README

Documentation
The docs now include dark mode, the sidebar on mobile and a expanded ticket lifecycle
2026-05-29 10:05:20 +02:00 · 2026-05-29 10:03:58 +02:00 · 2026-05-29 09:45:34 +02:00 · 2026-05-29 09:37:25 +02:00 · 2026-05-29 09:36:56 +02:00 · 2026-05-28 18:49:29 +02:00
30 changed files with 1398 additions and 589 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -21,6 +21,7 @@ frontend/node_modules/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 .idea/
 .antigravitycli/
 # Added by cargo
--- a/README.cargo.md
+++ b/README.cargo.md
@@ -0,0 +1,58 @@
 # Ticketsystem
 A ticket system with backend and frontend components.
 ## Components
 - **[Backend](../backend/index.html)** - The server-side API and business logic
 - **[Frontend](../frontend/index.html)** - The client-side user interface
 ## Usage
 ### Prerequisite
 #### IMPORTANT
 Before compiling the programm you have to install the rust toolchain. 
 For a guide to do this, visit: <https://rust-lang.org/tools/install/>
 A instance of a postgresql has to be accessible to the backend. Place the connection details in a .env file into the variable `DATABASE_URL`
 To setup the tables you either can create them manually by following the sheme specified in `backend/migrations` or apply them with sqlx
 To install sqlx run `cargo install sqlx` and then in the `backend` directory run `sqlx migrate run` to create the tables
 ### Environment
 The .env file has to be in the root directory of the project or in the same directory as the executable
 Keys:
 `DATABASE_URL`: Specifying the url and connection details for the database
 `TOKEN_SECRET`: The JWT token secret, can theoretically be anything but is more secure when generated with a tool, e.g: <https://jwtsecrets.com/>
 `ORIGIN`: The origin of the frontend, used for CORS rules
 `BACKEND_PORT`: The port which the backend should use to run on
 ### Backend
 The backend can either be run via `cargo run --release` or `cargo build --release` using the correct target architecture, e.g. 'x86_64-unknown-linux-gnu', 
 the executable will be placed in the `target/release` directory and can then be run via any method
 ### Frontend
 The HTML code for the frontend can be generated by using `trunk build`. The resulting files will end up in the `frontend/dist` directory and can be served over any webserver supporting wasm
 #### NOTE
 To install trunk run `cargo install trunk`
 #### IMPORTANT
 Requests from the frontend to /api/* have to be proxied to the Backend
 Example with nginx and frontend running at localhost:8000 and backend at localhost:9000 :
 ```nginx
 location /api/ {
  proxy_pass http://localhost:9000/api;
 }
 ```
 ## Usage of AI
 Github Copilot CLI was used with the model Claude Haiku 4.5 to generate most of the documentation:
 ### Prompt 
 Generate comments for cargo doc describing the indivilual components and create links to relevant structs, functions etc.
 ### Output
 The comments with `///` or `//!`
 I've gone over most of it and modified it to my needs and opinions
--- a/README.md
+++ b/README.md
@@ -4,5 +4,382 @@ A ticket system with backend and frontend components.
 ## Components
- **[Backend](../backend/index.html)** - The server-side API and business logic
+- **[Backend]** - The server-side API and business logic
- **[Frontend](../frontend/index.html)** - The client-side user interface
+- **[Frontend]** - The client-side user interface
 ## Usage
 ### Prerequisite
 > [!IMPORTANT]
 > Before compiling the programm you have to install the rust toolchain. 
 > For a guide to do this, visit: <https://rust-lang.org/tools/install/>
 A instance of a postgresql has to be accessible to the backend. Place the connection details in a .env file into the variable `DATABASE_URL`
 To setup the tables you either can create them manually by following the sheme specified in `backend/migrations` or apply them with sqlx
 To install sqlx run `cargo install sqlx` and then in the `backend` directory run `sqlx migrate run` to create the tables
 ### Environment
 The .env file has to be in the root directory of the project or in the same directory as the executable
 Keys:
 `DATABASE_URL`: Specifying the url and connection details for the database
 `TOKEN_SECRET`: The JWT token secret, can theoretically be anything but is more secure when generated with a tool, e.g: <https://jwtsecrets.com/>
 `ORIGIN`: The origin of the frontend, used for CORS rules
 `BACKEND_PORT`: The port which the backend should use to run on
 ### Backend
 The backend can either be run via `cargo run --release` or `cargo build --release` using the correct target architecture, e.g. 'x86_64-unknown-linux-gnu', 
 the executable will be placed in the `target/release` directory and can then be run via any method
 ### Frontend
 The HTML code for the frontend can be generated by using `trunk build`. The resulting files will end up in the `frontend/dist` directory and can be served over any webserver supporting wasm
 > [!NOTE]
 > To install trunk run `cargo install trunk`
 > [!IMPORTANT]
 > Requests from the frontend to /api/* have to be proxied to the Backend
 > Example with nginx and frontend running at localhost:8000 and backend at localhost:9000 :
 > ```nginx
 > location /api/ {
 >   proxy_pass http://localhost:9000/api;
 > }
 > ```
 ## Diagrams
 ### Class Diagramm
 #### Backend
 ```mermaid
 classDiagram
    class Error {
        +status: &'static str
        +message: String
    }
    class TicketResponse {
        +id: i32
        +category: String
        +betreff: String
        +description: String
        +room: i16
        +status: String
        +date: chrono::DateTime~chrono::Utc~
        +user_id: i16
        +user_first_name: String
        +user_last_name: String
    }
    class User {
        +id: i16
        +last_name: String
        +first_name: String
        +username: String
        +is_admin: bool
        +pwd: String
    }
    class TicketCreateScheme {
        +category: String
        +betreff: String
        +description: String
        +room: i16
    }
    class TicketUpdateScheme {
        +status: String
    }
    class UserUpdateScheme {
        +id: i16
        +first_name: String
        +last_name: String
        +username: String
        +make_admin: bool
        +new_pwd: String
    }
    class UserCreateScheme {
        +first_name: String
        +last_name: String
        +username: String
        +is_admin: bool
        +pwd: String
    }
    class LoginScheme {
        +username: String
        +pwd: String
    }
    class FilteredUser {
        +id: i16
        +first_name: String
        +last_name: String
        +username: String
        +is_admin: bool
    }
    class Claims {
        +sub: String
        +issued: usize
        +expires: usize
    }
    class AppState {
        -db: PgPool
        -env: Env
    }
    class Env {
        +db_url: String
        +token_secret: String
        +origin: String
        +backend_port: String
        +load() Env
    }
    AppState --> Env
    Env ..> Env
 ```
 #### Frontend
 ```mermaid
 classDiagram
    class TicketCreateScheme {
        +category: String
        +betreff: String
        +description: String
        +room: i16
    }
    class TicketUpdateScheme {
        +status: String
    }
    class Ticket {
        +id: i32
        +category: String
        +betreff: String
        +description: String
        +room: i16
        +status: String
        +date: chrono::DateTime~chrono::Utc~
        +user_id: i16
        +user_first_name: String
        +user_last_name: String
    }
    class TicketProps {
        +id: i32
    }
    class ActiveUser {
        +id: Option~i16~
        +is_admin: bool
    }
    class ApiError {
        -message: String
        -_status: String
    }
    class SidebarExpandState {
        +ticket_open: bool
        +users_open: bool
    }
    class Default {
        +default() Self
    }
    class SidebarState {
        +expand: SidebarExpandState
        +set_tickets_open: Callback~bool~
        +toggle_tickets: Callback~()~
        +set_users_open: Callback~bool~
        +toggle_users: Callback~()~
        +new(expand:SidebarExpandState, set_tickets_open:Callback~bool~, toggle_tickets:Callback~()~, set_users_open:Callback~bool~, toggle_users:Callback~()~) Self
    }
    class SidebarProps {
        +children: Children
    }
    class TicketPartial {
        -date: DateTime~Utc~
        -room: i16
        -user_id: i16
    }
    class UserPartial {
        -id: i16
        -first_name: String
        -last_name: String
    }
    class RoomTotalsProps {
        -tickets: Vec~TicketPartial~
    }
    class UserTotalProps {
        -users: Vec~UserPartial~
        -tickets: Vec~TicketPartial~
    }
    class AdminSetupScheme {
        +first_name: String
        +last_name: String
        +username: String
        +pwd: String
    }
    class UserCreateScheme {
        +first_name: String
        +last_name: String
        +username: String
        +is_admin: bool
        +pwd: String
    }
    class LoginScheme {
        +username: String
        +pwd: String
    }
    class UserUpdateScheme {
        +id: i16
        +first_name: String
        +last_name: String
        +username: String
        +make_admin: bool
        +new_pwd: String
    }
    class FilteredUser {
        +id: i16
        +first_name: String
        +last_name: String
        +username: String
        +is_admin: bool
    }
    class UserProps {
        +id: i16
    }
    class ApiError {
        -message: String
        -_status: String
    }
    class AuthState {
        +is_authenticated: Option~bool~
        +is_admin: Option~bool~
    }
    class ProtectedRouteProps {
        +children: Children
        +admin_page: bool
    }
    class SidebarShellProps {
        +children: Children
    }
    class SidebarComponentProps {
        +is_open: bool
        +on_close: Callback~()~
    }
    class AdminCheckWrapperProps {
        +children: Children
    }
    SidebarState --> SidebarExpandState
    RoomTotalsProps --> TicketPartial
    UserTotalProps --> UserPartial
    UserTotalProps --> TicketPartial
    SidebarShellProps ..> SidebarComponentProps
 ```
 ### Sequence Diagrams
 #### 1. System Initialization & Administrator Setup
 ```mermaid
 sequenceDiagram
    autonumber
    actor Admin as Initial Administrator
    participant FE as Frontend (Yew)
    participant BE as Backend (Axum)
    participant DB@{"type": "database", "alias": "Database"}
    Note over Admin, DB: System Initialization Flow
    FE->>BE: GET /api/check-admin
    BE->>DB: SELECT COUNT(*) FROM users WHERE is_admin = true
    DB-->>BE: 0 (No admin found)
    BE-->>FE: HTTP 200 OK {"exists": false}
    FE-->>Admin: Render Admin Setup Page
    Admin->>FE: Input username, password, first/last name
    FE->>BE: POST /api/setup-admin {username, pwd, ...}
    Note over BE: Hash password using Argon2
    BE->>DB: INSERT INTO users (username, pwd, is_admin, ...)
    DB-->>BE: Success
    BE-->>FE: HTTP 200 OK {"status": "success"}
    FE-->>Admin: Redirect to Login Page
 ```
 #### 2. User Authentication Flow (Login)
 ```mermaid
 sequenceDiagram
    autonumber
    actor User 
    participant FE as Frontend (Yew)
    participant BE as Backend (Axum)
    participant DB as Database@{"type": "database"}
    Note over User, DB: Authentication & Cookie Session Setup
    User->>FE: Enter username & password
    FE->>BE: POST /api/login {username, pwd}
    BE->>DB: SELECT * FROM users WHERE username = $1
    DB-->>BE: Return user record with password hash
    Note over BE: Verify password using Argon2
    alt Password Valid
        Note over BE: Generate JWT token containing claims (sub: user_id)
        Note over BE: Build HttpOnly, Secure, Lax cookie 'token'
        BE-->>FE: HTTP 200 OK {"status": "success", "token": "...", "user": {...}}
        Note over BE,FE: Header: Set-Cookie: token=...#59; Path=/#59; HttpOnly#59; SameSite=Lax
        Note over FE: Save auth state to global context
        FE-->>User: Redirect to Dashboard / Home
    else Password Invalid
        BE-->>FE: HTTP 400 Bad Request {"status": "error", "message": "Invalid password"}
        FE-->>User: Display error message
    end
 ```
 #### 3. Ticket Lifecycle Flow
 ```mermaid
 sequenceDiagram
    autonumber
    actor User as Authenticated User
    actor Admin as Administrator
    participant FE as Frontend (Yew)
    participant BE as Backend (Axum)
    participant DB as Database@{"type": "database"}
    Note over User, DB: Ticket Creation Flow (Protected Route)
    User->>FE: Fill out ticket form & submit
    FE->>BE: POST /api/tickets/create {category, betreff, description, room} (Includes 'token' cookie)
    Note over BE: validate_token middleware decodes & verifies JWT
    BE->>DB: INSERT INTO tickets (category, description, betreff, room, user_id)
    DB-->>BE: Success
    BE-->>FE: HTTP 200 OK {"status": "success"}
    FE-->>User: Clear form & display success notification
    Note over Admin, DB: Ticket Review & Resolution (Admin Only Route)
    Admin->>FE: View Ticket Board
    FE->>BE: GET /api/tickets (Includes 'token' cookie)
    Note over BE: validate_token middleware checks JWT
    BE->>DB: SELECT tickets JOIN users ...
    DB-->>BE: Return list of tickets
    BE-->>FE: HTTP 200 OK [tickets]
    FE-->>Admin: Render Ticket List
    Admin->>FE: Click "Resolve" on ticket
    FE->>BE: PATCH /api/tickets/{id} {"status": "Resolved"} (Includes 'token' cookie)
    Note over BE: validate_admin middleware verifies token & checks is_admin = true
    BE->>DB: UPDATE tickets SET status = $1 WHERE id = $2
    DB-->>BE: Success
    BE-->>FE: HTTP 200 OK {"status": "success"}
    FE-->>Admin: Update ticket status in UI
    Note over Admin, DB: Ticket Archiving Flow (Admin Only Route)
    Admin->>FE: Open Archived Tickets page
    FE->>BE: GET /api/tickets/archive (Includes 'token' cookie)
    Note over BE: validate_admin middleware verifies token & admin role
    BE->>DB: SELECT * FROM tickets WHERE status = 'Archived'
    DB-->>BE: Return archived tickets
    BE-->>FE: HTTP 200 OK [Archived Tickets]
    FE-->>Admin: Render historical archive board
 ```
 ## Usage of AI
 Github Copilot CLI was used with the model Claude Haiku 4.5 to generate most of the documentation
 Google Antigravity generated the Sequence Diagrams
 ### Prompt 
 Generate comments for cargo doc describing the indivilual components and create links to relevant structs, functions etc.
 Generate a sequence diagramm in @[README.md] behind the class diagramms
 ### Output
 The comments with `///` or `//!`
 I've gone over most of it and modified it to my needs and opinions
 The general structure sequence diagrams above. I've modified and fixed any errors and discrepancys 
--- a/backend/src/cookie/jwt.rs
+++ b/backend/src/cookie/jwt.rs
@@ -6,8 +6,8 @@ use crate::models::Claims;
 /// Error response for JWT token operations.
 ///
-/// Returned when token encoding or decoding fails. Used in error responses
+/// Returned when token encoding or decoding fails via `encode_token` or `decode_token`.
-/// for invalid or expired tokens.
+/// Used in error responses for invalid or expired [`Claims`] tokens.
 ///
 /// # Fields
 /// - `status`: HTTP status text (e.g., "error")
@@ -22,7 +22,7 @@ pub struct Error {
 ///
 /// This function creates a new JWT with the provided user ID as the subject,
 /// sets the issued-at and expiration times (60 minutes from now), and signs it
-/// using the given encoding key.
+/// using the given encoding key. The resulting token is a serialized [`Claims`].
 ///
 /// # Arguments
 /// - `header`: The JWT header, specifying the algorithm (e.g., HS256).
@@ -30,7 +30,7 @@ pub struct Error {
 /// - `key`: The `EncodingKey` used to sign the JWT.
 ///
 /// # Returns
-/// A `String` representing the encoded JWT.
+/// A `String` representing the encoded JWT containing [`Claims`].
 ///
 /// # Panics
 /// Panics if the token encoding fails for any reason (e.g., invalid key).
@@ -43,22 +43,23 @@ pub fn encode_token(header: &Header, id: String, key: &EncodingKey) -> String {
        expires: expires as usize,
    };
    let token = encode(header, &claims, key);
-    return token.expect("token return failed");
+    token.expect("token return failed")
 }
 /// Decodes and validates a JSON Web Token (JWT).
 ///
 /// This function attempts to decode a JWT string, validate its signature and claims
 /// using the provided decoding key. It specifically ignores expiration (`validate_exp`)
-/// and "not before" (`validate_nbf`) claims during validation.
+/// and "not before" (`validate_nbf`) claims during validation. Returns the extracted [`Claims`]
 /// on success.
 ///
 /// # Arguments
 /// - `token`: The JWT string to decode.
 /// - `key`: The `DecodingKey` used to verify the JWT's signature.
 ///
 /// # Returns
-/// - `200 OK`: If the token is successfully decoded and verified, returns the extracted `Claims`.
+/// - `Ok(Claims)`: If the token is successfully decoded and verified, returns the extracted [`Claims`].
-/// - `401 UNAUTHORIZED`: If the token is invalid, expired, or cannot be decoded,
+/// - `Err((StatusCode, Json<Error>))`: If the token is invalid, expired, or cannot be decoded,
 ///   returns an `UNAUTHORIZED` status code along with a JSON error message.
 pub fn decode_token(token: String, key: &DecodingKey) -> Result<Claims, (StatusCode, Json<Error>)> {
    let mut validation = jsonwebtoken::Validation::new(jsonwebtoken::Algorithm::HS256);
@@ -76,5 +77,5 @@ pub fn decode_token(token: String, key: &DecodingKey) -> Result<Claims, (StatusC
            (StatusCode::UNAUTHORIZED, Json(error))
        })?
        .claims;
-    return Ok(claims);
+    Ok(claims)
 }
--- a/backend/src/cookie/validation.rs
+++ b/backend/src/cookie/validation.rs
@@ -17,22 +17,23 @@ use crate::{AppState, cookie::jwt::decode_token, handlers::auth::filter_user, mo
 /// Axum middleware to validate a JWT token present in cookies or Authorization header.
 ///
 /// This function extracts a JWT from the request (either from the `token` cookie or
-/// the `Authorization: Bearer` header), decodes and validates it. If valid, it fetches
+/// the `Authorization: Bearer` header), decodes and validates it using [`decode_token`](`crate::cookie::jwt::decode_token`)).
-/// the corresponding user from the database and inserts a `FilteredUser` into the
+/// If valid, it fetches the corresponding [`User`] from the database and inserts a
-/// request extensions for subsequent handlers to use.
+/// [`FilteredUser`](crate::models::FilteredUser)
 /// (converted via [`filter_user`](`crate::handlers::auth::filter_user`)) into the request extensions for subsequent handlers to use.
 ///
 /// If the token is missing, invalid, or the user is not found, it returns an
 /// appropriate error response (401 Unauthorized).
 ///
 /// # Arguments
 /// - `cookies`: The `CookieJar` from the request, used to extract the `token` cookie.
-/// - `request`: The incoming HTTP request, which will have user data injected into its extensions.
+/// - `State(data)`: Application state containing `AppState` for database access and `token_secret`.
 /// - `mut request`: The incoming HTTP request, which will have user data injected into its extensions.
 /// - `next`: The next middleware or handler in the chain.
 ///
 /// # Returns
-/// - `200 OK`: If validation succeeds, the request proceeds to the next handler.
+/// - `Ok(impl IntoResponse)`: If validation succeeds, the request proceeds to the next handler.
-/// - `401 UNAUTHORIZED`: If validating the user fails.
+/// - `Err((StatusCode, Json<serde_json::Value>))`: An error response if validation fails.
 /// - `500 INTERNAL SERVER ERROR`: If the database query fails
 pub async fn validate_token(
    cookies: CookieJar,
    State(data): State<Arc<AppState>>,
@@ -47,13 +48,7 @@ pub async fn validate_token(
                .headers()
                .get(header::AUTHORIZATION)
                .and_then(|header| header.to_str().ok())
-                .and_then(|value| {
+                .and_then(|value| value.strip_prefix("Bearer ").map(|s| s.to_owned()))
                    if value.starts_with("Bearer ") {
                        Some(value[7..].to_owned())
                    } else {
                        None
                    }
                })
        });
    let token = token.ok_or_else(|| {
@@ -76,7 +71,7 @@ pub async fn validate_token(
        (status, Json(error))
    })?;
-    let uuid = (&claims.sub).parse::<i16>().map_err(|_| {
+    let uuid = claims.sub.parse::<i16>().map_err(|_| {
        let error = json!({
            "status": "error",
            "message": "Invalid user id"
@@ -110,22 +105,24 @@ pub async fn validate_token(
 /// Axum middleware to validate JWT token and ensure the authenticated user has admin privileges.
 ///
-/// This middleware first performs all checks of `validate_token`: extracting, decoding,
+/// This middleware first performs all checks of [`validate_token`]: extracting, decoding,
-/// and validating the JWT, and fetching the associated user from the database.
+/// and validating the JWT via [`decode_token`](`crate::cookie::jwt::decode_token`), and fetching the associated [`User`] from the database.
-/// Additionally, it verifies that the fetched user has `is_admin` set to `true`.
+/// Additionally, it verifies that the fetched user has `is_admin` set to `true`. Returns a [`FilteredUser`](crate::models::FilteredUser)
 /// (converted via [`filter_user`](`crate::handlers::auth::filter_user`)) in the request extensions if both authentication and admin status are valid.
 ///
 /// If the user is not authenticated or not an administrator, it returns an
 /// appropriate error response (401 Unauthorized or 403 Forbidden).
 ///
 /// # Arguments
 /// - `cookies`: The `CookieJar` from the request.
-/// - `request`: The incoming HTTP request, which will have admin user data injected.
+/// - `State(data)`: Application state containing `AppState`.
 /// - `mut request`: The incoming HTTP request, which will have admin user data injected.
 /// - `next`: The next middleware or handler in the chain.
 ///
 /// # Returns
-/// - `200 OK`: If validation and admin check succeed, the request proceeds.
+/// - `Ok(impl IntoResponse)`: If validation and admin check succeed, the request proceeds.
-/// - `401 UNAUTHORIZED`: An error response if validation fails or the user is not an admin.
+/// - `Err((StatusCode, Json<serde_json::Value>))`: An error response if validation fails
-/// - `500 INTERNAL SERVER ERROR`: If the databse query fails
+///   or the user is not an admin.
 pub async fn validate_admin(
    cookies: CookieJar,
    State(data): State<Arc<AppState>>,
@@ -140,13 +137,7 @@ pub async fn validate_admin(
                .headers()
                .get(header::AUTHORIZATION)
                .and_then(|header| header.to_str().ok())
-                .and_then(|value| {
+                .and_then(|value| value.strip_prefix("Bearer ").map(|s| s.to_owned()))
                    if value.starts_with("Bearer ") {
                        Some(value[7..].to_owned())
                    } else {
                        None
                    }
                })
        });
    let token = token.ok_or_else(|| {
@@ -169,7 +160,7 @@ pub async fn validate_admin(
        (status, Json(error))
    })?;
-    let uuid = (&claims.sub).parse::<i16>().map_err(|_| {
+    let uuid = claims.sub.parse::<i16>().map_err(|_| {
        let error = json!({
            "status": "error",
            "message": "Invalid user id"
--- a/backend/src/env.rs
+++ b/backend/src/env.rs
@@ -1,12 +1,13 @@
 /// Environment configuration for the application.
 ///
 /// Loads required configuration from environment variables at startup.
-/// All variables must be present or the application will panic.
+/// All variables must be present or the application will panic during [`Env::load`].
 /// Used by [`AppState`](crate::AppState) for configuring JWT signing and CORS.
 ///
 /// # Fields
-/// - `db_url`: PostgreSQL database connection URL.
+/// - `db_url`: PostgreSQL database connection URL
-/// - `token_secret`: Secret key used to sign and verify JWT tokens.
+/// - `token_secret`: Secret key used to sign and verify [`Claims`](crate::models::Claims) in JWT tokens
-/// - `origin`: Frontend origin URL for CORS policy.
+/// - `origin`: Frontend origin URL for CORS policy configuration
 ///
 /// # Required Environment Variables
 /// - `DATABASE_URL`: PostgreSQL connection string (e.g., `postgresql://user:pass@localhost/dbname`)
@@ -20,26 +21,38 @@ pub struct Env {
    pub token_secret: String,
    /// Frontend origin URL for CORS policy
    pub origin: String,
    /// Backend port number
    pub backend_port: String,
 }
 impl Env {
    /// Loads environment configuration from system environment variables.
    ///
-    /// Panics if any required variable is missing.
+    /// Reads `DATABASE_URL`, `TOKEN_SECRET`, and `ORIGIN` from the environment and returns
    /// a configured [`Env`] instance. Used during server initialization in the `main` function.
    ///
    /// # Panics
    /// If any required variable is missing (DATABASE_URL, TOKEN_SECRET, or ORIGIN).
    ///
    /// # Example
    /// ```ignore
    /// let env = Env::load();
    /// // Environment must have DATABASE_URL, TOKEN_SECRET, and ORIGIN set
    /// let app_state = AppState {
    ///     db: pool,
    ///     env,
    /// };
    /// ```
    pub fn load() -> Env {
        let db_url = std::env::var("DATABASE_URL").expect("DATABASE_URL must be set");
        let token_secret = std::env::var("TOKEN_SECRET").expect("TOKEN_SECRET must be set");
        let origin = std::env::var("ORIGIN").expect("ORIGIN must be set");
        let backend_port = std::env::var("BACKEND_PORT").expect("BACKEND_PORT must be set");
        Env {
            db_url,
            token_secret,
            origin,
            backend_port,
        }
    }
 }
--- a/backend/src/handlers/auth.rs
+++ b/backend/src/handlers/auth.rs
@@ -22,11 +22,12 @@ use crate::{
 /// Registers a new user in the system.
 ///
-/// Creates a new user account with the provided credentials. The password is hashed using Argon2
+/// Creates a new [`User`] account with the provided [`UserCreateScheme`] credentials.
-/// before being stored. Only administrators can create new users.
+/// The password is hashed using Argon2 before being stored. Only administrators can create new users.
 ///
 /// # Arguments
-/// - `request`: Json with [UserCreateScheme] as it's format
+/// - `State(data)`: Application state containing [`AppState`] for database access
 /// - `request`: [`UserCreateScheme`] containing user details including first/last name, username, admin flag, and password
 ///
 /// # Returns
 /// - `200 OK` on successful user creation
@@ -34,12 +35,7 @@ use crate::{
 /// - `500 Internal Server Error` if database insertion fails
 ///
 /// # Password Hashing
-/// Uses Argon2 with a cryptographically secure random salt:
+/// Uses Argon2 with a cryptographically secure random salt.
 /// ```ignore
 /// let argon = Argon2::default();
 /// let salt = SaltString::generate(&mut OsRng);
 /// let hashed_pwd = argon.hash_password(password.as_bytes(), &salt)?;
 /// ```
 pub async fn create_user(
    State(data): State<Arc<AppState>>,
    Json(request): Json<UserCreateScheme>,
@@ -64,7 +60,7 @@ pub async fn create_user(
        )
    })?;
-    if let Some(_) = exist_check {
+    if exist_check.is_some() {
        return Err((
            StatusCode::BAD_REQUEST,
            Json(json!({"status": "error", "message": "user already exists"})),
@@ -94,10 +90,10 @@ pub async fn create_user(
        })?;
    if user.rows_affected() < 1 {
-        return Err((
+        Err((
            StatusCode::INTERNAL_SERVER_ERROR,
            Json(json!({"status": "error", "message": "Error creating user"})),
-        ));
+        ))
    } else {
        Ok(Json(json!({"status": "success", "result": "User created"})))
    }
@@ -106,27 +102,23 @@ pub async fn create_user(
 /// Authenticates a user and creates a JWT token for session management.
 ///
 /// Verifies the provided username and password against stored credentials using Argon2 verification.
-/// On successful authentication, generates a JWT token and sets it as an HTTP-only cookie.
+/// On successful authentication, generates and encodes a [`Claims`](crate::models::Claims) token via [`encode_token`](`crate::cookie::jwt::encode_token`) and sets it as an HTTP-only cookie.
 /// The token is valid for 1 hour.
 ///
 /// # Arguments
-/// - `request`: Login credentials in Json format using the [LoginScheme]
+/// - `State(data)`: Application state containing [`AppState`] for database access
 /// - `request`: [`LoginScheme`] containing login credentials (username, password)
 ///
 /// # Returns
-/// - `200 OK` with JSON containing token and [FilteredUser] info
+/// - `200 OK` with JSON containing token and filtered [`FilteredUser`] info
 /// - `400 Bad Request` if username not found or password invalid
 /// - `500 Internal Server Error` if database query fails
 ///
 /// # Security Features
 /// - HTTP-only cookie prevents JavaScript access
 /// - SameSite=Lax protects against CSRF attacks
-/// - Password verification uses Argon2:
+/// - Password verification uses Argon2 with stored [`User`] hash
-///   ```ignore
+/// - JWT token includes user ID and expiration timestamp via [`Claims`](crate::models::Claims) encoded by [`encode_token`](`crate::cookie::jwt::encode_token`)
 ///   let valid_pwd = Argon2::default()
 ///       .verify_password(&request.pwd.as_bytes(), &pwd_hash.unwrap())
 ///       .is_ok();
 ///   ```
 /// - JWT token includes user ID and expiration timestamp
 ///
 /// # Example Response
 /// ```json
@@ -153,19 +145,19 @@ pub async fn login(
        .ok_or_else(|| {
            (
                StatusCode::BAD_REQUEST,
-                Json(json!({"status": "error", "message": "Invalid username"})),
+                Json(json!({"status": "error", "message": "Ungültiger Benutzername"})),
            )
        })?;
    let pwd_hash = PasswordHash::new(&user.pwd);
    let valid_pwd = Argon2::default()
-        .verify_password(&request.pwd.as_bytes(), &pwd_hash.unwrap())
+        .verify_password(request.pwd.as_bytes(), &pwd_hash.unwrap())
        .is_ok();
    if !valid_pwd {
        let error_response = serde_json::json!({
            "status": "error",
-            "message": "Invalid password"
+            "message": "Ungültiges passwort"
        });
        return Err((StatusCode::BAD_REQUEST, Json(error_response)));
    }
@@ -195,7 +187,7 @@ pub async fn login(
 ///
 /// Sets the authentication cookie to expire immediately (max_age = -1 hour) which causes
 /// the browser to discard it. This effectively logs the user out without requiring server-side
-/// session invalidation.
+/// session invalidation. The cookie no longer contains a valid [`Claims`](crate::models::Claims) token.
 ///
 /// # Returns
 /// Always returns `200 OK` with success message and an expired cookie header
@@ -227,11 +219,11 @@ pub async fn logout() -> Result<impl IntoResponse, (StatusCode, Json<serde_json:
 /// Retrieves the currently authenticated user's information.
 ///
-/// Uses the user data embedded in the JWT token (via middleware).
+/// Uses the [`FilteredUser`] data embedded in the JWT token (via middleware).
 /// Useful for frontends to display logged-in user info or verify authentication.
 ///
 /// # Returns
-/// - `200 OK` with the [FilteredUser] in Json format
+/// - `200 OK` with [`FilteredUser`] data (excluding password)
 /// - Automatically returns `401 Unauthorized` if not authenticated (middleware)
 ///
 /// # Example Response
@@ -264,18 +256,19 @@ pub async fn get_current_user(
 /// Deletes a user account from the system.
 ///
-/// Only admins can delete users. The user account and all associated data is removed.
+/// Only admins can delete users (enforced by middleware). The [`User`] account and all associated data is removed.
 /// Note: Tickets created by deleted users will have NULL user_id references.
 ///
 /// # Arguments
-/// - `id`: User ID to delete
+/// - `Path(id)`: [`User`] ID to delete, extracted from URL path
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Returns
 /// - `204 No Content` on successful deletion
 /// - `404 Not Found` if user doesn't exist
 /// - `500 Internal Server Error` if database error occurs
 pub async fn delete_user(
-    Path(id): Path<i32>,
+    Path(id): Path<i16>,
    State(data): State<Arc<AppState>>,
 ) -> Result<impl IntoResponse, (StatusCode, Json<serde_json::Value>)> {
    let query = sqlx::query(r#"DELETE FROM users WHERE id = $1"#)
@@ -302,11 +295,14 @@ pub async fn delete_user(
 /// Retrieves all users in the system.
 ///
-/// Only admins can call this endpoint. Returns all users sorted alphabetically by last name.
+/// Only admins can call this endpoint (enforced by middleware). Returns all [`User`] records converted to [`FilteredUser`]
-/// Password hashes are not included in the response.
+/// and sorted alphabetically by last name. Password hashes are not included in the response.
 ///
 /// # Arguments
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Returns
-/// - `200 OK` with array of [FilteredUser] objects
+/// - `200 OK` with array of [`FilteredUser`] objects
 /// - `500 Internal Server Error` if database query fails
 ///
 /// # Example Response
@@ -342,21 +338,22 @@ pub async fn get_users(
            (StatusCode::INTERNAL_SERVER_ERROR, Json(error))
        })?;
-    let response = users
+    let response = users.iter().map(filter_user).collect::<Vec<FilteredUser>>();
        .iter()
        .map(|user| filter_user(&user))
        .collect::<Vec<FilteredUser>>();
    let json_respnse = json!(response);
    Ok(Json(json_respnse))
 }
 /// Retrieves a single user's details by their ID.
 ///
 /// This endpoint allows fetching a specific [`User`]'s information. It returns a [`FilteredUser`]
 /// object (converted via [`filter_user`]), ensuring sensitive data like password hashes are not exposed.
 ///
 /// # Arguments
-/// - `id`: The ID of the user to retrieve, extracted from the URL path.
+/// - `Path(id)`: The ID of the [`User`] to retrieve, extracted from the URL path.
 /// - `State(data)`: Application state containing [`AppState`] for database access.
 ///
 /// # Returns
-/// - `200 OK` with a [FilteredUser] JSON object if the user is found.
+/// - `200 OK` with a [`FilteredUser`] JSON object if the user is found.
 /// - `404 Not Found` if a user with the given ID does not exist.
 /// - `500 Internal Server Error` if a database query error occurs.
 ///
@@ -372,40 +369,44 @@ pub async fn get_user_by_id(
    match query {
        Ok(user) => {
            let response = serde_json::json!(filter_user(&user));
-            return Ok(Json(response));
+            Ok(Json(response))
        }
        Err(sqlx::Error::RowNotFound) => {
            let error_response = serde_json::json!({
                "status": "fail",
                "message": format!("User with ID {} not found", id)
            });
-            return Err((StatusCode::NOT_FOUND, Json(error_response)));
+            Err((StatusCode::NOT_FOUND, Json(error_response)))
        }
-        Err(e) => {
+        Err(e) => Err((
            return Err((
            StatusCode::INTERNAL_SERVER_ERROR,
            Json(json!({"status": "error", "message": format!("{:?}", e)})),
-            ));
+        )),
    }
    };
 }
 /// Updates an existing user's information.
 ///
 /// This endpoint allows administrators to modify a [`User`]'s `first_name`, `last_name`,
 /// `username`, `is_admin` status, and optionally their password. If `new_pwd` in the
 /// request body is an empty string, the user's password remains unchanged.
 ///
 /// # Arguments
-/// - `id`: The ID of the user to update, extracted from the URL path.
+/// - `Path(id)`: The ID of the [`User`] to update, extracted from the URL path.
-/// - `body`: [UserUpdateScheme] containing the fields to update.
+/// - `State(data)`: Application state containing [`AppState`] for database access.
 /// - `Json(body)`: [`UserUpdateScheme`] containing the fields to update.
 ///
 /// # Returns
-/// - `200 OK` with the [FilteredUser] object of the updated user.
+/// - `200 OK` with the [`FilteredUser`] object of the updated user (converted via [`filter_user`]).
 /// - `404 Not Found` if a user with the given ID does not exist.
 /// - `500 Internal Server Error` if a database query or password hashing error occurs.
 ///
 /// # Security Note
 /// - Passwords are hashed using Argon2 before storage.
-/// - This endpoint typically requires admin privileges (enforced by middleware).
+/// - This endpoint requires admin privileges (enforced by middleware via
 ///   [`validate_admin`](crate::cookie::validation::validate_admin)).
 pub async fn update_user(
-    Path(id): Path<i32>,
+    Path(id): Path<i16>,
    State(data): State<Arc<AppState>>,
    Json(body): Json<UserUpdateScheme>,
 ) -> Result<impl IntoResponse, (StatusCode, Json<serde_json::Value>)> {
@@ -461,8 +462,14 @@ pub async fn update_user(
 /// Checks if any administrator user exists in the system.
 ///
 /// This endpoint is used during initialization to determine if the setup page should be displayed.
 /// It counts all [`User`] records with `is_admin = true` in the database.
 ///
 /// # Arguments
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Returns
-/// - `200 OK` On successful database query
+/// - `200 OK` with JSON: `{"has_admin": bool}` - Whether at least one admin exists
 /// - `500 Internal Server Error` if database query fails
 ///
 /// # Example Response
@@ -489,28 +496,24 @@ pub async fn check_admin_exists(
 /// Creates the initial administrator account for a fresh system.
 ///
-/// This function handles the one-time setup of the first admin user. It checks that no admin exists
+/// This function handles the one-time setup of the first admin [`User`]. It checks that no admin exists
-/// before allowing creation. This endpoint is only functional when the system has no administrators.
+/// before allowing creation via database count. This endpoint is only functional when the system has no administrators.
 /// Once created, subsequent admin registrations must go through the normal `create_user` endpoint
 /// with proper authorization.
 ///
 /// # Arguments
-/// - `request`: [UserCreateScheme] as a Json value
+/// - `State(data)`: Application state containing [`AppState`] for database access
 /// - `request`: [`UserCreateScheme`] containing user creation details (first_name, last_name, username, password)
 ///
 /// # Returns
 /// - `200 OK` with success message if admin account created
 /// - `400 Bad Request` if:
-///   - Admin already exists
+///   - Admin already exists (checked via admin count)
 ///   - Username or password is empty
 /// - `500 Internal Server Error` if database insertion fails
 ///
 /// # Security Note
-/// The password is hashed using Argon2 with a random salt before storage:
+/// The password is hashed using Argon2 with a random salt before storage.
 /// ```ignore
 /// let argon = Argon2::default();
 /// let salt = SaltString::generate(&mut OsRng);
 /// let hashed_pwd = argon.hash_password(request.pwd.as_bytes(), &salt)?;
 /// ```
 pub async fn setup_initial_admin(
    State(data): State<Arc<AppState>>,
    Json(request): Json<UserCreateScheme>,
@@ -564,10 +567,10 @@ pub async fn setup_initial_admin(
        })?;
    if user.rows_affected() < 1 {
-        return Err((
+        Err((
            StatusCode::INTERNAL_SERVER_ERROR,
            Json(json!({"status": "error", "message": "Error creating admin user"})),
-        ));
+        ))
    } else {
        Ok(Json(
            json!({"status": "success", "result": "Admin user created"}),
@@ -575,17 +578,18 @@ pub async fn setup_initial_admin(
    }
 }
-/// Converts a User with sensitive data into a FilteredUser safe for API responses.
+/// Converts a [`User`] with sensitive data into a [`FilteredUser`] safe for API responses.
 ///
 /// This function removes password hashes and other sensitive information before
-/// returning user data to clients. Always use this helper instead of directly
+/// returning [`User`] data to clients. Always use this helper instead of directly
-/// serializing User objects.
+/// serializing [`User`] objects.
 /// Used by all authentication endpoints to ensure passwords are never exposed.
 ///
 /// # Arguments
-/// - `user`: Reference to the internal [User] struct containing password hash
+/// - `user`: Reference to the internal [`User`] struct containing password hash
 ///
 /// # Returns
-/// [FilteredUser] with only safe-to-share information:
+/// [`FilteredUser`] with only safe-to-share information:
 /// - `id`: User ID
 /// - `first_name`, `last_name`: User name
 /// - `username`: Login username
@@ -598,7 +602,7 @@ pub async fn setup_initial_admin(
 /// # Example
 /// ```ignore
 /// let user = get_user_from_db(1).await?;
-/// let safe_user = filter_user(&user);
+/// let safe_user = filter_user(&user);  // Convert User to FilteredUser
 /// // safe_user can be safely serialized and sent to client
 /// ```
 pub fn filter_user(user: &User) -> FilteredUser {
@@ -607,6 +611,6 @@ pub fn filter_user(user: &User) -> FilteredUser {
        first_name: user.first_name.clone(),
        last_name: user.last_name.clone(),
        username: user.username.clone(),
-        is_admin: user.is_admin.clone(),
+        is_admin: user.is_admin,
    }
 }
--- a/backend/src/handlers/ticket.rs
+++ b/backend/src/handlers/ticket.rs
@@ -16,12 +16,14 @@ use crate::{
 /// Creates a new support ticket.
 ///
-/// Associates the ticket with the authenticated user and sets the current timestamp.
+/// Associates the ticket with the authenticated [`FilteredUser`] and sets the current timestamp.
 /// Converts the [`TicketCreateScheme`] request into a database record.
 /// Tickets are automatically created with "open" status.
 ///
 /// # Arguments
-/// - `user`: Authenticated user (extracted from JWT token)
+/// - `Extension(user)`: Authenticated [`FilteredUser`] (extracted from JWT token via middleware)
-/// - `body`: Json with the [TicketCreateScheme] as it's format
+/// - `State(data)`: Application state containing [`AppState`] for database access
 /// - `Json(body)`: [`TicketCreateScheme`] containing ticket details (category, subject, description, room)
 ///
 /// # Returns
 /// - `200 OK` on successful creation
@@ -60,10 +62,11 @@ pub async fn create_ticket(
 /// Deletes a ticket by ID.
 ///
-/// Only admins can delete tickets. Marks the ticket as deleted or removes from database.
+/// Only admins can delete tickets (enforced by middleware). Removes the [`TicketResponse`] and associated data from the database.
 ///
 /// # Arguments
-/// - `id`: Ticket ID to delete
+/// - `Path(id)`: Ticket ID to delete, extracted from URL path
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Returns
 /// - `204 No Content` on successful deletion
@@ -95,16 +98,20 @@ pub async fn delete_ticket(
    Ok(StatusCode::NO_CONTENT)
 }
-/// Retrieves all tickets.
+/// Retrieves all non-archived tickets.
 ///
-/// Returns a list of all tickets with user information denormalized for easier rendering.
+/// Returns a list of all active [`TicketResponse`] objects with user information denormalized for easier rendering.
-/// Tickets are ordered by creation date (newest first).
+/// Tickets are ordered by creation date (newest first). Joins with [`User`](crate::models::User) table to include creator information.
 ///
 /// # Arguments
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Filtering
-/// - Uses LEFT JOIN to include creator information
+/// - Excludes tickets with status "Archived"
 /// - Uses LEFT JOIN to include creator information from [`User`](crate::models::User)
 ///
 /// # Returns
-/// - `200 OK` with array of [TicketResponse] objects
+/// - `200 OK` with array of [`TicketResponse`] objects
 /// - `500 Internal Server Error` if database query fails
 ///
 /// # Example Response
@@ -168,12 +175,14 @@ pub async fn get_tickets(
 /// Retrieves a specific ticket by ID.
 ///
 /// Includes full ticket details and denormalized user information (creator name).
 /// Returns a [`TicketResponse`] with all metadata by joining with [`User`](crate::models::User) table.
 ///
 /// # Arguments
-/// - `id`: Ticket ID to retrieve
+/// - `Path(id)`: Ticket ID to retrieve, extracted from URL path
 /// - `State(data)`: Application state containing [`AppState`] for database access
 ///
 /// # Returns
-/// - `200 OK` with [TicketResponse] object
+/// - `200 OK` with [`TicketResponse`] object
 /// - `404 Not Found` if ticket doesn't exist
 /// - `500 Internal Server Error` if database error occurs
 ///
@@ -221,35 +230,36 @@ pub async fn get_ticket_by_id(
                user_last_name: row.get("last_name"),
            };
            let response = serde_json::json!(ticket_response);
-            return Ok(Json(response));
+            Ok(Json(response))
        }
        Err(sqlx::Error::RowNotFound) => {
            let error_response = serde_json::json!({
                "status": "fail",
                "message": format!("Ticket with ID {} not found", id)
            });
-            return Err((StatusCode::NOT_FOUND, Json(error_response)));
+            Err((StatusCode::NOT_FOUND, Json(error_response)))
        }
        Err(e) => {
-            return Err((
+            Err((
                StatusCode::INTERNAL_SERVER_ERROR,
                Json(json!({"status": "error", "message": format!("{:?}", e)})),
-            ));
+            ))
        }
    }
    };
 }
 /// Updates a ticket's status.
 ///
-/// Only admins can update ticket status. This is typically used to transition tickets
+/// Only admins can update ticket status (enforced by middleware). Applies [`TicketUpdateScheme`] to modify the [`TicketResponse`].
-/// through their lifecycle (open → in_progress → resolved → archived).
+/// This is typically used to transition tickets through their lifecycle (open → in_progress → resolved → archived).
 ///
 /// # Arguments
-/// - `id`: Ticket ID to update
+/// - `Path(id)`: Ticket ID to update, extracted from URL path
-/// - `body`: Update payload as a Json array with [TicketUpdateScheme] as it's format
+/// - `State(data)`: Application state containing [`AppState`] for database access
 /// - `Json(body)`: [`TicketUpdateScheme`] update payload containing new status
 ///
 /// # Returns
-/// - `200 OK` with updated [TicketResponse]
+/// - `200 OK` with updated [`TicketResponse`]
 /// - `500 Internal Server Error` if ticket not found or database error
 ///
 /// # Typical Status Flow
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@@ -9,61 +9,28 @@ mod models;
 /// Axum router configuration with all routes and middleware
 mod router;
-use std::sync::{
+use std::sync::Arc;
    Arc,
    atomic::{AtomicI64, Ordering},
 };
-use axum::{
+use axum::http::{
-    Json,
+    HeaderValue, Method,
    http::{
        HeaderValue, Method, StatusCode,
    header::{ACCEPT, AUTHORIZATION, CONTENT_TYPE},
    },
 };
 use dotenv::dotenv;
 use router::create_router;
 use serde::Serialize;
 use sqlx::{PgPool, postgres::PgPoolOptions};
 use tower_http::cors::CorsLayer;
 use crate::env::Env;
 /// A variable to count the problems fixed by a very easy solution
 static EASY_FIX_COUNT: AtomicI64 = AtomicI64::new(0);
 /// The Response struct for the [EASY_FIX_COUNT]
 #[derive(Serialize)]
 struct CounterResp {
    value: i64,
 }
 /// Gets the [EASY_FIX_COUNT] value
 ///
 /// # Returns
 /// - `200 OK` with the value on success
 async fn get_count() -> Json<CounterResp> {
    let v = EASY_FIX_COUNT.load(Ordering::SeqCst);
    Json(CounterResp { value: v })
 }
 /// Incremets the [EASY_FIX_COUNT] value by one
 ///
 /// # Returns
 /// - `200 OK` with the new value on success
 async fn increment() -> Result<Json<CounterResp>, StatusCode> {
    let new = EASY_FIX_COUNT.fetch_add(1, Ordering::SeqCst) + 1;
    Ok(Json(CounterResp { value: new }))
 }
 /// Shared application state passed to all route handlers.
 ///
 /// Contains the database connection pool and environment configuration.
-/// This is wrapped in Arc for thread-safe sharing across async tasks.
+/// This is wrapped in Arc for thread-safe sharing across async tasks and cloned into each route
 /// via `with_state`.
 ///
 /// # Fields
-/// - `db`: PostgreSQL connection pool for database access
+/// - `db`: PostgreSQL connection pool for database access (via `sqlx::PgPool`)
-/// - `env`: Configuration loaded from environment variables
+/// - `env`: [`Env`] configuration loaded from environment variables
 pub struct AppState {
    db: PgPool,
    env: Env,
@@ -73,15 +40,19 @@ pub struct AppState {
 ///
 /// Initializes the server by:
 /// 1. Loading environment variables from `.env` file
-/// 2. Establishing database connection pool
+/// 2. Establishing database connection pool to PostgreSQL
 /// 3. Configuring CORS policy for cross-origin requests
-/// 4. Starting HTTP server on port 8001
+/// 4. Creating the router with [`create_router`] containing all endpoints
 /// 5. Starting HTTP server on port 8001
 ///
 /// # Server Configuration
 /// - Binds to `0.0.0.0:8001` (all network interfaces)
 /// - Allows: GET, POST, PATCH, DELETE methods
 /// - Allows credentials and custom headers
-/// - CORS origin configured from environment
+/// - CORS origin configured from [`Env`]
 ///
 /// # State Setup
 /// Creates shared [`AppState`] wrapped in `Arc` and passes to all routes
 ///
 /// # Panics
 /// - If environment loading fails
@@ -93,7 +64,7 @@ async fn main() {
    let database_url = &env.db_url;
    // Establish connection pool to PostgreSQL
-    let pool = match PgPoolOptions::new().connect(&database_url).await {
+    let pool = match PgPoolOptions::new().connect(database_url).await {
        Ok(pool) => {
            println!("Database connection successful");
            pool
@@ -119,6 +90,7 @@ async fn main() {
    .layer(cors);
    // Start listening for incoming connections
-    let listener = tokio::net::TcpListener::bind("0.0.0.0:8001").await.unwrap();
+    let uri = format!("0.0.0.0:{}", env.backend_port);
    let listener = tokio::net::TcpListener::bind(&uri).await.unwrap();
    let _ = axum::serve(listener, app).await;
 }
--- a/backend/src/models.rs
+++ b/backend/src/models.rs
@@ -3,6 +3,7 @@ use serde::{Deserialize, Serialize};
 /// API response for a ticket with user information.
 ///
 /// Returned by ticket endpoints. Includes denormalized user data for easier frontend rendering.
 /// Created via [`TicketCreateScheme`].
 ///
 /// # Fields
 /// - `id`: Unique ticket identifier
@@ -12,7 +13,7 @@ use serde::{Deserialize, Serialize};
 /// - `room`: Room number associated with the issue
 /// - `status`: Current ticket status (e.g., "open", "in_progress", "resolved")
 /// - `date`: When the ticket was created (UTC timestamp)
-/// - `user_id`: ID of the user who created the ticket
+/// - `user_id`: ID of the user who created the ticket (references [`User`])
 /// - `user_first_name`, `user_last_name`: User's name (denormalized for convenience)
 ///
 /// # Example
@@ -47,7 +48,7 @@ pub struct TicketResponse {
 /// Complete user record from the database.
 ///
 /// Contains all user information including the password hash.
-/// This should NEVER be sent directly to clients - always use `FilteredUser` instead.
+/// This should NEVER be sent directly to clients - always use [`FilteredUser`] instead.
 ///
 /// # Fields
 /// - `id`: Unique user identifier
@@ -58,7 +59,7 @@ pub struct TicketResponse {
 ///
 /// # Security Note
 /// The `pwd` field contains the password hash and should never be included in API responses.
-/// Use `filter_user()` to convert to `FilteredUser` for responses.
+/// Use [`filter_user()`](`crate::handlers::auth::filter_user`) to convert to [`FilteredUser`] for responses.
 #[derive(Deserialize, Serialize, PartialEq, Debug, Clone, sqlx::FromRow)]
 pub struct User {
    pub id: i16,
@@ -72,7 +73,7 @@ pub struct User {
 /// Payload for creating a new ticket.
 ///
 /// Sent to `/api/tickets/create`. The backend automatically associates it with the
-/// authenticated user and sets the creation timestamp.
+/// authenticated user and sets the creation timestamp. Converted to [`TicketResponse`] for the response.
 ///
 /// # Fields
 /// - `category`: Ticket category/type
@@ -89,7 +90,7 @@ pub struct TicketCreateScheme {
 /// Payload for updating a ticket.
 ///
-/// Sent to `PATCH /api/tickets/{id}`. Currently only allows status updates.
+/// Sent to `PATCH /api/tickets/{id}`. Allows updating the ticket [`TicketResponse::status`].
 /// Only admins can update tickets.
 ///
 /// # Fields
@@ -102,10 +103,10 @@ pub struct TicketUpdateScheme {
 /// Payload for updating user information.
 ///
 /// Sent to `PATCH /api/users/{id}`. Allows updating profile and admin status.
-/// Only admins can update users. Empty password field means no password change.
+/// Only admins can update [`User`] records. Empty password field means no password change.
 ///
 /// # Fields
-/// - `id`: User ID to update
+/// - `id`: [`User`] ID to update
 /// - `first_name`, `last_name`: Updated user name
 /// - `username`: Updated login username
 /// - `make_admin`: New admin privilege status
@@ -123,7 +124,7 @@ pub struct UserUpdateScheme {
 /// Payload for creating a new user account.
 ///
 /// Used in both admin registration (`/api/register`) and initial setup (`/api/setup-admin`).
-/// The password is hashed server-side before storage using Argon2.
+/// The password is hashed server-side before storage using Argon2. Converted to [`User`] for storage.
 ///
 /// # Fields
 /// - `first_name`: User's first name
@@ -155,7 +156,7 @@ pub struct LoginScheme {
 /// User information sent to clients, excluding password hashes.
 ///
-/// This is the safe version of User data that gets returned in API responses.
+/// This is the safe version of [`User`] data that gets returned in API responses.
 /// It never includes the password hash or JWT claims. Always use this for responses
 /// to prevent leaking sensitive data.
 #[derive(Debug, Clone, Serialize)]
@@ -170,10 +171,10 @@ pub struct FilteredUser {
 /// JWT token claims embedded in the session token.
 ///
 /// Contains user identification and token validity information.
-/// Generated during login and verified by middleware on protected routes.
+/// Generated during login via `encode_token` and verified via `decode_token`.
 ///
 /// # Fields
-/// - `sub`: Subject - the user ID as a string
+/// - `sub`: Subject - the user ID as a string (references [`User`])
 /// - `issued`: Unix timestamp when token was created
 /// - `expires`: Unix timestamp when token expires (currently 1 hour from creation)
 ///
--- a/backend/src/router.rs
+++ b/backend/src/router.rs
@@ -8,43 +8,42 @@ use axum::{
 use crate::{
    AppState,
    cookie::validation::{validate_admin, validate_token},
    get_count,
    handlers::{
        auth::{
-            check_admin_exists, create_user, delete_user, get_current_user, get_user_by_id,
+            check_admin_exists, create_user, delete_user, get_current_user, get_user_by_id, get_users, login, logout,
-            get_users, login, logout, setup_initial_admin, update_user,
+            setup_initial_admin, update_user,
        },
        ticket::{create_ticket, delete_ticket, edit_ticket, get_ticket_by_id, get_tickets},
    },
    increment,
 };
 /// Creates the complete router with all API endpoints.
 ///
-/// The router is organized in layers for proper middleware application:
+/// The router is organized in layers for proper middleware application. Uses [`AppState`]
 /// for shared application context across all routes.
 ///
 /// ## Route Layers (from most to least restricted):
 ///
 /// ### Admin-Only Routes (requires admin privilege + valid token)
-/// - `GET /api/tickets/{id}` - Get specific ticket details
+/// - `GET /api/tickets/{id}` - Get specific ticket details (via `get_ticket_by_id`)
-/// - `DELETE /api/tickets/{id}` - Delete a ticket
+/// - `DELETE /api/tickets/{id}` - Delete a ticket (via `delete_ticket`)
-/// - `PATCH /api/tickets/{id}` - Update ticket status
+/// - `PATCH /api/tickets/{id}` - Update ticket status (via `edit_ticket`)
-/// - `POST /api/register` - Create a new user
+/// - `POST /api/register` - Create a new user (via `create_user`)
-/// - `GET /api/users` - List all users
+/// - `GET /api/users` - List all users (via `get_users`)
-/// - `GET /api/users/{id}` - Get user details
+/// - `GET /api/users/{id}` - Get user details (via `get_user_by_id`)
-/// - `DELETE /api/users/{id}` - Delete a user
+/// - `DELETE /api/users/{id}` - Delete a user (via `delete_user`)
-/// - `PATCH /api/users/{id}` - Update user details
+/// - `PATCH /api/users/{id}` - Update user details (via `update_user`)
 ///
 /// ### Protected Routes (requires valid token)
-/// - `GET /api/tickets` - List all tickets
+/// - `GET /api/tickets` - List all tickets (via `get_tickets`)
-/// - `POST /api/tickets/create` - Create a new ticket
+/// - `POST /api/tickets/create` - Create a new ticket (via `create_ticket`)
-/// - `GET /api/logout` - Logout user
+/// - `GET /api/logout` - Logout user (via `logout`)
-/// - `GET /api/users/current` - Get current authenticated user
+/// - `GET /api/users/current` - Get current authenticated user (via `get_current_user`)
 ///
 /// ### Public Routes (no authentication required)
-/// - `POST /api/login` - User login
+/// - `POST /api/login` - User login (via `login`)
-/// - `GET /api/check-admin` - Check if admin exists (for setup detection)
+/// - `GET /api/check-admin` - Check if admin exists (via `check_admin_exists`)
-/// - `POST /api/setup-admin` - Create initial admin account (only if no admin exists)
+/// - `POST /api/setup-admin` - Create initial admin account (via `setup_initial_admin`)
 ///
 /// # Middleware Stack
 /// - Admin routes have `validate_admin` middleware
@@ -75,7 +74,6 @@ pub fn create_router(state: Arc<AppState>) -> Router {
        .route("/api/tickets/create", post(create_ticket))
        .route("/api/logout", get(logout))
        .route("/api/users/current", get(get_current_user))
        .route("/api/count", get(get_count).post(increment))
        .layer(middleware::from_fn_with_state(
            state.clone(),
            validate_token,
--- a/data/compose.yaml
+++ b/data/compose.yaml
@@ -8,7 +8,7 @@ services:
    environment:
      - POSTGRES_PASSWORD=tickets
    volumes:
-      - pg_data:/var/lib/postregsql/pg_data
+      - pg_data:/var/lib/postgresql/pg_data
 volumes:
  pg_data:
--- a/frontend/Cargo.toml
+++ b/frontend/Cargo.toml
@@ -16,7 +16,8 @@ serde = { workspace = true }
 wasm-bindgen-futures = "0.4.70"
 web-sys = { version = "0.3.95", features = [
  "Window","Document","Request","Response","Headers", "HtmlSelectElement", "RequestCredentials",
-  "SubmitEvent","InputEvent","HtmlInputElement","Event", "HtmlFormElement", "MouseEvent"
+  "SubmitEvent","InputEvent","HtmlInputElement","Event", "HtmlFormElement", "MouseEvent",
  "Element", "MediaQueryList", "DomTokenList"
 ] }
 gloo-net = "0.7.0"
 gloo-storage = "0.4.0"
--- a/frontend/Trunk.toml
+++ b/frontend/Trunk.toml
@@ -1,6 +1,6 @@
 [serve]
 # The address to serve on LAN.
-addresses = ["127.0.0.1"]#, "192.168.178.56"] #,"10.150.9.116"]
+addresses = ["127.0.0.1"] #,"10.150.9.116"]
 # The address to serve on WAN.
 # address = "0.0.0.0"
 # The port to serve on.
--- a/frontend/src/auth.rs
+++ b/frontend/src/auth.rs
@@ -33,14 +33,14 @@ pub struct ProtectedRouteProps {
 /// A component that protects routes by enforcing authentication and optional administrator privileges.
 ///
-/// This component fetches the current user's authentication and admin status from the
+/// This component uses the backend's validation middleware by fetching the current user's authentication
-/// `/api/users/current` endpoint upon mounting. Based on the `AuthState` and the
+/// and admin status from the `/api/users/current` endpoint (which requires a valid JWT token).
-/// `admin_page` property, it either renders its children or redirects the user.
+/// Based on the [`AuthState`] and the `admin_page` property, it either renders its children or redirects the user.
 ///
 /// # Behavior
-/// - **Initial Load**: Displays "Loading..." while checking authentication status.
+/// - **Initial Load**: Displays "Loading..." while checking authentication status via the backend.
 /// - **Not Authenticated**: Redirects to the login page (`crate::Route::Login`).
-/// - **Authenticated**:
+/// - **Authenticated** (valid JWT token from backend):
 ///   - If `admin_page` is `true`:
 ///     - If the user is an administrator (`is_admin: Some(true)`), it renders `children`.
 ///     - If the user is not an administrator (`is_admin: Some(false)`), it redirects to
@@ -109,7 +109,7 @@ pub fn protected_route(props: &ProtectedRouteProps) -> Html {
        AuthState {
            is_authenticated: None,
            ..
-        } => html! { <div>{ "Loading..." } </div> },
+        } => html! { <div>{ "Lade..." } </div> },
        AuthState {
            is_authenticated: Some(false),
            ..
@@ -126,7 +126,7 @@ pub fn protected_route(props: &ProtectedRouteProps) -> Html {
                    Some(false) => {
                        html! { <Redirect<crate::Route> to={crate::Route::PermissionDenied}/> }
                    }
-                    None => html! { <div>{ "Checking permissions..." }</div> },
+                    None => html! { <div>{ "Berechtigungen werden geprüft..." }</div> },
                }
            } else {
                props.children.clone().into()
--- a/frontend/src/dark_mode.rs
+++ b/frontend/src/dark_mode.rs
@@ -0,0 +1,74 @@
 use gloo_storage::{LocalStorage, Storage};
 use web_sys::window;
 use yew::prelude::*;
 /// A persistent, floating toggle button to switch the user interface theme between Dark Mode and Light Mode.
 ///
 /// # Functionality
 /// 1. **System Preference Check**: If the user hasn't explicitly set a preference, detects the operating system theme 
 ///    preference using browser `match_media("(prefers-color-scheme: dark)")` query.
 /// 2. **Session Persistence**: Caches the selected theme choice under the `"dark-mode"` key in the browser's `LocalStorage` 
 ///    so that user preferences persist across page reloads.
 /// 3. **Dynamic Style Swapping**: Injects or removes the `.theme-dark` / `.theme-light` classes directly on the document 
 ///    `body` element, triggering the theme change via globally defined CSS variables.
 #[function_component(DarkModeToggle)]
 pub fn dark_mode_toggle() -> Html {
    // 1. Initialize state from LocalStorage or system preference
    let is_dark = use_state(|| {
        LocalStorage::get::<bool>("dark-mode").unwrap_or_else(|_| {
            // Fallback to system preference if not set
            window()
                .and_then(|w| w.match_media("(prefers-color-scheme: dark)").ok().flatten())
                .map(|m| m.matches())
                .unwrap_or(false)
        })
    });
    // 2. Synchronize the class on the body when the state changes
    {
        let is_dark = is_dark.clone();
        use_effect_with(is_dark, |is_dark| {
            if let Some(win) = window() {
                if let Some(doc) = win.document() {
                    if let Some(body) = doc.body() {
                        if **is_dark {
                            let _ = body.class_list().add_1("theme-dark");
                            let _ = body.class_list().remove_1("theme-light");
                            let _ = LocalStorage::set("dark-mode", true);
                        } else {
                            let _ = body.class_list().add_1("theme-light");
                            let _ = body.class_list().remove_1("theme-dark");
                            let _ = LocalStorage::set("dark-mode", false);
                        }
                    }
                }
            }
            || ()
        });
    }
    // 3. Toggle action
    let onclick = {
        let is_dark = is_dark.clone();
        Callback::from(move |_| {
            is_dark.set(!*is_dark);
        })
    };
    html! {
        <button class="dark-mode-toggle" {onclick}>
            if *is_dark {
                // Sun Icon for switching to light mode
                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                    <circle cx="12" cy="12" r="4"/>
                    <path d="M12 2v2M12 20v2M4.93 4.93l1.41 1.41M17.66 17.66l1.41 1.41M2 12h2M20 12h2M6.34 17.66l-1.41 1.41M19.07 4.93l-1.41 1.41"/>
                </svg>
            } else {
                // Moon Icon for switching to dark mode
                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                    <path d="M12 3a6 6 0 0 0 9 9 9 9 0 1 1-9-9Z"/>
                </svg>
            }
        </button>
    }
 }
--- a/frontend/src/lib.rs
+++ b/frontend/src/lib.rs
@@ -1,5 +1,6 @@
 mod auth;
 mod pages;
 mod dark_mode;
 use crate::auth::ProtectedRoute;
 use crate::pages::*;
 use gloo_net::http::Request;
@@ -10,7 +11,9 @@ use yew_router::prelude::*;
 /// Defines the application's various routes and their corresponding paths.
 ///
 /// This enum is used by `yew-router` to map URLs to specific components,
-/// enabling navigation within the single-page application.
+/// enabling navigation within the single-page application. Each route is protected
 /// by [`ProtectedRoute`] middleware where appropriate to enforce authentication and authorization.
 /// See [`switch`] for the routing logic.
 #[derive(Clone, PartialEq, Routable)]
 enum Route {
    /// The application's home page.
@@ -65,10 +68,17 @@ pub struct SidebarShellProps {
 /// A shell component that provides a consistent layout with a sidebar and a main content area.
 ///
 /// This component is designed to wrap page-specific content, ensuring that the sidebar
-/// is always present for navigation.
+/// is always present for navigation. Integrates with [`crate::pages::sidebar::Sidebar`] for navigation.
 ///
 /// # Mobile Support
 /// On mobile displays, the sidebar is hidden by default and can be toggled:
 /// - **Menu Toggle Button**: Renders a floating menu button to slide the sidebar open.
 /// - **Dark Mode Toggle**: Floating button to change theme.
 /// - **Overlay Backdrop**: Dims the screen when the sidebar is open. Clicking it closes the sidebar.
 /// - **Auto-Close on Navigation**: Automatically closes the sidebar when navigating to a new route.
 ///
 /// # Components
-/// - [`sidebar::Sidebar`]: The navigation sidebar component.
+/// - [`crate::pages::sidebar::Sidebar`]: The navigation sidebar component, accepting mobile open state.
 /// - Main content area: Renders the `children` passed to this component.
 ///
 /// # Example
@@ -81,9 +91,46 @@ pub struct SidebarShellProps {
 /// ```
 #[component(SidebarShell)]
 fn sidebar_shell(props: &SidebarShellProps) -> Html {
    let route = use_route::<Route>();
    let mobile_sidebar_open = use_state(|| false);
    // Close mobile sidebar automatically on any route transition
    {
        let mobile_sidebar_open = mobile_sidebar_open.clone();
        use_effect_with(route, move |_| {
            mobile_sidebar_open.set(false);
            || ()
        });
    }
    let on_open = {
        let mobile_sidebar_open = mobile_sidebar_open.clone();
        Callback::from(move |_: MouseEvent| mobile_sidebar_open.set(true))
    };
    let on_close = {
        let mobile_sidebar_open = mobile_sidebar_open.clone();
        Callback::from(move |_: ()| mobile_sidebar_open.set(false))
    };
    let on_close_click = {
        let on_close = on_close.clone();
        Callback::from(move |_: MouseEvent| on_close.emit(()))
    };
    html! {
        <div class="layout">
-            <sidebar::Sidebar/>
+            <button class="mobile-menu-toggle" onclick={on_open}>
                <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                    <line x1="4" x2="20" y1="12" y2="12"/>
                    <line x1="4" x2="20" y1="6" y2="6"/>
                    <line x1="4" x2="20" y1="18" y2="18"/>
                </svg>
            </button>
            <div class={if *mobile_sidebar_open { "sidebar-overlay open" } else { "sidebar-overlay" }} onclick={on_close_click}></div>
            <sidebar::Sidebar is_open={*mobile_sidebar_open} on_close={on_close} />
            <main class="content">
                { for props.children.iter() }
            </main>
@@ -91,7 +138,7 @@ fn sidebar_shell(props: &SidebarShellProps) -> Html {
    }
 }
-/// Props for the [AdminCheckWrapper] component.
+/// Props for the AdminCheckWrapper component.
 #[derive(Properties, PartialEq)]
 pub struct AdminCheckWrapperProps {
    pub children: Children,
@@ -101,11 +148,11 @@ pub struct AdminCheckWrapperProps {
 ///
 /// This component is used to gate access to pages that should only be accessible before
 /// system initialization (e.g., login page). It performs an asynchronous check to the
-/// `/api/check-admin` endpoint to determine system state.
+/// backend's `/api/check-admin` endpoint (via `crate::handlers::auth::check_admin_exists`) to determine system state.
 ///
 /// # Behavior
-/// - **Loading**: Displays "Loading..." while checking admin status
+/// - **Loading**: Displays "Loading..." while checking admin status from the backend
-/// - **No Admin**: Automatically redirects to `/setup` page to initialize
+/// - **No Admin**: Automatically redirects to [`Route::Setup`] page for initialization
 /// - **Admin Exists**: Renders the wrapped children (e.g., login page)
 ///
 /// # Example Usage
@@ -115,19 +162,9 @@ pub struct AdminCheckWrapperProps {
 /// </AdminCheckWrapper>
 /// ```
 ///
-/// # Implementation Detail
+/// # Backend Integration
-/// The check happens in `use_effect_with` on component mount:
+/// The check queries the backend's `/api/check-admin` endpoint which returns `{"has_admin": bool}`.
-/// ```ignore
+/// This allows the frontend to determine if initial admin setup is required.
 /// spawn_local(async move {
 ///     match Request::get("/api/check-admin").send().await {
 ///         Ok(resp) if resp.status() == 200 => {
 ///             let has_admin = data["has_admin"].as_bool().unwrap_or(false);
 ///             admin_exists.set(Some(has_admin));
 ///         }
 ///         _ => admin_exists.set(Some(false))
 ///     }
 /// });
 /// ```
 #[component(AdminCheckWrapper)]
 fn admin_check_wrapper(props: &AdminCheckWrapperProps) -> Html {
    let admin_exists = use_state(|| None::<bool>);
@@ -155,10 +192,10 @@ fn admin_check_wrapper(props: &AdminCheckWrapperProps) -> Html {
    }
    match *admin_exists {
-        None => html! { <div>{ "Loading..." }</div> },
+        None => html! { <div>{ "Lade..." }</div> },
        Some(false) => {
            navigator.push(&Route::Setup);
-            html! { <div>{ "Redirecting to setup..." }</div> }
+            html! { <div>{ "Leite weiter zur Einrichtung..." }</div> }
        }
        Some(true) => props.children.clone().into(),
    }
@@ -166,18 +203,24 @@ fn admin_check_wrapper(props: &AdminCheckWrapperProps) -> Html {
 /// The main routing logic for the application.
 ///
-/// This function takes a [Route] enum variant and returns the corresponding HTML
+/// This function takes a [`Route`] enum variant and returns the corresponding HTML
 /// content to be rendered. It acts as a central dispatcher for the application's
-/// navigation.
+/// navigation and authentication flow.
 ///
-/// Many routes are wrapped in a [`ProtectedRoute`] to enforce authentication
+/// Most routes are wrapped in [`ProtectedRoute`] to enforce authentication
-/// and authorization, and in a [`SidebarShell`] to maintain consistent layout.
+/// and authorization based on the `admin_page` flag, and in [`SidebarShell`] to maintain consistent layout.
 /// Login and Setup routes use [`AdminCheckWrapper`] instead to handle pre-authentication states.
 ///
 /// # Arguments
 /// - `route`: The [`Route`] enum variant representing the current URL path.
 ///
 /// # Returns
 /// An `Html` component that should be rendered for the given route.
 ///
 /// # Route Protection
 /// - **Admin-required routes** (`admin_page={true}`): Require both authentication and admin privileges
 /// - **Public routes** (`admin_page={false}`): Require only authentication
 /// - **Pre-auth routes** (`AdminCheckWrapper`): Used before admin creation or login
 fn switch(route: Route) -> Html {
    match route {
        Route::Home => html! {
@@ -260,15 +303,20 @@ fn switch(route: Route) -> Html {
 ///
 /// This component sets up the application's routing using `yew-router`'s
 /// `BrowserRouter` and `Switch` components. All other application content
-/// is rendered based on the current route.
+/// is rendered based on the current [`Route`] matched by the `switch` function.
 ///
 /// Uses [`switch`] as the routing dispatcher to handle all route-specific rendering,
 /// which applies appropriate middleware like [`ProtectedRoute`] and [`AdminCheckWrapper`].
 ///
 /// # Structure
 /// - `BrowserRouter`: Enables client-side routing.
-/// - `Switch`: Renders components based on the matched [Route].
+/// - `Switch`: Renders components based on the matched [`Route`].
 /// - `switch` function: Determines which component to render for each route.
 #[component(App)]
 pub fn app() -> Html {
    html! {
        <BrowserRouter>
            <dark_mode::DarkModeToggle />
            <Switch<Route> render={switch} />
        </BrowserRouter>
    }
--- a/frontend/src/pages/basic_pages.rs
+++ b/frontend/src/pages/basic_pages.rs
@@ -3,8 +3,30 @@ use wasm_bindgen_futures::spawn_local;
 use yew::prelude::*;
 use yew_router::prelude::*;
 /// A macro for dequoting a Json value returned from the backend
 #[macro_export]
 /// Removes surrounding double quotes from a string.
 ///
 /// This macro takes an expression that evaluates to a string and returns a new `String`
 /// with any leading or trailing double quotes removed. It's useful for cleaning up
 /// string data that might be inadvertently wrapped in quotes, such as JSON string values.
 ///
 /// # Arguments
 ///
 /// * `$str`: An expression that can be converted into a string slice (`&str`).
 ///
 /// # Examples
 ///
 /// ```rust
 /// use your_crate::dequote; // Assuming `dequote` is re-exported or in scope
 ///
 /// let quoted_string = "\"hello world\"";
 /// let dequoted_string = dequote!(quoted_string);
 /// assert_eq!(dequoted_string, "hello world");
 ///
 /// let already_clean = "no quotes";
 /// let dequoted_clean = dequote!(already_clean);
 /// assert_eq!(dequoted_clean, "no quotes");
 /// ```
 macro_rules! dequote {
    ($str:expr) => {
        $str.trim_matches('"').to_string()
@@ -50,7 +72,7 @@ pub fn home_component() -> Html {
                        );
                        name.set(name_value);
                    }
-                    _ => name.set("Unknown".to_string()),
+                    _ => name.set("Unbekannt".to_string()),
                }
            });
            || ()
@@ -60,11 +82,11 @@ pub fn home_component() -> Html {
    html! {
        <div class="form-container home">
            <div class="page-header">
-                <h1>{ "Welcome" }</h1>
+                <h1>{ "Willkommen" }</h1>
            </div>
            <crate::utilities::TicketCount/>
            <div>
-                <p>{ "You are logged in as: " }</p>
+                <p>{ "Sie sind angemeldet als: " }</p>
                <p class="text-muted">{ &*name }</p>
            </div>
        </div>
@@ -84,13 +106,13 @@ pub fn home_component() -> Html {
 /// ```
 #[component(NotFound)]
 pub fn not_found_component() -> Html {
-    let message = "404 Not found";
+    let message = "404 Nicht gefunden";
    html! {
        <div class="form-container">
            <div class="empty-state">
                <h1>{&message}</h1>
-                <p>{ "The page you are looking for does not exist." }</p>
+                <p>{ "Die von Ihnen gesuchte Seite existiert nicht." }</p>
-                <Link<crate::Route> to={crate::Route::Home}>{ "Back to Home" }</Link<crate::Route>>
+                <Link<crate::Route> to={crate::Route::Home}>{ "Zurück zur Startseite" }</Link<crate::Route>>
            </div>
        </div>
    }
@@ -98,6 +120,10 @@ pub fn not_found_component() -> Html {
 /// A component displayed when a user attempts to access a page for which they do not have sufficient permissions.
 ///
 /// It informs the user about the access restriction and provides instructions to contact
 /// a specific person ("Herr Winter") if they believe this is an error.
 /// It also includes a link to return to the home page.
 ///
 /// # Example
 /// ```rust
 /// html! {
@@ -109,10 +135,10 @@ pub fn denied_component() -> Html {
    html! {
        <div class="form-container">
            <div class="empty-state">
-                <h1>{ "Access Denied" }</h1>
+                <h1>{ "Zugriff verweigert" }</h1>
                <p>{ "Sie haben nicht die benötigten Rechte um diese Seite aufzurufen" }</p>
                <p class="text-muted">{ "Wenn sie denken, dass dies ein Fehler ist kontaktieren sie Herrn Winter" }</p>
-                <Link<crate::Route> to={crate::Route::Home}>{ "Back to Home" }</Link<crate::Route>>
+                <Link<crate::Route> to={crate::Route::Home}>{ "Zurück zur Startseite" }</Link<crate::Route>>
            </div>
        </div>
    }
--- a/frontend/src/pages/setup.rs
+++ b/frontend/src/pages/setup.rs
@@ -29,7 +29,7 @@ pub struct AdminSetupScheme {
 /// a form to create the first admin user. Key functionality:
 ///
 /// - **Admin Check**: On mount, verifies if an admin already exists by calling `/api/check-admin`.
-///   If an admin is found, the user is redirected to the login page (`crate::Route::Login`).
+///   If an admin is found, the user is redirected to the login page ([`crate::Route::Login`]).
 /// - **Form Fields**: Collects `first_name`, `last_name`, `username`, `password`, and `confirm_password`.
 /// - **Form Validation**:
 ///   - Ensures password fields are not empty.
@@ -67,7 +67,7 @@ pub fn initial_admin_setup() -> Html {
    let username = use_state(|| "".to_string());
    let pwd = use_state(|| "".to_string());
    let pwd_confirm = use_state(|| "".to_string());
-    let error = use_state(|| String::new());
+    let error = use_state(String::new);
    let success = use_state(|| false);
    let loading = use_state(|| false);
    let admin_check_done = use_state(|| false);
@@ -103,7 +103,7 @@ pub fn initial_admin_setup() -> Html {
    }
    if !*admin_check_done {
-        return html! { <div>{ "Checking..." }</div> };
+        return html! { <div>{ "Wird überprüft..." }</div> };
    }
    let onsubmit = {
@@ -121,17 +121,17 @@ pub fn initial_admin_setup() -> Html {
            e.prevent_default();
            if (*pwd).is_empty() || (*pwd_confirm).is_empty() {
-                error.set("Password fields cannot be empty".to_string());
+                error.set("Passwortfelder dürfen nicht leer sein".to_string());
                return;
            }
            if *pwd != *pwd_confirm {
-                error.set("Passwords do not match".to_string());
+                error.set("Passwörter stimmen nicht überein".to_string());
                return;
            }
            if (*username).is_empty() {
-                error.set("Username cannot be empty".to_string());
+                error.set("Benutzername darf nicht leer sein".to_string());
                return;
            }
@@ -175,7 +175,7 @@ pub fn initial_admin_setup() -> Html {
                        let text = r.text().await.unwrap_or_else(|_| "unknown".into());
                        error.set(format!("HTTP {}: {}", r.status(), text));
                    }
-                    Err(err) => error.set(format!("Network error: {}", err)),
+                    Err(err) => error.set(format!("Netzwerkfehler: {}", err)),
                }
            });
        })
@@ -184,16 +184,16 @@ pub fn initial_admin_setup() -> Html {
    html! {
        <div class="setup-container">
            <div class="setup-box">
-                <h1>{ "Initial Admin Setup" }</h1>
+                <h1>{ "Erstmalige Admin-Einrichtung" }</h1>
-                <p>{ "Create your first administrator account" }</p>
+                <p>{ "Erstellen Sie Ihr erstes Administrator-Konto" }</p>
                <form {onsubmit} class="setup-form">
                    <div class="form-group">
-                        <label for="first_name">{ "First Name:" }
+                        <label for="first_name">{ "Vorname:" }
                            <input
                                id="first_name"
                                type="text"
-                                placeholder="First name"
+                                placeholder="Vorname"
                                value={(*first_name).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
                                    let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -204,11 +204,11 @@ pub fn initial_admin_setup() -> Html {
                    </div>
                    <div class="form-group">
-                        <label for="last_name">{ "Last Name:" }
+                        <label for="last_name">{ "Nachname:" }
                            <input
                                id="last_name"
                                type="text"
-                                placeholder="Last name"
+                                placeholder="Nachname"
                                value={(*last_name).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
                                    let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -219,11 +219,11 @@ pub fn initial_admin_setup() -> Html {
                    </div>
                    <div class="form-group">
-                        <label for="username">{ "Username:" }
+                        <label for="username">{ "Benutzername:" }
                            <input
                                id="username"
                                type="text"
-                                placeholder="Username"
+                                placeholder="Benutzername"
                                value={(*username).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
                                    let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -234,11 +234,11 @@ pub fn initial_admin_setup() -> Html {
                    </div>
                    <div class="form-group">
-                        <label for="password">{ "Password:" }
+                        <label for="password">{ "Passwort:" }
                            <input
                                id="password"
                                type="password"
-                                placeholder="Password"
+                                placeholder="Passwort"
                                value={(*pwd).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
                                    let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -249,11 +249,11 @@ pub fn initial_admin_setup() -> Html {
                    </div>
                    <div class="form-group">
-                        <label for="pwd_confirm">{ "Confirm Password:" }
+                        <label for="pwd_confirm">{ "Passwort bestätigen:" }
                            <input
                                id="pwd_confirm"
                                type="password"
-                                placeholder="Confirm password"
+                                placeholder="Passwort bestätigen"
                                value={(*pwd_confirm).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
                                    let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -264,7 +264,7 @@ pub fn initial_admin_setup() -> Html {
                    </div>
                    <button type="submit" disabled={*loading} class="submit-btn">
-                        { if *loading { "Creating..." } else { "Create Admin Account" } }
+                        { if *loading { "Wird erstellt..." } else { "Admin-Konto erstellen" } }
                    </button>
                    if !error.is_empty() {
@@ -272,7 +272,7 @@ pub fn initial_admin_setup() -> Html {
                    }
                    if *success {
-                        <p class="success-message" style="color:green">{ "Admin account created successfully! Redirecting to login..." }</p>
+                        <p class="success-message" style="color:green">{ "Admin-Konto erfolgreich erstellt! Weiterleitung zum Login..." }</p>
                    }
                </form>
            </div>
--- a/frontend/src/pages/sidebar.rs
+++ b/frontend/src/pages/sidebar.rs
@@ -7,6 +7,11 @@ use wasm_bindgen_futures::spawn_local;
 use yew::prelude::*;
 use yew_router::prelude::*;
 /// The key used to store and retrieve the sidebar's expansion state in `LocalStorage`.
 ///
 /// This constant ensures consistency when accessing the stored state across different
 /// parts of the application. The value associated with this key in `LocalStorage`
 /// will be a serialized [`SidebarExpandState`] object.
 const STORAGE_KEY: &str = "sidebar_state";
 /// Represents the expansion state of collapsible menus within the sidebar.
@@ -128,7 +133,7 @@ pub fn sidebar_state_provider(props: &SidebarProps) -> Html {
        Callback::from(move |v: bool| {
            state.set(SidebarExpandState {
                ticket_open: v,
-                users_open: (*state).users_open,
+                users_open: state.users_open,
            })
        })
    };
@@ -136,10 +141,10 @@ pub fn sidebar_state_provider(props: &SidebarProps) -> Html {
    let toggle_tickets = {
        let state = state.clone();
        Callback::from(move |_| {
-            let current = (*state).ticket_open;
+            let current = state.ticket_open;
            state.set(SidebarExpandState {
                ticket_open: !current,
-                users_open: (*state).users_open,
+                users_open: state.users_open,
            });
        })
    };
@@ -148,7 +153,7 @@ pub fn sidebar_state_provider(props: &SidebarProps) -> Html {
        let state = state.clone();
        Callback::from(move |v: bool| {
            state.set(SidebarExpandState {
-                ticket_open: (*state).ticket_open,
+                ticket_open: state.ticket_open,
                users_open: v,
            })
        })
@@ -157,9 +162,9 @@ pub fn sidebar_state_provider(props: &SidebarProps) -> Html {
    let toggle_users = {
        let state = state.clone();
        Callback::from(move |_| {
-            let current = (*state).users_open;
+            let current = state.users_open;
            state.set(SidebarExpandState {
-                ticket_open: (*state).ticket_open,
+                ticket_open: state.ticket_open,
                users_open: !current,
            });
        })
@@ -229,10 +234,10 @@ pub fn ticket_menu() -> Html {
                    html! {
                        <ul class="submenu" role="menu">
                            <li role="none">
-                                <Link<crate::Route> to={crate::Route::Ticket}><span role="menuitem">{ "Submit Ticket" }</span></Link<crate::Route>>
+                                <Link<crate::Route> to={crate::Route::Ticket}><span role="menuitem">{ "Ticket erstellen" }</span></Link<crate::Route>>
                            </li>
                            <li role="none">
-                                <Link<crate::Route> to={crate::Route::AllTickets}><span role="menuitem">{ "View Tickets" }</span></Link<crate::Route>>
+                                <Link<crate::Route> to={crate::Route::AllTickets}><span role="menuitem">{ "Tickets anzeigen" }</span></Link<crate::Route>>
                            </li>
                        </ul>
                    }
@@ -284,7 +289,7 @@ pub fn users_menu() -> Html {
                onclick={on_toggle}
                aria-expanded={open.to_string()}
            >
-                { "Users" }
+                { "Benutzer" }
                { if open { " ▾" } else { " ▸" } }
            </button>
@@ -293,10 +298,10 @@ pub fn users_menu() -> Html {
                    html! {
                        <ul class="submenu" role="menu">
                            <li role="none">
-                                <Link<crate::Route> to={crate::Route::Register}><span role="menuitem">{ "Create User" }</span></Link<crate::Route>>
+                                <Link<crate::Route> to={crate::Route::Register}><span role="menuitem">{ "Benutzer erstellen" }</span></Link<crate::Route>>
                            </li>
                            <li role="none">
-                                <Link<crate::Route> to={crate::Route::AllUsers}><span role="menuitem">{ "View Users" }</span></Link<crate::Route>>
+                                <Link<crate::Route> to={crate::Route::AllUsers}><span role="menuitem">{ "Benutzer anzeigen" }</span></Link<crate::Route>>
                            </li>
                        </ul>
                    }
@@ -314,6 +319,11 @@ pub fn users_menu() -> Html {
 /// and administrative status. It fetches the current user's details via `/api/users/current`
 /// to determine what menu items to display.
 ///
 /// # Mobile Support
 /// On small screens:
 /// - Slides into view from the left when `props.is_open` is `true`.
 /// - Renders a close button (`✕`) in the header that emits `props.on_close`.
 ///
 /// # Structure
 /// - Wraps its content in a [`SidebarStateProvider`] to allow nested menus to manage their state.
 /// - Contains a navigation (`<nav>`) element with an unordered list (`<ul>`) of menu items.
@@ -332,8 +342,22 @@ pub fn users_menu() -> Html {
 /// # Logout Functionality
 /// The "Logout" button sends a GET request to `/api/logout`, clears the user's session,
 /// and then redirects the user to the login page (`crate::Route::Login`).
 /// Properties for the [`Sidebar`] component.
 ///
 /// These properties enable managing and controlling the responsive mobile sidebar
 /// layout and its visibility settings.
 #[derive(Properties, PartialEq)]
 pub struct SidebarComponentProps {
    /// A boolean flag indicating whether the mobile sidebar is currently slid open (`true`) or hidden (`false`).
    #[prop_or_default]
    pub is_open: bool,
    /// A callback emitted when the user requests to close/hide the mobile sidebar.
    #[prop_or_default]
    pub on_close: Callback<()>,
 }
 #[component(Sidebar)]
-pub fn sidebar() -> Html {
+pub fn sidebar(props: &SidebarComponentProps) -> Html {
    let is_admin = use_state(|| None::<bool>);
    let navigator = use_navigator().expect("Sidebar must be used within a Router");
@@ -374,34 +398,65 @@ pub fn sidebar() -> Html {
    };
    match *is_admin {
-        None => html! { <div class="sidebar-loading">{ "Loading..." }</div> },
+        None => html! { <div class="sidebar-loading">{ "Lade..." }</div> },
        // Non-admin: render a condensed user sidebar (no diagnostics, limited links)
-        Some(false) => html! {
+        Some(false) => {
            let on_close = props.on_close.clone();
            html! {
                <SidebarStateProvider>
-                <nav class="sidebar user">
+                    <nav class={if props.is_open { "sidebar user open" } else { "sidebar user" }}>
                        <ul>
-                        <Link<crate::Route> to={crate::Route::Home}>{ "󰟒" }</Link<crate::Route>>
+                            <li class="sidebar-header">
                                <Link<crate::Route> to={crate::Route::Home} classes="home">
                                    <svg xmlns="http://www.w3.org/2000/svg" class="home-svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                                        <path d="m3 9 9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"/>
                                        <polyline points="9 22 9 12 15 12 15 22"/>
                                    </svg>
                                </Link<crate::Route>>
                                <button class="sidebar-close" onclick={move |_| on_close.emit(())}>
                                    <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                                        <line x1="18" y1="6" x2="6" y2="18"/>
                                        <line x1="6" y1="6" x2="18" y2="18"/>
                                    </svg>
                                </button>
                            </li>
                            <TicketMenu/>
                            <li class="logout-item">
                                <button
                                    class="logout-button"
                                    onclick={on_logout.clone()}
                                >
-                                { "Logout" }
+                                    { "Abmelden" }
                                </button>
                            </li>
                        </ul>
                    </nav>
                </SidebarStateProvider>
            }
        },
        // Admin: full sidebar wrapped in provider so submenu state persists
-        Some(true) => html! {
+        Some(true) => {
            let on_close = props.on_close.clone();
            html! {
                <SidebarStateProvider>
-                <nav class="sidebar admin">
+                    <nav class={if props.is_open { "sidebar admin open" } else { "sidebar admin" }}>
                        <ul>
-                        <Link<crate::Route> to={crate::Route::Home}>{ "󰟒" }</Link<crate::Route>>
+                            <li class="sidebar-header">
                                <Link<crate::Route> to={crate::Route::Home} classes="home">
                                    <svg xmlns="http://www.w3.org/2000/svg" class="home-svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                                        <path d="m3 9 9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"/>
                                        <polyline points="9 22 9 12 15 12 15 22"/>
                                    </svg>
                                </Link<crate::Route>>
                                <button class="sidebar-close" onclick={move |_| on_close.emit(())}>
                                    <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
                                        <line x1="18" y1="6" x2="6" y2="18"/>
                                        <line x1="6" y1="6" x2="18" y2="18"/>
                                    </svg>
                                </button>
                            </li>
                            <TicketMenu/>
                            <UsersMenu/>
                            <Link<crate::Route> to={crate::Route::Diagnostics}>{ "Statistiken" }</Link<crate::Route>>
@@ -411,12 +466,13 @@ pub fn sidebar() -> Html {
                                    class="logout-button"
                                    onclick={on_logout.clone()}
                                >
-                                { "Logout" }
+                                    { "Abmelden" }
                                </button>
                            </li>
                        </ul>
                    </nav>
                </SidebarStateProvider>
            }
        },
    }
 }
--- a/frontend/src/pages/ticket.rs
+++ b/frontend/src/pages/ticket.rs
@@ -169,31 +169,6 @@ pub fn submit_ticket_component() -> Html {
    let valid_rooms: HashSet<i16> = VALID_ROOMS.iter().copied().collect();
    {
        let message = "Bevor sie zum Support weitergeleitet werden prüfen sie ob: 
 - Ob das Problem durch Neustarten gelößt wird 
 - Ob sie die richtigen Anmeldedaten genutzt habem 
 - Alle notwendigen Kabel eingesteckt sind
 Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
            .to_string();
        use_effect(move || {
            if let Some(win) = web_sys::window() {
                let _ = if win.confirm_with_message(&message).unwrap() {
                } else {
                    spawn_local(async move {
                        let _ = Request::post("/api/count")
                            .credentials(web_sys::RequestCredentials::Include)
                            .send()
                            .await;
                    });
                    let _ = win.location().set_href("/");
                };
            }
            || ()
        });
    }
    let onsubmit = {
        let category = category.clone();
        let betreff = betreff.clone();
@@ -205,7 +180,7 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
        Callback::from(move |e: SubmitEvent| {
            e.prevent_default();
            if room.is_none() {
-                status.set(Some("Invalid room".into()));
+                status.set(Some("Ungültiger Raum".into()));
                return;
            }
            let category = (*category).clone();
@@ -213,7 +188,7 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
            let description = (*description).clone();
            let room = room.unwrap();
            if !valid_rooms.contains(&room) {
-                status.set(Some("Room not allowed".into()));
+                status.set(Some("Raum nicht erlaubt".into()));
                return;
            }
            let status = status.clone();
@@ -233,9 +208,11 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
                    .expect("Failed to build request");
                match request.send().await {
-                    Ok(response) if response.status() == 200 => status.set(Some("Success".into())),
+                    Ok(response) if response.status() == 200 => {
-                    Ok(response) => status.set(Some(format!("Error: {}", response.status()))),
+                        status.set(Some("Erfolgreich".into()))
-                    Err(err) => status.set(Some(format!("Network error: {}", err))),
+                    }
                    Ok(response) => status.set(Some(format!("Fehler: {}", response.status()))),
                    Err(err) => status.set(Some(format!("Netzwerkfehler: {}", err))),
                }
            });
        })
@@ -290,10 +267,7 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
                        Err(_) => None,
                    }
                } else {
-                    match raw_trim.parse::<i16>() {
+                    raw_trim.parse::<i16>().ok()
                        Ok(n) => Some(n),
                        Err(_) => None,
                    }
                }
            };
@@ -314,7 +288,7 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
    html! {
        <div class="form-container">
            <div class="page-header">
-                <h1>{ "Create Ticket" }</h1>
+                <h1>{ "Ticket erstellen" }</h1>
            </div>
            <form {onsubmit}>
                <label>{ "Betreff:" }
@@ -328,7 +302,7 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
                        <option value="Whiteboard Beamer">{ "Whiteboard Beamer" }</option>
                        <option value="Internet">{ "Internet" }</option>
                        <option value="iPad Koffer">{ "iPad Koffer" }</option>
-                        <option value="Apple TV">{ "Apple TV" }</option>
+                        <option value="Apple TV" selected=true>{ "Apple TV" }</option>
                        <option value="Docu Cam">{ "Dokumenten Kamera" }</option>
                        <option value="Sonstiges">{ "Sonstiges" }</option>
                    </select>
@@ -345,9 +319,9 @@ Wenn es funktioniert hat klicken sie bitte \"Abbrechen\""
                        html! {}
                    }
                }
-                <button type="submit">{ "Send" }</button>
+                <button type="submit">{ "Absenden" }</button>
-                <Link<crate::Route> to={crate::Route::AllTickets}>{ "View All Tickets" }</Link<crate::Route>>
+                <Link<crate::Route> to={crate::Route::AllTickets}>{ "Alle Tickets anzeigen" }</Link<crate::Route>>
                {
                    if let Some(s) = &*status {
@@ -422,7 +396,7 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                        if status == 200 {
                            match response.json::<Ticket>().await {
                                Ok(t) => ticket.set(Some(t)),
-                                Err(err) => error.set(Some(format!("Parse error: {}", err))),
+                                Err(err) => error.set(Some(format!("Parser-Fehler: {}", err))),
                            }
                        } else {
                            match response.json::<ApiError>().await {
@@ -431,13 +405,13 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                                    if let Ok(text) = response.text().await {
                                        error.set(Some(text));
                                    } else {
-                                        error.set(Some(format!("Server error: {}", status)));
+                                        error.set(Some(format!("Server-Fehler: {}", status)));
                                    }
                                }
                            }
                        }
                    }
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                loading.set(false);
            });
@@ -446,7 +420,6 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
    }
    let onsubmit = {
        let status = status.clone();
        let id = id.clone();
        let error = error.clone();
        Callback::from(move |e: SubmitEvent| {
@@ -462,7 +435,6 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                .unwrap_or_else(|| (*status).clone());
            status.set(new_status.clone());
            let id = id.clone();
            let error = error.clone();
            spawn_local(async move {
@@ -474,9 +446,11 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                    .expect("Failed to construct request");
                match request.send().await {
-                    Ok(response) if response.status() == 200 => error.set(Some("Success".into())),
+                    Ok(response) if response.status() == 200 => {
-                    Ok(response) => error.set(Some(format!("Error: {}", response.status()))),
+                        error.set(Some("Erfolgreich".into()))
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    }
                    Ok(response) => error.set(Some(format!("Fehler: {}", response.status()))),
                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
            });
        })
@@ -489,7 +463,6 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
        let deleting = deleting.clone();
        let delete_error = delete_error.clone();
        let ticket_state = ticket.clone();
        let id = id;
        Callback::from(move |e: MouseEvent| {
            e.prevent_default();
@@ -518,10 +491,10 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                        ticket_state.set(None); // clears the shown item
                    }
                    Ok(resp) => {
-                        let txt = resp.text().await.unwrap_or_else(|_| "Unknown".into());
+                        let txt = resp.text().await.unwrap_or_else(|_| "unbekannt".into());
                        delete_error.set(Some(format!("HTTP {}: {}", resp.status(), txt)));
                    }
-                    Err(err) => delete_error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => delete_error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                deleting.set(false);
            });
@@ -529,9 +502,9 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
    };
    if *loading {
-        html! {<p>{ "Loading" }</p>}
+        html! {<p>{ "Lade..." }</p>}
    } else if let Some(e) = &*error {
-        html! { <p>{ format!("Error: {}", e) }</p> }
+        html! { <p class="alert error">{ format!("Fehler: {}", e) }</p> }
    } else if let Some(t) = &*ticket {
        html! {
            <div>
@@ -564,18 +537,18 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
                    <button type="submit">{ "Aktualisieren" }</button>
                </form>
-                <button onclick={ondelete} disabled={*deleting}>
+                <button onclick={ondelete} disabled={*deleting} class="delete">
                    {if *deleting {"Löschen..."} else {"Löschen"}}
                </button>
-                <Link<crate::Route> to={crate::Route::AllTickets}>{ "Zurück zur Ticketübersicht" }</Link<crate::Route>>
+                <Link<crate::Route> to={crate::Route::AllTickets} classes="return-to">{ "Zurück zur Ticketübersicht" }</Link<crate::Route>>
                if let Some(err) = &*delete_error {
-                    <p style="color:red">{ err.clone() }</p>
+                    <p class="alert error">{ err.clone() }</p>
                }
            </div>
        }
    } else {
-        html! { <p>{ "No ticket found." }</p> }
+        html! { <p>{ "Kein Ticket gefunden." }</p> }
    }
 }
@@ -614,7 +587,7 @@ pub fn ticket_by_id_component(props: &TicketProps) -> Html {
 /// ```
 #[component(AllTickets)]
 pub fn all_tickets_component() -> Html {
-    let tickets = use_state(|| Vec::<Ticket>::new());
+    let tickets = use_state(Vec::<Ticket>::new);
    let error = use_state(|| None::<String>);
    let loading = use_state(|| false);
    let user = use_state(|| ActiveUser {
@@ -630,22 +603,22 @@ pub fn all_tickets_component() -> Html {
        use_effect_with((), move |_| {
            loading.set(true);
            spawn_local(async move {
-                let url = format!("/api/tickets");
+                let url = "/api/tickets".to_string();
                match Request::get(&url).send().await {
                    Ok(response) if response.status() == 200 => {
                        match response.json::<Vec<Ticket>>().await {
                            Ok(t) => tickets.set(t),
-                            Err(e) => error.set(Some(format!("parse error: {}", e))),
+                            Err(e) => error.set(Some(format!("Parser-Fehler: {}", e))),
                        }
                    }
                    Ok(response) => {
                        if let Ok(text) = response.text().await {
                            error.set(Some(text));
                        } else {
-                            error.set(Some(format!("status {}", response.status())));
+                            error.set(Some(format!("Status {}", response.status())));
                        }
                    }
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                loading.set(false);
            });
@@ -662,9 +635,9 @@ pub fn all_tickets_component() -> Html {
                    .credentials(web_sys::RequestCredentials::Include)
                    .send()
                    .await
                    && response.status() == 200
                    && let Ok(json) = response.json::<serde_json::Value>().await
                {
                    if response.status() == 200 {
                        if let Ok(json) = response.json::<serde_json::Value>().await {
                    let id = json
                        .get("data")
                        .and_then(|d| d.get("id"))
@@ -677,22 +650,20 @@ pub fn all_tickets_component() -> Html {
                        .unwrap_or(false);
                    user.set(ActiveUser { id, is_admin });
                }
                    }
                }
            });
            || ()
        });
    }
    if *loading {
-        html! {<p>{ "Loading" }</p>}
+        html! {<p>{ "Lade..." }</p>}
    } else if let Some(e) = &*error {
-        html! { <p>{ format!("Error: {}", e) }</p> }
+        html! { <p class="alert error">{ format!("Fehler: {}", e) }</p> }
    } else {
        html! {
            <div>
                <div class="page-header">
-                    <h1>{ "All Tickets" }</h1>
+                    <h1>{ "Alle Tickets" }</h1>
                </div>
                <ul class="ticket-list">
                { for tickets.iter().filter(|t| t.status != "Archived" && (if user.is_admin { true } else if let Some(uid) = user.id { t.user_id == uid } else { false })).map(|t| {
@@ -754,7 +725,7 @@ pub fn all_tickets_component() -> Html {
 /// ```
 #[component(ArchivedTickets)]
 pub fn archived_tickets_component() -> Html {
-    let tickets = use_state(|| Vec::<Ticket>::new());
+    let tickets = use_state(Vec::<Ticket>::new);
    let error = use_state(|| None::<String>);
    let loading = use_state(|| false);
    let user = use_state(|| ActiveUser {
@@ -770,22 +741,22 @@ pub fn archived_tickets_component() -> Html {
        use_effect_with((), move |_| {
            loading.set(true);
            spawn_local(async move {
-                let url = format!("/api/tickets");
+                let url = "/api/tickets".to_string();
                match Request::get(&url).send().await {
                    Ok(response) if response.status() == 200 => {
                        match response.json::<Vec<Ticket>>().await {
                            Ok(t) => tickets.set(t),
-                            Err(e) => error.set(Some(format!("parse error: {}", e))),
+                            Err(e) => error.set(Some(format!("Parser-Fehler: {}", e))),
                        }
                    }
                    Ok(response) => {
                        if let Ok(text) = response.text().await {
                            error.set(Some(text));
                        } else {
-                            error.set(Some(format!("status {}", response.status())));
+                            error.set(Some(format!("Status {}", response.status())));
                        }
                    }
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                loading.set(false);
            });
@@ -802,9 +773,9 @@ pub fn archived_tickets_component() -> Html {
                    .credentials(web_sys::RequestCredentials::Include)
                    .send()
                    .await
                    && response.status() == 200
                    && let Ok(json) = response.json::<serde_json::Value>().await
                {
                    if response.status() == 200 {
                        if let Ok(json) = response.json::<serde_json::Value>().await {
                    let id = json
                        .get("data")
                        .and_then(|d| d.get("id"))
@@ -817,17 +788,15 @@ pub fn archived_tickets_component() -> Html {
                        .unwrap_or(false);
                    user.set(ActiveUser { id, is_admin });
                }
                    }
                }
            });
            || ()
        });
    }
    if *loading {
-        html! {<p>{ "Loading" }</p>}
+        html! {<p>{ "Lade..." }</p>}
    } else if let Some(e) = &*error {
-        html! { <p>{ format!("Error: {}", e) }</p> }
+        html! { <p class="alert error">{ format!("Fehler: {}", e) }</p> }
    } else {
        html! {
            <div>
--- a/frontend/src/pages/user.rs
+++ b/frontend/src/pages/user.rs
@@ -1,3 +1,4 @@
 use crate::dequote;
 use gloo_net::http::Request;
 use serde::{Deserialize, Serialize};
 use wasm_bindgen_futures::spawn_local;
@@ -102,6 +103,14 @@ pub struct UserProps {
    pub id: i16,
 }
 /// Represents an error response from the API.
 ///
 /// This struct is used to deserialize error messages received from the backend API.
 /// It typically contains a human-readable message and an internal status code.
 ///
 /// # Fields
 /// - `message`: A `String` containing a description of the error.
 /// - `_status`: An internal status code or message, often ignored in frontend display.
 #[derive(Deserialize, Debug)]
 struct ApiError {
    message: String,
@@ -173,9 +182,11 @@ pub fn register_component() -> Html {
                    .expect("Error building request");
                match request.send().await {
-                    Ok(response) if response.status() == 200 => status.set(Some("Success".into())),
+                    Ok(response) if response.status() == 200 => {
-                    Ok(response) => status.set(Some(format!("Error: {}", response.status()))),
+                        status.set(Some("Erfolgreich".into()))
-                    Err(err) => status.set(Some(format!("Network error: {}", err))),
+                    }
                    Ok(response) => status.set(Some(format!("Fehler: {}", response.status()))),
                    Err(err) => status.set(Some(format!("Netzwerkfehler: {}", err))),
                }
            });
        })
@@ -224,7 +235,7 @@ pub fn register_component() -> Html {
    html! {
        <div class="form-container">
            <div class="page-header">
-                <h1>{ "Register User" }</h1>
+                <h1>{ "Benutzer registrieren" }</h1>
            </div>
            <form {onsubmit}>
                <label>{ "Vorname:" }
@@ -239,7 +250,7 @@ pub fn register_component() -> Html {
                <label>{ "Admin:" }
                    <input type="checkbox" checked={*is_admin} onchange={admin_change}/>
                </label>
-                <label>{ "Password:" }
+                <label>{ "Passwort:" }
                    <input type="password" value={(*pwd).clone()} oninput={pwd_change}/>
                </label>
                <button type="submit">{ "Bestätigen" }</button>
@@ -279,7 +290,7 @@ pub fn login_component() -> Html {
    let username = use_state(|| "".to_string());
    let pwd = use_state(|| "".to_string());
    let loading = use_state(|| false);
-    let error = use_state(|| String::new());
+    let error = use_state(String::new);
    let success = use_state(|| false);
    let navigator = use_navigator().unwrap();
@@ -323,24 +334,25 @@ pub fn login_component() -> Html {
                        navigator.push(&crate::Route::Home);
                    }
                    Ok(r) => {
-                        let text = r.text().await.unwrap_or_else(|_| "unknown".into());
+                        let text: serde_json::Value =
-                        error.set(format!("HTTP {}: {}", r.status(), text));
+                            r.json().await.unwrap_or_else(|_| "unbekannt".into());
                        error.set(dequote!(format!("{}", text["message"].to_string())));
                    }
-                    Err(err) => error.set(format!("Network error: {}", err)),
+                    Err(err) => error.set(format!("Netzwerkfehler: {}", err)),
                }
            });
        })
    };
    html! {
-        <main class="content">
+        <main class="content login">
            <div class="form-container">
                <div class="page-header">
-                    <h1>{ "Login" }</h1>
+                    <h1>{ "Anmelden" }</h1>
                </div>
                <form {onsubmit}>
                    <input
-                        placeholder="username"
+                        placeholder="Benutzername"
                        value={(*username).clone()}
                        oninput={Callback::from(move |e: InputEvent| {
                            let input: web_sys::HtmlInputElement = e.target_unchecked_into();
@@ -349,14 +361,14 @@ pub fn login_component() -> Html {
                    />
                    <input
                        type="password"
-                        placeholder="password"
+                        placeholder="Passwort"
                        value={(*pwd).clone()}
                        oninput={Callback::from(move |e: InputEvent| {
                            let input: web_sys::HtmlInputElement = e.target_unchecked_into();
                            pwd.set(input.value());
                        })}
                    />
-                    <button type="submit" disabled={*loading}>{ if *loading { "Logging in..." } else { "Login" } }</button>
+                    <button type="submit" disabled={*loading}>{ if *loading { "Wird angemeldet..." } else { "Anmelden" } }</button>
                    if !error.is_empty() { <p class="alert error">{(*error).clone()}</p> }
                </form>
            </div>
@@ -393,7 +405,7 @@ pub fn login_component() -> Html {
 /// ```
 #[component(AllUsers)]
 pub fn all_users_component() -> Html {
-    let users = use_state(|| Vec::<FilteredUser>::new());
+    let users = use_state(Vec::<FilteredUser>::new);
    let error = use_state(|| None::<String>);
    let loading = use_state(|| false);
@@ -405,22 +417,22 @@ pub fn all_users_component() -> Html {
        use_effect_with((), move |_| {
            loading.set(true);
            spawn_local(async move {
-                let url = format!("/api/users");
+                let url = "/api/users".to_string();
                match Request::get(&url).send().await {
                    Ok(response) if response.status() == 200 => {
                        match response.json::<Vec<FilteredUser>>().await {
                            Ok(u) => users.set(u),
-                            Err(err) => error.set(Some(format!("Parse error: {}", err))),
+                            Err(err) => error.set(Some(format!("Parser-Fehler: {}", err))),
                        }
                    }
                    Ok(response) => {
                        if let Ok(text) = response.text().await {
                            error.set(Some(text));
                        } else {
-                            error.set(Some(format!("status {}", response.status())));
+                            error.set(Some(format!("Status {}", response.status())));
                        }
                    }
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                loading.set(false);
            });
@@ -432,25 +444,25 @@ pub fn all_users_component() -> Html {
        html! {
            <div class="form-container">
                <div class="page-header">
-                    <h1>{ "All Users" }</h1>
+                    <h1>{ "Alle Benutzer" }</h1>
                </div>
-                <p>{ "Loading..." }</p>
+                <p>{ "Lade..." }</p>
            </div>
        }
    } else if let Some(e) = &*error {
        html! {
            <div class="form-container">
                <div class="page-header">
-                    <h1>{ "All Users" }</h1>
+                    <h1>{ "Alle Benutzer" }</h1>
                </div>
-                <p class="alert error">{ format!("Error: {}", e) }</p>
+                <p class="alert error">{ format!("Fehler: {}", e) }</p>
            </div>
        }
    } else {
        html! {
            <div class="form-container">
                <div class="page-header">
-                    <h1>{ "All Users" }</h1>
+                    <h1>{ "Alle Benutzer" }</h1>
                </div>
                <ul class="user-list">
                { for users.iter().map(|t| html! {
@@ -527,7 +539,7 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                        if status == 200 {
                            match response.json::<FilteredUser>().await {
                                Ok(u) => user.set(Some(u)),
-                                Err(err) => error.set(Some(format!("Parse error: {}", err))),
+                                Err(err) => error.set(Some(format!("Parser-Fehler: {}", err))),
                            }
                        } else {
                            match response.json::<ApiError>().await {
@@ -536,13 +548,13 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                                    if let Ok(text) = response.text().await {
                                        error.set(Some(text));
                                    } else {
-                                        error.set(Some(format!("Server error: {}", status)));
+                                        error.set(Some(format!("Server-Fehler: {}", status)));
                                    }
                                }
                            }
                        }
                    }
-                    Err(err) => error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                loading.set(false);
            });
@@ -554,7 +566,7 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
    let last_name = use_state(|| "".to_string());
    let username = use_state(|| "".to_string());
    let make_admin = use_state(|| false);
-    let new_pwd = use_state(|| String::new());
+    let new_pwd = use_state(String::new);
    let saving = use_state(|| false);
    let save_error = use_state(|| None::<String>);
    let save_success = use_state(|| false);
@@ -604,11 +616,10 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
            let save_error = save_error.clone();
            let save_success = save_success.clone();
            let user_state = user_state.clone();
            let id = id;
            spawn_local(async move {
                let payload = UserUpdateScheme {
-                    id: id,
+                    id,
                    first_name,
                    last_name,
                    username,
@@ -631,10 +642,10 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                        save_success.set(true);
                    }
                    Ok(resp) => {
-                        let txt = resp.text().await.unwrap_or_else(|_| "Unknown".into());
+                        let txt = resp.text().await.unwrap_or_else(|_| "unbekannt".into());
                        save_error.set(Some(format!("HTTP {}: {}", resp.status(), txt)));
                    }
-                    Err(err) => save_error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => save_error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                saving.set(false);
            });
@@ -648,14 +659,15 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
        let deleting = deleting.clone();
        let delete_error = delete_error.clone();
        let user_state = user.clone(); // or ticket
        let id = id;
        Callback::from(move |e: MouseEvent| {
            e.prevent_default();
            // confirm
            if !web_sys::window()
                .and_then(|w| {
-                    w.confirm_with_message("Are you sure you want to delete this item?")
+                    w.confirm_with_message(
                        "Sind Sie sicher, dass Sie dieses Element löschen möchten?",
                    )
                    .ok()
                })
                .unwrap_or(false)
@@ -680,10 +692,10 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                        user_state.set(None); // clears the shown item
                    }
                    Ok(resp) => {
-                        let txt = resp.text().await.unwrap_or_else(|_| "Unknown".into());
+                        let txt = resp.text().await.unwrap_or_else(|_| "unbekannt".into());
                        delete_error.set(Some(format!("HTTP {}: {}", resp.status(), txt)));
                    }
-                    Err(err) => delete_error.set(Some(format!("Network error: {}", err))),
+                    Err(err) => delete_error.set(Some(format!("Netzwerkfehler: {}", err))),
                }
                deleting.set(false);
            });
@@ -691,9 +703,9 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
    };
    if *loading {
-        html! {<p>{ "Loading" }</p>}
+        html! {<p>{ "Lade..." }</p>}
    } else if let Some(e) = &*error {
-        html! { <p>{ format!("Error: {}", e) }</p> }
+        html! { <p class="alert error">{ format!("Fehler: {}", e) }</p> }
    } else if let Some(u) = &*user {
        html! {
            <div>
@@ -704,7 +716,7 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                    <p><strong>{ "Ist Admin: " }</strong>{ u.is_admin }</p>
                </div>
-                <h1>{ format!("User #{}", u.id) }</h1>
+                <h1>{ format!("Benutzer #{}", u.id) }</h1>
                <form onsubmit={onsubmit}>
                    <div>
                        <label>{ "Vorname" }
@@ -748,7 +760,7 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                        </label>
                    </div>
                    <div>
-                        <label>{ "Neues Passwort (leer = unchanged)" }
+                        <label>{ "Neues Passwort (leer = unverändert)" }
                            <input name="new_pwd" type="password"
                                value={(*new_pwd).clone()}
                                oninput={Callback::from(move |e: InputEvent| {
@@ -761,24 +773,24 @@ pub fn user_by_id_component(props: &UserProps) -> Html {
                    <button type="submit" disabled={*saving}>{ if *saving { "Speichern..." } else { "Speichern" } }</button>
                    if *save_success {
-                        <p style="color:green">{ "Updated successfully" }</p>
+                        <p class="alert success">{ "Erfolgreich aktualisiert" }</p>
                    }
                    if let Some(err) = &*save_error {
-                        <p style="color:red">{ err.clone() }</p>
+                        <p class="alert error">{ err.clone() }</p>
                    }
                </form>
-                <button onclick={ondelete} disabled={*deleting}>
+                <button onclick={ondelete} disabled={*deleting} class="delete">
                    {if *deleting {"Löschen..."} else {"Löschen"}}
                </button>
-                <Link<crate::Route> to={crate::Route::AllUsers}>{ "Zurück zur Benutzerübersicht" }</Link<crate::Route>>
+                <Link<crate::Route> to={crate::Route::AllUsers} classes="return-to">{ "Zurück zur Benutzerübersicht" }</Link<crate::Route>>
                if let Some(err) = &*delete_error {
-                    <p style="color:red">{ err.clone() }</p>
+                    <p class="alert error">{ err.clone() }</p>
                }
            </div>
        }
    } else {
-        html! { <p>{ "No ticket found." }</p> }
+        html! { <p>{ "Kein Benutzer gefunden." }</p> }
    }
 }
--- a/frontend/src/pages/utilities.rs
+++ b/frontend/src/pages/utilities.rs
@@ -9,12 +9,6 @@ use yew::prelude::*;
 use crate::dequote;
 use crate::pages::ticket::{ActiveUser, Ticket};
 /// The response struct for the [EasyFixCount]
 #[derive(Deserialize)]
 struct CountResponse {
    value: i64,
 }
 /// A partial representation of a ticket, containing only the fields necessary for statistical analysis.
 ///
 /// This struct is used to efficiently retrieve and process ticket data for diagnostics
@@ -23,7 +17,6 @@ struct CountResponse {
 /// # Fields
 /// - `date`: The creation date and time of the ticket in UTC.
 /// - `room`: The room number associated with the ticket.
 #[derive(Debug, Deserialize, Clone, PartialEq)]
 struct TicketPartial {
    date: DateTime<Utc>,
@@ -33,12 +26,13 @@ struct TicketPartial {
 /// A partial representation of a user, containing only the fields necessary for statistical analysis.
 ///
-/// This struct is used to retrieve and process user data for diagnostics
+/// This struct is used to efficiently retrieve and process user data for diagnostics
 /// without fetching the full user details.
 ///
 /// # Fields
-/// - `id`: The users id
+/// - `id`: The unique identifier of the user.
-/// - `first_name`: The users first name
+/// - `first_name`: The first name of the user.
-/// - `last_name`: The users last name
+/// - `last_name`: The last name of the user.
 #[derive(Debug, Deserialize, Clone, PartialEq)]
 struct UserPartial {
    id: i16,
@@ -52,12 +46,20 @@ struct UserPartial {
 /// for calculating and visualizing ticket distribution per room.
 ///
 /// # Fields
-/// - `tickets`: A vector of `TicketPartial` containing ticket data relevant for room totals.
+/// - `tickets`: A vector of [`TicketPartial`] containing ticket data relevant for room totals.
 #[derive(Properties, PartialEq)]
 struct RoomTotalsProps {
    tickets: Vec<TicketPartial>,
 }
 /// Properties for components that display user-wise ticket totals.
 ///
 /// This struct passes a list of partial user data and partial ticket data to a component
 /// responsible for calculating and visualizing ticket distribution per user.
 ///
 /// # Fields
 /// - `users`: A vector of [`UserPartial`] containing user data relevant for user totals.
 /// - `tickets`: A vector of [`TicketPartial`] containing ticket data relevant for user totals.
 #[derive(Properties, PartialEq)]
 struct UserTotalProps {
    users: Vec<UserPartial>,
@@ -94,7 +96,7 @@ fn weekday_index(dt: &DateTime<Utc>) -> usize {
 /// the total count of tickets submitted on that day.
 ///
 /// # Arguments
-/// - `tickets`: A slice of `TicketPartial` items to count.
+/// - `tickets`: A slice of [`TicketPartial`] items to count.
 ///
 /// # Returns
 /// An array `[usize; 7]` with ticket counts for each weekday.
@@ -108,12 +110,12 @@ fn count_by_weekday(tickets: &[TicketPartial]) -> [usize; 7] {
 /// Calculates the occurrences of each weekday within the date range covered by the tickets.
 ///
-/// This function determines the minimum and maximum dates from the provided `TicketPartial`
+/// This function determines the minimum and maximum dates from the provided [`TicketPartial`]
 /// slice and then counts how many times each weekday occurs within that inclusive date range.
 /// This is useful for normalizing ticket counts against the number of available days for each weekday.
 ///
 /// # Arguments
-/// - `partials`: A slice of `TicketPartial` items defining the date range.
+/// - `partials`: A slice of [`TicketPartial`] items defining the date range.
 ///
 /// # Returns
 /// An array `[usize; 7]` where each element represents the number of times a
@@ -154,7 +156,7 @@ fn day_counts(partials: &[TicketPartial]) -> [usize; 7] {
            chrono::Weekday::Sun => 6,
        };
        occ[idx] += 1;
-        current = current + chrono::Duration::days(1);
+        current += chrono::Duration::days(1);
    }
    occ
@@ -162,7 +164,8 @@ fn day_counts(partials: &[TicketPartial]) -> [usize; 7] {
 /// Converts a numerical room representation back into a human-readable string format.
 ///
-/// This function is the inverse of the room parsing logic in `SubmitTicket` component.
+/// This function is the inverse of the room parsing logic in
 /// [`SubmitTicket`](`crate::pages::ticket::SubmitTicket`) component.
 /// It converts negative numbers back to "K" prefixed rooms, numbers >= 1000 back to "D" prefixed rooms,
 /// and other numbers to their string representation.
 ///
@@ -201,7 +204,6 @@ pub fn diagnostics_component() -> Html {
    html! {
        <div>
            <TicketCount/>
            <EasyFixCount/>
            <SubmitStats/>
        </div>
    }
@@ -234,7 +236,7 @@ pub fn diagnostics_component() -> Html {
 /// ```
 #[component(TicketCount)]
 pub fn ticket_count_component() -> Html {
-    let tickets = use_state(|| Vec::<Ticket>::new());
+    let tickets = use_state(Vec::<Ticket>::new);
    let error = use_state(|| None::<String>);
    let loading = use_state(|| false);
    let user = use_state(|| ActiveUser {
@@ -250,7 +252,7 @@ pub fn ticket_count_component() -> Html {
        use_effect_with((), move |_| {
            loading.set(true);
            spawn_local(async move {
-                let url = format!("/api/tickets");
+                let url = "/api/tickets".to_string();
                match Request::get(&url).send().await {
                    Ok(response) if response.status() == 200 => {
                        match response.json::<Vec<Ticket>>().await {
@@ -282,9 +284,9 @@ pub fn ticket_count_component() -> Html {
                    .credentials(web_sys::RequestCredentials::Include)
                    .send()
                    .await
                    && response.status() == 200
                    && let Ok(json) = response.json::<serde_json::Value>().await
                {
                    if response.status() == 200 {
                        if let Ok(json) = response.json::<serde_json::Value>().await {
                    let id = json
                        .get("data")
                        .and_then(|d| d.get("id"))
@@ -297,25 +299,20 @@ pub fn ticket_count_component() -> Html {
                        .unwrap_or(false);
                    user.set(ActiveUser { id, is_admin });
                }
                    }
                }
            });
            || ()
        });
    }
    if *loading {
-        html! {<p>{ "Loading" }</p>}
+        html! {<p>{ "Lade..." }</p>}
    } else if let Some(e) = &*error {
-        html! { <p>{ format!("Error: {}", e) }</p> }
+        html! { <p>{ format!("Fehler: {}", e) }</p> }
    } else {
        let status_conditions = |t: &Ticket| t.status == "ToDo" || t.status == "InProgress";
        let count = tickets
            .iter()
-            .filter(|t| {
+            .filter(|t| status_conditions(t) && (user.is_admin || (user.id == Some(t.user_id))))
                status_conditions(t)
                    && (user.is_admin || user.id.map_or(false, |uid| t.user_id == uid))
            })
            .count();
        html! {
            <div class="open-tickets">
@@ -334,12 +331,12 @@ pub fn ticket_count_component() -> Html {
 ///
 /// # State
 /// Uses `use_state` hooks to manage:
-/// - `tickets`: A vector of `TicketPartial` for statistical analysis.
+/// - `tickets`: A vector of [`TicketPartial`] for statistical analysis.
 /// - `error`: Any error message from API calls.
 /// - `loading`: A boolean indicating if data is being fetched.
 ///
 /// # Functionality
-/// - Fetches all tickets (as `TicketPartial`) from `/api/tickets`.
+/// - Fetches all tickets (as [`TicketPartial`]) from `/api/tickets`.
 /// - Calculates:
 ///   - `counts`: Number of tickets submitted on each weekday.
 ///   - `occ`: Number of occurrences of each weekday in the ticket date range.
@@ -355,8 +352,8 @@ pub fn ticket_count_component() -> Html {
 /// ```
 #[component(SubmitStats)]
 pub fn submit_stats_component() -> Html {
-    let tickets = use_state(|| Vec::<TicketPartial>::new());
+    let tickets = use_state(Vec::<TicketPartial>::new);
-    let users = use_state(|| Vec::<UserPartial>::new());
+    let users = use_state(Vec::<UserPartial>::new);
    let error = use_state(|| None::<String>);
    let loading = use_state(|| false);
@@ -422,7 +419,7 @@ pub fn submit_stats_component() -> Html {
        }
    }
-    let weekdays = ["Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"];
+    let weekdays = ["Mo", "Di", "Mi", "Do", "Fr", "Sa", "So"];
    let (max_idx, _max_val) = counts
        .iter()
        .enumerate()
@@ -433,12 +430,12 @@ pub fn submit_stats_component() -> Html {
    html! {
        <div class="diagnostics-section">
            if *loading {
-                <p>{ "Loading..." }</p>
+                <p>{ "Lade..." }</p>
            }
            if let Some(e) = &*error {
-                <p style="color: red;">{ e.clone() }</p>
+                <p class="alert error">{ e.clone() }</p>
            }
-            <h3>{ "Tickets per weekday" }</h3>
+            <h3>{ "Tickets pro Wochentag" }</h3>
            <div class="weekday-chart">
                <div class="weekday-bars">
                    { for (0..7).map(|i| {
@@ -493,7 +490,7 @@ pub fn submit_stats_component() -> Html {
 /// - **Sorts Results**: Displays rooms sorted by ticket count in descending order.
 /// - **Visualizes Data**: Renders a bar chart where the width of each bar is
 ///   proportional to the ticket count for that room, relative to the room with the maximum tickets.
-/// - **Room Formatting**: Uses the `parse_room` function to display room numbers
+/// - **Room Formatting**: Uses the [`parse_room`] function to display room numbers
 ///   in a human-readable format.
 ///
 /// # Example
@@ -538,6 +535,30 @@ fn room_total_component(props: &RoomTotalsProps) -> Html {
    }
 }
 /// A component that displays the total number of tickets per user.
 ///
 /// This component takes lists of [`UserPartial`] and [`TicketPartial`] items to calculate
 /// and display the total number of tickets submitted by each user.
 /// The results are presented in a sorted list with a bar chart visualization.
 ///
 /// # Props
 /// - `users`: A `Vec<UserPartial>` containing partial user data.
 /// - `tickets`: A `Vec<TicketPartial>` containing partial ticket data for analysis.
 ///
 /// # Functionality
 /// - **Maps User Names**: Creates a map from user IDs to their first and last names for display.
 /// - **Calculates Totals**: Aggregates ticket counts for each user.
 /// - **Sorts Results**: Displays users sorted by their ticket count in descending order.
 /// - **Visualizes Data**: Renders a bar chart where the width of each bar is proportional
 ///   to the ticket count for that user, relative to the user with the maximum tickets.
 /// - **Name Formatting**: Uses the [`dequote!`] macro to clean up user names before display.
 ///
 /// # Example
 /// ```rust
 /// html! {
 ///     <UserTotal users={my_user_partials} tickets={my_ticket_partials} />
 /// }
 /// ```
 #[component(UserTotal)]
 fn user_total_component(props: &UserTotalProps) -> Html {
    let name_map: HashMap<i16, (String, String)> = props
@@ -591,49 +612,3 @@ fn user_total_component(props: &UserTotalProps) -> Html {
        </div>
    }
 }
 /// A component for displaying how many problems were solved without creating a ticket
 ///
 /// # Functionality
 /// Fetches the value for the count from `/api/count` and parses it into a [`CountResponse`]
 ///
 /// # Example
 /// ``` rust
 /// html! {
 ///     <EasyFixCount/>
 /// }
 /// ```
 #[component(EasyFixCount)]
 fn easy_fix_component() -> Html {
    let count = use_state(|| 0);
    let error = use_state(|| None::<String>);
    {
        let count = count.clone();
        let error = error.clone();
        use_effect_with((), move |_| {
            spawn_local(async move {
                match Request::get("/api/count").send().await {
                    Ok(resp) if resp.status() == 200 => match resp.json::<CountResponse>().await {
                        Ok(r) => count.set(r.value),
                        Err(e) => error.set(Some(format!("parse error: {}", e))),
                    },
                    Ok(resp) => error.set(Some(
                        resp.text()
                            .await
                            .unwrap_or_else(|_| format!("status {}", resp.status())),
                    )),
                    Err(e) => error.set(Some(format!("Network error: {}", e))),
                }
            });
            || ()
        });
    }
    html! {
        <div class="open-tickets">
            <h2 class="left">{ "Probleme ohne Ticket gelößt" }</h2>
            <h4 class="ticket_count center">{ *count }</h4>
        </div>
    }
 }
--- a/frontend/src/styles/_variables.scss
+++ b/frontend/src/styles/_variables.scss
@@ -1,15 +1,15 @@
 // Color Palette (Reference Style)
-$color-bg: #f0f2f5;
+$color-bg: var(--color-bg);
-$color-bg-dark: #121212;
+$color-bg-dark: var(--color-bg-dark);
-$color-container: #ffffff;
+$color-container: var(--color-container);
-$color-container-dark: #333333;
+$color-container-dark: var(--color-container-dark);
 $color-sidebar: #0f172a;
 $color-primary: #2b79c2;
 $color-primary-hover: #1d5fa0;
 $color-accent: #2b79c2;
 $color-muted: #6b7280;
-$color-text: #111827;
+$color-text: var(--color-text);
-$color-text-dark: #e2e2e2;
+$color-text-dark: var(--color-text-dark);
 // Status Colors
 $color-status-todo: #ffcccc;
--- a/frontend/src/styles/components/_dark_mode.scss
+++ b/frontend/src/styles/components/_dark_mode.scss
@@ -0,0 +1,75 @@
 :root {
  --color-bg: #f0f2f5;
  --color-bg-dark: #121212;
  --color-container: #ffffff;
  --color-container-dark: #333333;
  --color-text: #111827;
  --color-text-dark: #e2e2e2;
 }
 // Automatically respect standard media query if no override is set
@media (prefers-color-scheme: dark) {
  :root {
    --color-bg: #121212;
    --color-container: #333333;
    --color-text: #e2e2e2;
  }
 }
 // Force Light Mode overrides
 body.theme-light {
  --color-bg: #f0f2f5;
  --color-bg-dark: #f0f2f5;
  --color-container: #ffffff;
  --color-container-dark: #ffffff;
  --color-text: #111827;
  --color-text-dark: #111827;
 }
 // Force Dark Mode overrides
 body.theme-dark {
  --color-bg: #121212;
  --color-bg-dark: #121212;
  --color-container: #333333;
  --color-container-dark: #333333;
  --color-text: #e2e2e2;
  --color-text-dark: #e2e2e2;
 }
 // Fixed positioning ensures NO other component's layout is ever altered
 .dark-mode-toggle {
  position: fixed;
  top: 1rem;
  right: 1rem;
  z-index: 9999;
  width: 55px;
  height: 55px;
  border-radius: 50%;
  border: 1px solid rgba(128, 128, 128, 0.2);
  background-color: var(--color-container);
  color: var(--color-text);
  box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
  cursor: pointer;
  transition: all 0.2s ease-in-out;
  display: flex;
  align-items: center;
  justify-content: center;
  padding: 0;
  svg {
    width: 36px;
    height: 36px;
    stroke: var(--color-text);
    transition: stroke 0.2s ease-in-out;
  }
  &:hover {
    transform: translateY(-1px);
    box-shadow: 0 6px 16px rgba(0, 0, 0, 0.15);
    background-color: var(--color-bg);
  }
  &:active {
    transform: translateY(0);
  }
 }
--- a/frontend/src/styles/components/_login.scss
+++ b/frontend/src/styles/components/_login.scss
@@ -37,3 +37,7 @@
    transform: scale(1.05);
  }
 }
 .content.login {
  margin: 0;
 }
--- a/frontend/src/styles/components/_pages.scss
+++ b/frontend/src/styles/components/_pages.scss
@@ -270,3 +270,25 @@ input[type="checkbox"] {
    }
  }
 }
 .return-to {
  display: block;
  padding: 16px 2rem;
  background: #2b79c2;
    background-color: rgb(43, 121, 194);
  color: white;
  text-decoration: none;
  text-align: center;
  border-radius: 0.5rem;
  transition: background-color 0.2s ease-in-out;
  &:hover {
    background-color: #1d5fa0;
  }
 }
 .delete {
  display: block;
  width: 100%;
  text-align: center;
 }
--- a/frontend/src/styles/components/_sidebar.scss
+++ b/frontend/src/styles/components/_sidebar.scss
@@ -49,6 +49,126 @@
    text-align: left;
  }
  .sidebar-header {
    display: flex;
    align-items: center;
    justify-content: space-between;
    width: 100%;
    margin-bottom: $spacing-md;
    .home {
      flex-grow: 1;
      display: flex;
      justify-content: center;
      @media (max-width: 768px) {
        padding-left: 36px;
      }
    }
    .sidebar-close {
      display: none;
      background: transparent;
      border: none;
      color: #fff;
      cursor: pointer;
      padding: 8px;
      border-radius: 50%;
      align-items: center;
      justify-content: center;
      transition: background 0.2s ease-in-out;
      margin-bottom: 0;
      &:hover {
        background: rgba(255, 255, 255, 0.1);
      }
      svg {
        width: 20px;
        height: 20px;
        stroke: #fff;
      }
      @media (max-width: 768px) {
        display: flex;
      }
    }
  }
  .home-svg {
    width: 24px;
    height: 24px; 
    vertical-align: middle;
    margin-right: 8px;
  }
  &.user { width: 220px; background: darken($color-sidebar, 6%); }
 }
 // Floating mobile menu toggle button
 .mobile-menu-toggle {
  display: none;
  @media (max-width: 768px) {
    display: flex;
    position: fixed;
    top: 1rem;
    left: 1rem;
    z-index: 998;
    width: 48px;
    height: 48px;
    border-radius: 50%;
    border: 1px solid rgba(128, 128, 128, 0.2);
    background-color: var(--color-container);
    color: var(--color-text);
    box-shadow: 0 4px 12px rgba(0, 0, 0, 0.15);
    cursor: pointer;
    align-items: center;
    justify-content: center;
    padding: 0;
    transition: all 0.2s ease-in-out;
    svg {
      width: 24px;
      height: 24px;
      stroke: var(--color-text);
      transition: stroke 0.2s ease-in-out;
    }
    &:hover {
      transform: translateY(-1px);
      box-shadow: 0 6px 16px rgba(0, 0, 0, 0.2);
      background-color: var(--color-bg);
    }
    &:active {
      transform: translateY(0);
    }
  }
 }
 // Overlay backdrop that dims the screen and allows dismissals on mobile
 .sidebar-overlay {
  display: none;
  @media (max-width: 768px) {
    display: block;
    position: fixed;
    top: 0;
    left: 0;
    width: 100vw;
    height: 100vh;
    background: rgba(0, 0, 0, 0.4);
    backdrop-filter: blur(4px);
    z-index: 999;
    opacity: 0;
    pointer-events: none;
    transition: opacity 0.3s ease-in-out;
    &.open {
      opacity: 1;
      pointer-events: auto;
    }
  }
 }
--- a/frontend/src/styles/main.scss
+++ b/frontend/src/styles/main.scss
@@ -10,6 +10,7 @@
@use "components/diagnostics";
@use "components/pages";
@use "components/setup";
@use "components/dark_mode";
 * {
  box-sizing: border-box;
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1 +1 @@
-#![doc = include_str!("../README.md")]
+#![doc = include_str!("../README.cargo.md")]
Author	SHA1	Message	Date
schn33fuchs	a653bf3f45	README	2026-05-29 10:05:20 +02:00
schn33fuchs	fb30d4ab83	Documentation The docs now include dark mode, the sidebar on mobile and a expanded ticket lifecycle	2026-05-29 10:03:58 +02:00
schn33fuchs	26384d2849	Sidebar mobile improvement The sidebar vanished on a too small display. Button to reopen and close are rendered	2026-05-29 09:45:34 +02:00
schn33fuchs	bec2a8a451	Style fix Login block now centered on page instead of same place as with sidebar	2026-05-29 09:37:25 +02:00
schn33fuchs	f96db06a33	Better error message German now	2026-05-29 09:36:56 +02:00
schn33fuchs	6ef50d06aa	Error fixes type mismatch in update user and some styling improvements	2026-05-28 18:49:29 +02:00
Silas	04b9ef8f9e	Merge pull request 'darkmode' (#41 ) from darkmode into styles-nino Reviewed-on: #41	2026-05-28 17:29:23 +02:00
schn33fuchs	778c112dd4	Home button fixed It is now an icon in the middle of the button instead of a unicode number	2026-05-28 17:27:36 +02:00
schn33fuchs	b9354f77b6	Darkmode implemented There is now a darkmode button	2026-05-28 17:26:56 +02:00
schn33fuchs	6e836d9260	Some styling	2026-05-26 22:01:50 +02:00
schn33fuchs	e096b9144b	Final diagram fix for real this time	2026-05-26 20:47:25 +02:00
schn33fuchs	74a573e38e	Diagram fix final	2026-05-26 20:46:48 +02:00
schn33fuchs	7f8afe1938	Rename	2026-05-26 20:34:20 +02:00
schn33fuchs	e070d36af9	Diagram fix hopefully	2026-05-26 20:31:58 +02:00
schn33fuchs	d3d0e9b83c	Cleanup	2026-05-26 20:29:34 +02:00
schn33fuchs	3000bb0e5d	Translation Everything is now German	2026-05-26 20:20:36 +02:00
schn33fuchs	e2cfb61caa	Cleanup	2026-05-25 17:43:07 +02:00
schn33fuchs	d1576ae8fa	For real real	2026-05-22 15:14:16 +02:00
schn33fuchs	8287bea240	Last one for real	2026-05-22 15:13:47 +02:00
schn33fuchs	663f61fa34	Sequence diagram fix Hopefully the last	2026-05-22 15:11:15 +02:00
schn33fuchs	50c79231bb	More readme fixes	2026-05-22 15:09:28 +02:00
schn33fuchs	6950ec1c36	Another fix	2026-05-22 15:06:31 +02:00
schn33fuchs	9402344f77	Diagram update Sequence diagram fixed	2026-05-22 14:47:03 +02:00
schn33fuchs	2b9aa03932	Sequence diagrams Generated by antigravity	2026-05-22 14:40:23 +02:00
schn33fuchs	42f2d33a58	Direction	2026-05-22 14:16:38 +02:00
schn33fuchs	8de96aea11	Class diagram	2026-05-22 14:10:13 +02:00
schn33fuchs	edb19c5569	README	2026-05-22 14:08:52 +02:00
schn33fuchs	a75de3dbef	README update	2026-05-22 14:04:45 +02:00
schn33fuchs	d27a76ccc7	README update important note added	2026-05-20 21:11:55 +02:00
schn33fuchs	721e43c380	Refined docs and stuff Docs link to each other and are generally better	2026-05-20 12:50:00 +02:00
schn33fuchs	0db9b76cad	A new env variable BACKEND_PORT for the port of the backend	2026-05-20 12:49:33 +02:00
schn33fuchs	7f4237a6b7	README update	2026-05-20 12:49:11 +02:00
schn33fuchs	d029c5a347	Some improvements	2026-05-16 19:57:17 +02:00
schn33fuchs	b1869595ac	Fix Weekday bars now at the bottom of everything	2026-05-16 19:57:04 +02:00
schn33fuchs	0d4a6c4711	favicon	2026-05-16 19:56:47 +02:00
schn33fuchs	726a581a9e	Component Fix easy fix carried over removed now	2026-05-16 19:56:25 +02:00
schn33fuchs	e99026e3d6	Styles Its more beautifull now	2026-05-16 19:54:13 +02:00
schn33fuchs	b25e045b99	Styles better	2026-05-16 19:51:08 +02:00
schn33fuchs	99c5aa613c	.gitignore	2026-05-13 16:59:32 +02:00
`@@ -1 +1 @@`
	`#![doc = include_str!("../README.md")]`	`#![doc = include_str!("../README.cargo.md")]`