024) {
-        return new Response('Image too large (max 1MB)', { status: 400 });
-      }
+      const resizedBlob = await resizeToSquare(blob, 500);
 
-      await stub.storeImage(type, blob, contentType);
+      await stub.storeImage(type, resizedBlob, contentType);
       return Response.json({ success: true });
     }
 
@@ -641,6 +643,54 @@ async function handleUserImage(
   }
 }
 
+async function handleAccountImage(
+  request: Request,
+  env: StartupAPIEnv,
+  accountId: string,
+  type: string,
+  cookieManager: CookieManager,
+): Promise<Response> {
+  const user = await getUserFromSession(request, env, cookieManager);
+  if (!user) return new Response('Unauthorized', { status: 401 });
+
+  const userStub = env.USER.get(env.USER.idFromString(user.id));
+  const memberships = await userStub.getMemberships();
+  const membership = memberships.find((m: any) => m.account_id === accountId);
+
+  // For viewing, we might allow any member to see account avatar
+  if (!membership && !isAdmin(user, env)) {
+    return new Response('Forbidden', { status: 403 });
+  }
+
+  const accountStub = env.ACCOUNT.get(env.ACCOUNT.idFromString(accountId));
+
+  try {
+    if (request.method === 'PUT') {
+      // Only admins can upload
+      if (membership?.role !== AccountDO.ROLE_ADMIN && !isAdmin(user, env)) {
+        return new Response('Forbidden', { status: 403 });
+      }
+
+      const contentType = request.headers.get('Content-Type');
+      if (!contentType || !contentType.startsWith('image/')) {
+        return new Response('Invalid image type', { status: 400 });
+      }
+
+      const blob = await request.arrayBuffer();
+      const resizedBlob = await resizeToSquare(blob, 500);
+
+      await accountStub.storeImage(type, resizedBlob, contentType);
+      return Response.json({ success: true });
+    }
+
+    const image = await accountStub.getImage(type);
+    if (!image) return new Response('Not Found', { status: 404 });
+    return new Response(image.value, { headers: { 'Content-Type': image.mime_type } });
+  } catch (e) {
+    return new Response('Error handling account image', { status: 500 });
+  }
+}
+
 async function handleLogout(
   request: Request,
   env: StartupAPIEnv,

From 06eae5bac30e3eac72a38f289e47b51be5b82058 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:06:04 -0500
Subject: [PATCH 43/49] Enhance ID display on profile and switch to client-side
 image resizing

---
 public/users/accounts.html | 39 ++++++++++++++++++++++++--
 public/users/profile.html  | 43 ++++++++++++++++++++++++-----
 src/ImageUtils.ts          | 56 ++++++++++++++++++--------------------
 src/index.ts               | 10 ++++---
 4 files changed, 105 insertions(+), 43 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 11140e4..ad2e8ce 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -156,12 +156,13 @@ <h2>Team Members</h2>
         if (!file) return;
 
         try {
+          const resizedBlob = await resizeImage(file, 500, 500);
           const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/avatar`, {
             method: 'PUT',
             headers: {
-              'Content-Type': file.type
+              'Content-Type': 'image/jpeg'
             },
-            body: await file.arrayBuffer()
+            body: resizedBlob
           });
 
           if (res.ok) {
@@ -345,6 +346,40 @@ <h2>Team Members</h2>
         setTimeout(() => (toast.style.opacity = 0), 3000);
       }
 
+      function resizeImage(file, maxWidth, maxHeight) {
+        return new Promise((resolve, reject) => {
+          const reader = new FileReader();
+          reader.onload = (e) => {
+            const img = new Image();
+            reader.readAsArrayBuffer(file); // For original as well if needed
+            img.onload = () => {
+              const canvas = document.createElement('canvas');
+              let width = img.width;
+              let height = img.height;
+
+              // Crop to square
+              const size = Math.min(width, height);
+              canvas.width = maxWidth;
+              canvas.height = maxHeight;
+
+              const ctx = canvas.getContext('2d');
+              ctx.drawImage(
+                img,
+                (width - size) / 2, (height - size) / 2, size, size,
+                0, 0, maxWidth, maxHeight
+              );
+
+              canvas.toBlob((blob) => {
+                resolve(blob);
+              }, 'image/jpeg', 0.8);
+            };
+            img.src = e.target.result;
+          };
+          reader.onerror = reject;
+          reader.readAsDataURL(file);
+        });
+      }
+
       init();
     </script>
   </body>
diff --git a/public/users/profile.html b/public/users/profile.html
index fd8bdc6..7c33ad4 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -171,18 +171,14 @@ <h3>Link another account</h3>
         const file = e.target.files[0];
         if (!file) return;
 
-        if (file.size > 1024 * 1024) {
-          showToast('Image too large (max 1MB)');
-          return;
-        }
-
         try {
+          const resizedBlob = await resizeImage(file, 500, 500);
           const res = await fetch('/users/me/avatar', {
             method: 'PUT',
             headers: {
-              'Content-Type': file.type
+              'Content-Type': 'image/jpeg'
             },
-            body: await file.arrayBuffer()
+            body: resizedBlob
           });
 
           if (res.ok) {
@@ -242,6 +238,39 @@ <h3>Link another account</h3>
         setTimeout(() => (toast.style.opacity = 0), 3000);
       }
 
+      function resizeImage(file, maxWidth, maxHeight) {
+        return new Promise((resolve, reject) => {
+          const reader = new FileReader();
+          reader.onload = (e) => {
+            const img = new Image();
+            img.onload = () => {
+              const canvas = document.createElement('canvas');
+              let width = img.width;
+              let height = img.height;
+
+              // Crop to square
+              const size = Math.min(width, height);
+              canvas.width = maxWidth;
+              canvas.height = maxHeight;
+
+              const ctx = canvas.getContext('2d');
+              ctx.drawImage(
+                img,
+                (width - size) / 2, (height - size) / 2, size, size,
+                0, 0, maxWidth, maxHeight
+              );
+
+              canvas.toBlob((blob) => {
+                resolve(blob);
+              }, 'image/jpeg', 0.8);
+            };
+            img.src = e.target.result;
+          };
+          reader.onerror = reject;
+          reader.readAsDataURL(file);
+        });
+      }
+
       async function loadCredentials() {
         const list = document.getElementById('credentials-list');
         try {
diff --git a/src/ImageUtils.ts b/src/ImageUtils.ts
index bb11612..8fe2e81 100644
--- a/src/ImageUtils.ts
+++ b/src/ImageUtils.ts
@@ -13,36 +13,32 @@ async function ensurePhoton() {
  * Resizes an image to a square of specified size, cropping if necessary.
  */
 export async function resizeToSquare(imageBuffer: ArrayBuffer, size: number = 500): Promise<ArrayBuffer> {
-  await ensurePhoton();
+  console.log('[ImageUtils] Starting resizeToSquare, buffer size:', imageBuffer.byteLength);
+  try {
+    await ensurePhoton();
+    console.log('[ImageUtils] Photon initialized');
 
-  const uint8Array = new Uint8Array(imageBuffer);
-  const photonImage = PhotonImage.new_from_bytes(uint8Array);
-  
-  const width = photonImage.get_width();
-  const height = photonImage.get_height();
-  
-  // Crop to square if needed
-  let finalImage = photonImage;
-  if (width !== height) {
-    const minDim = Math.min(width, height);
-    const x = Math.floor((width - minDim) / 2);
-    const y = Math.floor((height - minDim) / 2);
-    // crop(photonImage, x, y, x + minDim, y + minDim)
-    // Actually photon has crop method on image itself
-    // But photon's crop is a bit different in some versions. 
-    // Let's use simpler approach: resize first then we might need to use a different tool if crop is complex.
-    // For now, let's just resize to specified size preserving aspect ratio or stretching.
-    // Ideally we want to crop.
-  }
-
-  // sampling_filter: 1 = Nearest, 2 = Triangle, 3 = CatmullRom, 4 = Gaussian, 5 = Lanczos3
-  const resizedImage = resize(photonImage, size, size, 5);
-  
-  const resultBytes = resizedImage.get_bytes();
-  
-  // Cleanup
-  photonImage.free();
-  resizedImage.free();
+    const uint8Array = new Uint8Array(imageBuffer);
+    const photonImage = PhotonImage.new_from_bytes(uint8Array);
+    
+    const width = photonImage.get_width();
+    const height = photonImage.get_height();
+    console.log('[ImageUtils] Original size:', width, 'x', height);
+    
+    // sampling_filter: 1 = Nearest, 2 = Triangle, 3 = CatmullRom, 4 = Gaussian, 5 = Lanczos3
+    console.log('[ImageUtils] Resizing to:', size, 'x', size);
+    const resizedImage = resize(photonImage, size, size, 5);
+    
+    const resultBytes = resizedImage.get_bytes();
+    console.log('[ImageUtils] Resize complete, result size:', resultBytes.byteLength);
+    
+    // Cleanup
+    photonImage.free();
+    resizedImage.free();
 
-  return resultBytes.buffer as ArrayBuffer;
+    return resultBytes.buffer as ArrayBuffer;
+  } catch (e: any) {
+    console.error('[ImageUtils] Error resizing image:', e);
+    throw e;
+  }
 }
diff --git a/src/index.ts b/src/index.ts
index 3ecd980..275b44e 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -615,8 +615,9 @@ async function handleMeImage(
     }
 
     return handleUserImage(request, env, doId, type, cookieManager);
-  } catch (e) {
-    return new Response('Error fetching image', { status: 500 });
+  } catch (e: any) {
+    console.error('[handleMeImage] Error:', e.message, e.stack);
+    return new Response('Error fetching image: ' + e.message, { status: 500 });
   }
 }
 
@@ -686,8 +687,9 @@ async function handleAccountImage(
     const image = await accountStub.getImage(type);
     if (!image) return new Response('Not Found', { status: 404 });
     return new Response(image.value, { headers: { 'Content-Type': image.mime_type } });
-  } catch (e) {
-    return new Response('Error handling account image', { status: 500 });
+  } catch (e: any) {
+    console.error('[handleAccountImage] Error:', e.message, e.stack);
+    return new Response('Error handling account image: ' + e.message, { status: 500 });
   }
 }
 

From fc78bc6fdc2b8f0ae22b68df3fed286ce8f54c6a Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:08:05 -0500
Subject: [PATCH 44/49] Fix infinite requests to /users/null by handling
 missing profile pictures

---
 public/users/power-strip.js | 10 +++++++++-
 public/users/profile.html   |  4 ++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index 6e936e9..f4f79cd 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -198,13 +198,21 @@ class PowerStrip extends HTMLElement {
           ? `<button class="trigger stop-impersonation-btn" id="stop-impersonation-trigger" title="Stop Impersonation">Stop Impersonation</button>`
           : '';
 
+        const avatarContent = this.user.profile.picture
+          ? `<img src="${this.user.profile.picture}" alt="${this.user.profile.name}" title="${this.user.profile.name}" class="avatar" width="16" height="16" />`
+          : `<div class="avatar placeholder" style="background: #eee; display: flex; align-items: center; justify-content: center;">
+              <svg viewBox="0 0 24 24" style="width: 12px; height: 12px; fill: #999;">
+                <path d="M12 12c2.21 0 4-1.79 4-4s-1.79-4-4-4-4 1.79-4 4 1.79 4 4 4zm0 2c-2.67 0-8 1.34-8 4v2h16v-2c0-2.66-5.33-4-8-4z"/>
+              </svg>
+            </div>`;
+
         content = `
             <div class="user-profile">
               ${adminLink}
               ${impersonationLink}
               ${accountContainer}
               <div class="avatar-container">
-                  <img src="${this.user.profile.picture}" alt="${this.user.profile.name}" title="${this.user.profile.name}" class="avatar" width="16" height="16" />
+                  ${avatarContent}
                   <div class="provider-badge ${this.user.credential.provider}">
                       ${providerIcon}
                   </div>
diff --git a/public/users/profile.html b/public/users/profile.html
index 7c33ad4..c7db11d 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -139,6 +139,10 @@ <h3>Link another account</h3>
               const img = document.getElementById('profile-picture');
               img.src = p.picture;
               img.style.display = 'block';
+            } else {
+              const img = document.getElementById('profile-picture');
+              img.src = '';
+              img.style.display = 'none';
             }
 
             const emailLabel = document.querySelector('label[for="email"]');

From 2e7b0562cb26ea72f7738d9832cc7570ef58bd96 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:10:09 -0500
Subject: [PATCH 45/49] Move image resizing to server-side with error fallback

---
 public/users/accounts.html | 39 ++--------------------------------
 public/users/profile.html  | 43 +++++++-------------------------------
 src/ImageUtils.ts          | 29 ++++++++++++++++++++-----
 3 files changed, 33 insertions(+), 78 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index ad2e8ce..11140e4 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -156,13 +156,12 @@ <h2>Team Members</h2>
         if (!file) return;
 
         try {
-          const resizedBlob = await resizeImage(file, 500, 500);
           const res = await fetch(`${API_BASE}/me/accounts/${currentAccountId}/avatar`, {
             method: 'PUT',
             headers: {
-              'Content-Type': 'image/jpeg'
+              'Content-Type': file.type
             },
-            body: resizedBlob
+            body: await file.arrayBuffer()
           });
 
           if (res.ok) {
@@ -346,40 +345,6 @@ <h2>Team Members</h2>
         setTimeout(() => (toast.style.opacity = 0), 3000);
       }
 
-      function resizeImage(file, maxWidth, maxHeight) {
-        return new Promise((resolve, reject) => {
-          const reader = new FileReader();
-          reader.onload = (e) => {
-            const img = new Image();
-            reader.readAsArrayBuffer(file); // For original as well if needed
-            img.onload = () => {
-              const canvas = document.createElement('canvas');
-              let width = img.width;
-              let height = img.height;
-
-              // Crop to square
-              const size = Math.min(width, height);
-              canvas.width = maxWidth;
-              canvas.height = maxHeight;
-
-              const ctx = canvas.getContext('2d');
-              ctx.drawImage(
-                img,
-                (width - size) / 2, (height - size) / 2, size, size,
-                0, 0, maxWidth, maxHeight
-              );
-
-              canvas.toBlob((blob) => {
-                resolve(blob);
-              }, 'image/jpeg', 0.8);
-            };
-            img.src = e.target.result;
-          };
-          reader.onerror = reject;
-          reader.readAsDataURL(file);
-        });
-      }
-
       init();
     </script>
   </body>
diff --git a/public/users/profile.html b/public/users/profile.html
index c7db11d..9ae36b9 100644
--- a/public/users/profile.html
+++ b/public/users/profile.html
@@ -175,14 +175,18 @@ <h3>Link another account</h3>
         const file = e.target.files[0];
         if (!file) return;
 
+        if (file.size > 1024 * 1024) {
+          showToast('Image too large (max 1MB)');
+          return;
+        }
+
         try {
-          const resizedBlob = await resizeImage(file, 500, 500);
           const res = await fetch('/users/me/avatar', {
             method: 'PUT',
             headers: {
-              'Content-Type': 'image/jpeg'
+              'Content-Type': file.type
             },
-            body: resizedBlob
+            body: await file.arrayBuffer()
           });
 
           if (res.ok) {
@@ -242,39 +246,6 @@ <h3>Link another account</h3>
         setTimeout(() => (toast.style.opacity = 0), 3000);
       }
 
-      function resizeImage(file, maxWidth, maxHeight) {
-        return new Promise((resolve, reject) => {
-          const reader = new FileReader();
-          reader.onload = (e) => {
-            const img = new Image();
-            img.onload = () => {
-              const canvas = document.createElement('canvas');
-              let width = img.width;
-              let height = img.height;
-
-              // Crop to square
-              const size = Math.min(width, height);
-              canvas.width = maxWidth;
-              canvas.height = maxHeight;
-
-              const ctx = canvas.getContext('2d');
-              ctx.drawImage(
-                img,
-                (width - size) / 2, (height - size) / 2, size, size,
-                0, 0, maxWidth, maxHeight
-              );
-
-              canvas.toBlob((blob) => {
-                resolve(blob);
-              }, 'image/jpeg', 0.8);
-            };
-            img.src = e.target.result;
-          };
-          reader.onerror = reject;
-          reader.readAsDataURL(file);
-        });
-      }
-
       async function loadCredentials() {
         const list = document.getElementById('credentials-list');
         try {
diff --git a/src/ImageUtils.ts b/src/ImageUtils.ts
index 8fe2e81..2d4db30 100644
--- a/src/ImageUtils.ts
+++ b/src/ImageUtils.ts
@@ -1,10 +1,14 @@
-import init, { PhotonImage, resize, sampling_filter } from '@silvia-odwyer/photon';
+import * as photon from '@silvia-odwyer/photon';
 
 let photonInitialized = false;
 
 async function ensurePhoton() {
   if (!photonInitialized) {
-    await init();
+    // In Cloudflare Workers, we might need to fetch the wasm file if it's not bundled correctly
+    // or use a specific import pattern if configured in wrangler.
+    // For now, let's try the default init() which works in many environments.
+    // @ts-ignore
+    await photon.default();
     photonInitialized = true;
   }
 }
@@ -19,26 +23,41 @@ export async function resizeToSquare(imageBuffer: ArrayBuffer, size: number = 50
     console.log('[ImageUtils] Photon initialized');
 
     const uint8Array = new Uint8Array(imageBuffer);
-    const photonImage = PhotonImage.new_from_bytes(uint8Array);
+    const photonImage = photon.PhotonImage.new_from_bytes(uint8Array);
     
     const width = photonImage.get_width();
     const height = photonImage.get_height();
     console.log('[ImageUtils] Original size:', width, 'x', height);
     
+    // Crop to square
+    let imageToResize = photonImage;
+    const minDim = Math.min(width, height);
+    if (width !== height) {
+        const x = Math.floor((width - minDim) / 2);
+        const y = Math.floor((height - minDim) / 2);
+        console.log('[ImageUtils] Cropping to:', minDim, 'x', minDim, 'at', x, ',', y);
+        imageToResize = photon.crop(photonImage, x, y, x + minDim, y + minDim);
+    }
+
     // sampling_filter: 1 = Nearest, 2 = Triangle, 3 = CatmullRom, 4 = Gaussian, 5 = Lanczos3
     console.log('[ImageUtils] Resizing to:', size, 'x', size);
-    const resizedImage = resize(photonImage, size, size, 5);
+    const resizedImage = photon.resize(imageToResize, size, size, 5);
     
     const resultBytes = resizedImage.get_bytes();
     console.log('[ImageUtils] Resize complete, result size:', resultBytes.byteLength);
     
     // Cleanup
     photonImage.free();
+    if (imageToResize !== photonImage) {
+        imageToResize.free();
+    }
     resizedImage.free();
 
     return resultBytes.buffer as ArrayBuffer;
   } catch (e: any) {
     console.error('[ImageUtils] Error resizing image:', e);
-    throw e;
+    // If resizing fails, return original buffer as fallback instead of throwing 500
+    console.warn('[ImageUtils] Falling back to original image');
+    return imageBuffer;
   }
 }

From 3dc73fdfc61ec34a2320ad9981f747718563a354 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:17:00 -0500
Subject: [PATCH 46/49] Remove image resizing code and restore image size
 limits

---
 package-lock.json |  7 -------
 package.json      |  1 -
 src/auth/index.ts |  4 +---
 src/index.ts      | 13 ++++++++-----
 4 files changed, 9 insertions(+), 16 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 0768e6e..ebf512c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,6 @@
       "version": "0.0.1",
       "license": "Apache-2.0",
       "dependencies": {
-        "@silvia-odwyer/photon": "^0.3.3",
         "prettier": "^3.8.1"
       },
       "devDependencies": {
@@ -1920,12 +1919,6 @@
         "win32"
       ]
     },
-    "node_modules/@silvia-odwyer/photon": {
-      "version": "0.3.3",
-      "resolved": "https://registry.npmjs.org/@silvia-odwyer/photon/-/photon-0.3.3.tgz",
-      "integrity": "sha512-8BhUjEch4slwRe8uXnaA4vcA5uiiOTT90UMsxulOj2gN98X1p0q9Z4Ysk4DkD05uNgbR9XoSqtZ37w+33w4QKQ==",
-      "license": "Apache-2.0"
-    },
     "node_modules/@sindresorhus/is": {
       "version": "7.2.0",
       "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.2.0.tgz",
diff --git a/package.json b/package.json
index c44f73f..35559ad 100644
--- a/package.json
+++ b/package.json
@@ -26,7 +26,6 @@
     "wrangler": "^4.60.0"
   },
   "dependencies": {
-    "@silvia-odwyer/photon": "^0.3.3",
     "prettier": "^3.8.1"
   }
 }
diff --git a/src/auth/index.ts b/src/auth/index.ts
index 813e162..757cd87 100644
--- a/src/auth/index.ts
+++ b/src/auth/index.ts
@@ -4,7 +4,6 @@ import { GoogleProvider } from './GoogleProvider';
 import { TwitchProvider } from './TwitchProvider';
 import { OAuthProvider } from './OAuthProvider';
 import { CookieManager } from '../CookieManager';
-import { resizeToSquare } from '../ImageUtils';
 
 export async function handleAuth(
   request: Request,
@@ -86,8 +85,7 @@ export async function handleAuth(
             const picRes = await fetch(profile.picture);
             if (picRes.ok) {
               const picBlob = await picRes.arrayBuffer();
-              const resizedPic = await resizeToSquare(picBlob, 500);
-              await userStub.storeImage('avatar', resizedPic, picRes.headers.get('Content-Type') || 'image/jpeg');
+              await userStub.storeImage('avatar', picBlob, picRes.headers.get('Content-Type') || 'image/jpeg');
               // Update profile.picture to point to our worker
               profile.picture = usersPath + 'me/avatar';
             }
diff --git a/src/index.ts b/src/index.ts
index 275b44e..0040baa 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -5,7 +5,6 @@ import { AccountDO } from './AccountDO';
 import { SystemDO } from './SystemDO';
 import { CredentialDO } from './CredentialDO';
 import { CookieManager } from './CookieManager';
-import { resizeToSquare } from './ImageUtils';
 
 const DEFAULT_USERS_PATH = '/users/';
 
@@ -608,9 +607,11 @@ async function handleMeImage(
       }
 
       const blob = await request.arrayBuffer();
-      const resizedBlob = await resizeToSquare(blob, 500);
+      if (blob.byteLength > 1024 * 1024) {
+        return new Response('Image too large (max 1MB)', { status: 400 });
+      }
 
-      await stub.storeImage(type, resizedBlob, contentType);
+      await stub.storeImage(type, blob, contentType);
       return Response.json({ success: true });
     }
 
@@ -678,9 +679,11 @@ async function handleAccountImage(
       }
 
       const blob = await request.arrayBuffer();
-      const resizedBlob = await resizeToSquare(blob, 500);
+      if (blob.byteLength > 1024 * 1024) {
+        return new Response('Image too large (max 1MB)', { status: 400 });
+      }
 
-      await accountStub.storeImage(type, resizedBlob, contentType);
+      await accountStub.storeImage(type, blob, contentType);
       return Response.json({ success: true });
     }
 

From 4fce068b1e6a4741474f875b2eb1524d426f471c Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:19:43 -0500
Subject: [PATCH 47/49] Show avatars as squares with rounded corners

---
 public/users/power-strip.js | 2 +-
 public/users/style.css      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index f4f79cd..8522698 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -305,7 +305,7 @@ class PowerStrip extends HTMLElement {
         .avatar {
             width: 1.1rem;
             height: 1.1rem;
-            border-radius: 50%;
+            border-radius: 4px;
             object-fit: cover;
         }
 
diff --git a/public/users/style.css b/public/users/style.css
index 79f1762..110ae01 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -254,7 +254,7 @@ button:disabled {
 .avatar-large {
   width: 100px;
   height: 100px;
-  border-radius: 50%;
+  border-radius: 8px;
   object-fit: cover;
   border: 3px solid white;
   box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
@@ -350,7 +350,7 @@ button:disabled {
 .member-avatar {
   width: 32px;
   height: 32px;
-  border-radius: 50%;
+  border-radius: 4px;
   object-fit: cover;
   flex-shrink: 0;
   background: #f1f3f4;

From 903560dfed89d45b091bfdbaee8e8099719f63e0 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:20:22 -0500
Subject: [PATCH 48/49] Keep user images circular and show account images as
 squares with rounded corners

---
 public/users/accounts.html  |  4 ++--
 public/users/power-strip.js |  2 +-
 public/users/style.css      | 11 ++++++++++-
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/public/users/accounts.html b/public/users/accounts.html
index 11140e4..6d256ce 100644
--- a/public/users/accounts.html
+++ b/public/users/accounts.html
@@ -43,8 +43,8 @@ <h1 class="page-subtitle">Account Settings</h1>
         <section id="account-info-section">
           <div class="avatar-section">
             <div style="position: relative;">
-              <img id="account-avatar" class="avatar-large" src="" alt="Account Avatar" style="display: none;" />
-              <div id="account-avatar-placeholder" class="avatar-large" style="background: #f1f3f4; display: flex; align-items: center; justify-content: center; color: #5f6368;">
+              <img id="account-avatar" class="account-avatar-large" src="" alt="Account Avatar" style="display: none;" />
+              <div id="account-avatar-placeholder" class="account-avatar-large" style="background: #f1f3f4; display: flex; align-items: center; justify-content: center; color: #5f6368;">
                 <svg viewBox="0 0 24 24" style="width: 48px; height: 48px; fill: currentColor;">
                   <path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm0 18c-4.41 0-8-3.59-8-8s3.59-8 8-8 8 3.59 8 8-3.59 8-8 8zm-5-9h10v2H7z"/>
                 </svg>
diff --git a/public/users/power-strip.js b/public/users/power-strip.js
index 8522698..f4f79cd 100644
--- a/public/users/power-strip.js
+++ b/public/users/power-strip.js
@@ -305,7 +305,7 @@ class PowerStrip extends HTMLElement {
         .avatar {
             width: 1.1rem;
             height: 1.1rem;
-            border-radius: 4px;
+            border-radius: 50%;
             object-fit: cover;
         }
 
diff --git a/public/users/style.css b/public/users/style.css
index 110ae01..9bf095f 100644
--- a/public/users/style.css
+++ b/public/users/style.css
@@ -252,6 +252,15 @@ button:disabled {
 }
 
 .avatar-large {
+  width: 100px;
+  height: 100px;
+  border-radius: 50%;
+  object-fit: cover;
+  border: 3px solid white;
+  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
+}
+
+.account-avatar-large {
   width: 100px;
   height: 100px;
   border-radius: 8px;
@@ -350,7 +359,7 @@ button:disabled {
 .member-avatar {
   width: 32px;
   height: 32px;
-  border-radius: 4px;
+  border-radius: 50%;
   object-fit: cover;
   flex-shrink: 0;
   background: #f1f3f4;

From 5b0a2f2462522a2766679a458e3121d14774b9e3 Mon Sep 17 00:00:00 2001
From: Sergey Chernyshev <sergey.chernyshev@gmail.com>
Date: Mon, 16 Feb 2026 23:23:43 -0500
Subject: [PATCH 49/49] Improved account management page

---
 src/ImageUtils.ts       |  63 ----------
 test/membership.spec.ts | 251 ++++++++++++++++++++--------------------
 2 files changed, 125 insertions(+), 189 deletions(-)
 delete mode 100644 src/ImageUtils.ts

diff --git a/src/ImageUtils.ts b/src/ImageUtils.ts
deleted file mode 100644
index 2d4db30..0000000
--- a/src/ImageUtils.ts
+++ /dev/null
@@ -1,63 +0,0 @@
-import * as photon from '@silvia-odwyer/photon';
-
-let photonInitialized = false;
-
-async function ensurePhoton() {
-  if (!photonInitialized) {
-    // In Cloudflare Workers, we might need to fetch the wasm file if it's not bundled correctly
-    // or use a specific import pattern if configured in wrangler.
-    // For now, let's try the default init() which works in many environments.
-    // @ts-ignore
-    await photon.default();
-    photonInitialized = true;
-  }
-}
-
-/**
- * Resizes an image to a square of specified size, cropping if necessary.
- */
-export async function resizeToSquare(imageBuffer: ArrayBuffer, size: number = 500): Promise<ArrayBuffer> {
-  console.log('[ImageUtils] Starting resizeToSquare, buffer size:', imageBuffer.byteLength);
-  try {
-    await ensurePhoton();
-    console.log('[ImageUtils] Photon initialized');
-
-    const uint8Array = new Uint8Array(imageBuffer);
-    const photonImage = photon.PhotonImage.new_from_bytes(uint8Array);
-    
-    const width = photonImage.get_width();
-    const height = photonImage.get_height();
-    console.log('[ImageUtils] Original size:', width, 'x', height);
-    
-    // Crop to square
-    let imageToResize = photonImage;
-    const minDim = Math.min(width, height);
-    if (width !== height) {
-        const x = Math.floor((width - minDim) / 2);
-        const y = Math.floor((height - minDim) / 2);
-        console.log('[ImageUtils] Cropping to:', minDim, 'x', minDim, 'at', x, ',', y);
-        imageToResize = photon.crop(photonImage, x, y, x + minDim, y + minDim);
-    }
-
-    // sampling_filter: 1 = Nearest, 2 = Triangle, 3 = CatmullRom, 4 = Gaussian, 5 = Lanczos3
-    console.log('[ImageUtils] Resizing to:', size, 'x', size);
-    const resizedImage = photon.resize(imageToResize, size, size, 5);
-    
-    const resultBytes = resizedImage.get_bytes();
-    console.log('[ImageUtils] Resize complete, result size:', resultBytes.byteLength);
-    
-    // Cleanup
-    photonImage.free();
-    if (imageToResize !== photonImage) {
-        imageToResize.free();
-    }
-    resizedImage.free();
-
-    return resultBytes.buffer as ArrayBuffer;
-  } catch (e: any) {
-    console.error('[ImageUtils] Error resizing image:', e);
-    // If resizing fails, return original buffer as fallback instead of throwing 500
-    console.warn('[ImageUtils] Falling back to original image');
-    return imageBuffer;
-  }
-}
diff --git a/test/membership.spec.ts b/test/membership.spec.ts
index 294d274..0508b6a 100644
--- a/test/membership.spec.ts
+++ b/test/membership.spec.ts
@@ -1,196 +1,195 @@
 import { env, SELF } from 'cloudflare:test';
-import { describe, it, expect } from 'vitest';
+import { describe, it, expect, beforeEach } from 'vitest';
 import { CookieManager } from '../src/CookieManager';
 
-describe('Account Membership Management', () => {
+describe('Permission Enforcement', () => {
   const cookieManager = new CookieManager(env.SESSION_SECRET);
 
   async function createSession(userIdStr: string) {
-      const userStub = env.USER.get(env.USER.idFromString(userIdStr));
-      const { sessionId } = await userStub.createSession();
-      return `session_id=${await cookieManager.encrypt(`${sessionId}:${userIdStr}`)}`;
+    const userStub = env.USER.get(env.USER.idFromString(userIdStr));
+    const { sessionId } = await userStub.createSession();
+    return `session_id=${await cookieManager.encrypt(`${sessionId}:${userIdStr}`)}`;
   }
 
-  it('should allow account admin to add and remove members', async () => {
-    // 1. Setup Admin User
-    const adminId = env.USER.newUniqueId();
-    const adminIdStr = adminId.toString();
-    const adminCookie = await createSession(adminIdStr);
-
-    // 2. Setup Account
+  async function setupAccount(name: string) {
     const accId = env.ACCOUNT.newUniqueId();
     const accIdStr = accId.toString();
     const accStub = env.ACCOUNT.get(accId);
-    await accStub.updateInfo({ name: 'Test Account' });
-    await accStub.addMember(adminIdStr, 1); // 1 = ROLE_ADMIN
+    await accStub.updateInfo({ name });
+    return { accId, accIdStr, accStub };
+  }
 
-    // 3. Setup Another User to be added
+  async function setupUser(role?: number, accIdStr?: string) {
     const userId = env.USER.newUniqueId();
     const userIdStr = userId.toString();
+    const cookie = await createSession(userIdStr);
+    
+    if (accIdStr !== undefined && role !== undefined) {
+        const accStub = env.ACCOUNT.get(env.ACCOUNT.idFromString(accIdStr));
+        await accStub.addMember(userIdStr, role);
+    }
+    
+    return { userId, userIdStr, cookie };
+  }
 
-    // 4. Add Member via API
-    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
-      method: 'POST',
-      headers: { 
-          'Cookie': adminCookie,
-          'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({ user_id: userIdStr, role: 0 }),
-    });
-    expect(addRes.status).toBe(200);
-    const addData = await addRes.json() as any;
-    expect(addData.success).toBe(true);
+  it('Account Admin can perform all management tasks', async () => {
+    const { accIdStr } = await setupAccount('Admin Test Account');
+    const { cookie: adminCookie, userIdStr: adminIdStr } = await setupUser(1, accIdStr); // ROLE_ADMIN = 1
+    const { userIdStr: otherUserId } = await setupUser();
 
-    // 5. List Members via API
+    // 1. Can list members
     const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
       headers: { 'Cookie': adminCookie },
     });
     expect(listRes.status).toBe(200);
-    const members = await listRes.json() as any[];
-    expect(members.length).toBe(2);
-    expect(members.some(m => m.user_id === userIdStr)).toBe(true);
 
-    // 6. Remove Member via API
-    const removeRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${userIdStr}`, {
-      method: 'DELETE',
-      headers: { 'Cookie': adminCookie },
-    });
-    expect(removeRes.status).toBe(200);
-    const removeData = await removeRes.json() as any;
-    expect(removeData.success).toBe(true);
-
-    // 7. Verify member removed
-    const listRes2 = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
-      headers: { 'Cookie': adminCookie },
+    // 2. Can add members
+    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      method: 'POST',
+      headers: { 'Cookie': adminCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ user_id: otherUserId, role: 0 }),
     });
-    const members2 = await listRes2.json() as any[];
-    expect(members2.length).toBe(1);
-    expect(members2.some(m => m.user_id === userIdStr)).toBe(false);
+    expect(addRes.status).toBe(200);
 
-    // 8. Fetch Account Details
-    const detailsRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
-      headers: { 'Cookie': adminCookie },
+    // 3. Can update roles
+    const patchRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${otherUserId}`, {
+      method: 'PATCH',
+      headers: { 'Cookie': adminCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ role: 1 }),
     });
-    expect(detailsRes.status).toBe(200);
-    const details = await detailsRes.json() as any;
-    expect(details.id).toBe(accIdStr);
-    expect(details.billing).toBeDefined();
-    expect(details.billing.state.plan_slug).toBe('free');
+    expect(patchRes.status).toBe(200);
 
-    // 9. Update Account Name
+    // 4. Can update account name
     const updateRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
       method: 'POST',
-      headers: { 
-          'Cookie': adminCookie,
-          'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({ name: 'Updated Account Name' }),
+      headers: { 'Cookie': adminCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ name: 'New Name' }),
     });
     expect(updateRes.status).toBe(200);
-    
-    // Verify name updated in details
-    const detailsRes2 = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
-      headers: { 'Cookie': adminCookie },
-    });
-    const details2 = await detailsRes2.json() as any;
-    expect(details2.name).toBe('Updated Account Name');
 
-    // 10. Update Member Role
-    const userIdToUpdate = env.USER.newUniqueId().toString();
-    await (env.ACCOUNT.get(env.ACCOUNT.idFromString(accIdStr))).addMember(userIdToUpdate, 0);
-    
-    const patchRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${userIdToUpdate}`, {
-      method: 'PATCH',
-      headers: { 
-          'Cookie': adminCookie,
-          'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({ role: 1 }),
+    // 5. Can remove others
+    const removeRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${otherUserId}`, {
+      method: 'DELETE',
+      headers: { 'Cookie': adminCookie },
     });
-    expect(patchRes.status).toBe(200);
+    expect(removeRes.status).toBe(200);
 
-    // 11. Protect self from removal
+    // 6. Cannot remove themselves
     const selfRemoveRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${adminIdStr}`, {
       method: 'DELETE',
       headers: { 'Cookie': adminCookie },
     });
     expect(selfRemoveRes.status).toBe(400);
 
-    // 12. Protect self from demotion
+    // 7. Cannot demote themselves
     const selfDemoteRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${adminIdStr}`, {
       method: 'PATCH',
-      headers: { 
-          'Cookie': adminCookie,
-          'Content-Type': 'application/json'
-      },
+      headers: { 'Cookie': adminCookie, 'Content-Type': 'application/json' },
       body: JSON.stringify({ role: 0 }),
     });
     expect(selfDemoteRes.status).toBe(400);
   });
 
-  it('should not allow non-admin to add members', async () => {
-    // 1. Setup Non-Admin User
-    const userId = env.USER.newUniqueId();
-    const userIdStr = userId.toString();
-    const userCookie = await createSession(userIdStr);
+  it('Regular Member is forbidden from management tasks', async () => {
+    const { accIdStr } = await setupAccount('Member Test Account');
+    const { cookie: memberCookie } = await setupUser(0, accIdStr); // ROLE_USER = 0
+    const { userIdStr: otherUserId } = await setupUser();
 
-    // 2. Setup Account
-    const accId = env.ACCOUNT.newUniqueId();
-    const accIdStr = accId.toString();
-    const accStub = env.ACCOUNT.get(accId);
-    await accStub.updateInfo({ name: 'Test Account' });
-    await accStub.addMember(userIdStr, 0); // 0 = ROLE_USER
+    // 1. Cannot list members
+    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': memberCookie },
+    });
+    expect(listRes.status).toBe(403);
 
-    // 3. Another user to try to add
-    const otherUserId = env.USER.newUniqueId().toString();
+    // 2. Cannot add members
+    const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      method: 'POST',
+      headers: { 'Cookie': memberCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ user_id: otherUserId, role: 0 }),
+    });
+    expect(addRes.status).toBe(403);
+
+    // 3. Cannot update roles
+    const patchRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members/${otherUserId}`, {
+      method: 'PATCH',
+      headers: { 'Cookie': memberCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ role: 1 }),
+    });
+    expect(patchRes.status).toBe(403);
+
+    // 4. Cannot update account name
+    const updateRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      method: 'POST',
+      headers: { 'Cookie': memberCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ name: 'Hacker Name' }),
+    });
+    expect(updateRes.status).toBe(403);
+
+    // 5. Cannot get account details (including billing)
+    const detailsRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      headers: { 'Cookie': memberCookie },
+    });
+    expect(detailsRes.status).toBe(403);
+  });
+
+  it('Non-member is forbidden from management tasks', async () => {
+    const { accIdStr } = await setupAccount('Non-member Test Account');
+    const { cookie: nonMemberCookie } = await setupUser();
+    const { userIdStr: otherUserId } = await setupUser();
+
+    // 1. Cannot list members
+    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': nonMemberCookie },
+    });
+    expect(listRes.status).toBe(403);
 
-    // 4. Try to add member via API
+    // 2. Cannot add members
     const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
       method: 'POST',
-      headers: { 
-          'Cookie': userCookie,
-          'Content-Type': 'application/json'
-      },
+      headers: { 'Cookie': nonMemberCookie, 'Content-Type': 'application/json' },
       body: JSON.stringify({ user_id: otherUserId, role: 0 }),
     });
     expect(addRes.status).toBe(403);
+
+    // 3. Cannot update account name
+    const updateRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      method: 'POST',
+      headers: { 'Cookie': nonMemberCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ name: 'Hacker Name' }),
+    });
+    expect(updateRes.status).toBe(403);
   });
 
-  it('should allow system admin to manage members of any account', async () => {
-    // 1. Setup System Admin
+  it('System Admin can bypass all checks', async () => {
+    const { accIdStr } = await setupAccount('System Admin Test Account');
+    
     const adminIds = (env.ADMIN_IDS || '').split(',').map(id => id.trim());
     const systemAdminId = env.USER.idFromName(adminIds[0]);
     const systemAdminIdStr = systemAdminId.toString();
     const systemAdminCookie = await createSession(systemAdminIdStr);
     
-    // 2. Setup Account (System Admin is NOT a member)
-    const accId = env.ACCOUNT.newUniqueId();
-    const accIdStr = accId.toString();
-    const accStub = env.ACCOUNT.get(accId);
-    await accStub.updateInfo({ name: 'System Managed Account' });
+    const { userIdStr: otherUserId } = await setupUser();
 
-    // 3. Another user to be added
-    const userId = env.USER.newUniqueId().toString();
+    // 1. Can list members of any account
+    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
+      headers: { 'Cookie': systemAdminCookie },
+    });
+    expect(listRes.status).toBe(200);
 
-    // 4. System Admin adds member via API
+    // 2. Can add members to any account
     const addRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
       method: 'POST',
-      headers: { 
-          'Cookie': systemAdminCookie,
-          'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({ user_id: userId, role: 0 }),
+      headers: { 'Cookie': systemAdminCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ user_id: otherUserId, role: 0 }),
     });
     expect(addRes.status).toBe(200);
-    const addData = await addRes.json() as any;
-    expect(addData.success).toBe(true);
 
-    // 5. System Admin lists members
-    const listRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}/members`, {
-      headers: { 'Cookie': systemAdminCookie },
+    // 3. Can update account name of any account
+    const updateRes = await SELF.fetch(`http://example.com/users/api/me/accounts/${accIdStr}`, {
+      method: 'POST',
+      headers: { 'Cookie': systemAdminCookie, 'Content-Type': 'application/json' },
+      body: JSON.stringify({ name: 'System Updated Name' }),
     });
-    expect(listRes.status).toBe(200);
-    const members = await listRes.json() as any[];
-    expect(members.length).toBe(1);
+    expect(updateRes.status).toBe(200);
   });
 });