Index: ChapterX.API/Program.cs
===================================================================
--- ChapterX.API/Program.cs	(revision a6e33d1f34c0dbbfff38bfb2c73eea32abfe7cff)
+++ ChapterX.API/Program.cs	(revision 877c13c3dd0934c1d31da7988d0d2c2c5925ed55)
@@ -1,73 +1,16 @@
 using ChapterX.Application;
 using ChapterX.Infrastructure;
-using Microsoft.AspNetCore.Authentication.JwtBearer;
-using Microsoft.IdentityModel.Tokens;
 using System.Reflection;
-using System.Text;
 
 var builder = WebApplication.CreateBuilder(args);
 
-var jwtKey = builder.Configuration["Jwt:Key"];
-if (string.IsNullOrWhiteSpace(jwtKey))
-    throw new InvalidOperationException("Jwt:Key is not configured. Set it via environment variable DOTNET_Jwt__Key before starting the application.");
-
-builder.Services.AddCors(options =>
-{
-    options.AddPolicy("Frontend", policy =>
-        policy.WithOrigins("http://localhost:5173", "https://localhost:5173")
-              .AllowAnyHeader()
-              .AllowAnyMethod()
-              .AllowCredentials());
-});
-
-builder.Services.AddControllers()
-    .AddJsonOptions(options =>
-    {
-        options.JsonSerializerOptions.ReferenceHandler = System.Text.Json.Serialization.ReferenceHandler.IgnoreCycles;
-    });
+builder.Services.AddControllers();
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen(options =>
 {
     options.CustomSchemaIds(type => type.FullName);
-    options.AddSecurityDefinition("Bearer", new Microsoft.OpenApi.Models.OpenApiSecurityScheme
-    {
-        Name = "Authorization",
-        Type = Microsoft.OpenApi.Models.SecuritySchemeType.Http,
-        Scheme = "Bearer",
-        BearerFormat = "JWT",
-        In = Microsoft.OpenApi.Models.ParameterLocation.Header,
-        Description = "Enter your JWT token"
-    });
-    options.AddSecurityRequirement(new Microsoft.OpenApi.Models.OpenApiSecurityRequirement
-    {
-        {
-            new Microsoft.OpenApi.Models.OpenApiSecurityScheme
-            {
-                Reference = new Microsoft.OpenApi.Models.OpenApiReference
-                {
-                    Type = Microsoft.OpenApi.Models.ReferenceType.SecurityScheme,
-                    Id = "Bearer"
-                }
-            },
-            Array.Empty<string>()
-        }
-    });
 });
 
-builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
-    .AddJwtBearer(options =>
-    {
-        options.TokenValidationParameters = new TokenValidationParameters
-        {
-            ValidateIssuer = true,
-            ValidateAudience = true,
-            ValidateLifetime = true,
-            ValidateIssuerSigningKey = true,
-            ValidIssuer = builder.Configuration["Jwt:Issuer"],
-            ValidAudience = builder.Configuration["Jwt:Audience"],
-            IssuerSigningKey = new SymmetricSecurityKey(
-                Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]!))
-        };
-    });
+builder.Services.AddAuthentication();
 builder.Services.AddAuthorization();
 
@@ -77,51 +20,4 @@
 var app = builder.Build();
 
-app.UseExceptionHandler(err => err.Run(async ctx =>
-{
-    var ex = ctx.Features.Get<Microsoft.AspNetCore.Diagnostics.IExceptionHandlerFeature>()?.Error;
-    ctx.Response.ContentType = "application/json";
-
-    var logger = ctx.RequestServices.GetRequiredService<ILogger<Program>>();
-
-    string message;
-    int status;
-
-    if (ex is UnauthorizedAccessException)
-    {
-        status = 401;
-        message = ex.Message;
-    }
-    else if (ex is InvalidOperationException)
-    {
-        status = 400;
-        message = ex.Message;
-    }
-    else if (ex is Microsoft.EntityFrameworkCore.DbUpdateException dbEx)
-    {
-        status = 400;
-        var inner = dbEx.InnerException?.Message ?? "";
-        if (inner.Contains("email_format"))
-            message = "Invalid email format.";
-        else if (inner.Contains("unique") || inner.Contains("duplicate") || inner.Contains("23505"))
-            message = "A user with this email or username already exists.";
-        else
-        {
-            logger.LogError(dbEx, "Unhandled database error");
-            message = "A database error occurred. Please try again.";
-        }
-    }
-    else
-    {
-        logger.LogError(ex, "Unhandled exception");
-        status = 500;
-        message = "An unexpected error occurred.";
-    }
-
-    ctx.Response.StatusCode = status;
-    await ctx.Response.WriteAsJsonAsync(new { message });
-}));
-
-app.UseCors("Frontend");
-
 if (app.Environment.IsDevelopment())
 {
@@ -130,4 +26,5 @@
 }
 
+app.UseHttpsRedirection();
 app.UseAuthentication();
 app.UseAuthorization();
