From 5970172f88f9f83b72287f1844d30824e3c44b2f Mon Sep 17 00:00:00 2001
From: akira69 <akira69@gmail.com>
Date: Wed, 1 Apr 2026 20:26:30 -0500
Subject: [PATCH 1/3] feat: add manufacturer logo storage and API

---
 ...a1e6f4b2d0_add_manufacturer_logo_fields.py |  31 ++
 backend/app/api/v1/filaments.py               | 425 +++++++++++++++++-
 backend/app/api/v1/schemas_filament.py        |  10 +
 backend/app/core/config.py                    |   2 +
 backend/app/main.py                           |   5 +-
 backend/app/models/filament.py                |  17 +
 .../app/services/manufacturer_logo_service.py | 103 +++++
 backend/tests/test_filaments.py               |  96 ++++
 8 files changed, 686 insertions(+), 3 deletions(-)
 create mode 100644 backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
 create mode 100644 backend/app/services/manufacturer_logo_service.py

diff --git a/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py b/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
new file mode 100644
index 00000000..ea215b0a
--- /dev/null
+++ b/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
@@ -0,0 +1,31 @@
+"""add_manufacturer_logo_fields
+
+Revision ID: c9a1e6f4b2d0
+Revises: b37af859a415
+Create Date: 2026-04-01 16:30:00.000000
+
+"""
+
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision: str = "c9a1e6f4b2d0"
+down_revision: Union[str, Sequence[str], None] = "b37af859a415"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    with op.batch_alter_table("manufacturers") as batch_op:
+        batch_op.add_column(sa.Column("logo_url", sa.String(length=500), nullable=True))
+        batch_op.add_column(sa.Column("logo_file_path", sa.String(length=500), nullable=True))
+
+
+def downgrade() -> None:
+    with op.batch_alter_table("manufacturers") as batch_op:
+        batch_op.drop_column("logo_file_path")
+        batch_op.drop_column("logo_url")
\ No newline at end of file
diff --git a/backend/app/api/v1/filaments.py b/backend/app/api/v1/filaments.py
index b1641c8e..1823c331 100644
--- a/backend/app/api/v1/filaments.py
+++ b/backend/app/api/v1/filaments.py
@@ -1,6 +1,14 @@
+import asyncio
+import ipaddress
+import logging
+import mimetypes
+from pathlib import Path
+import socket
 from typing import Any
 
-from fastapi import APIRouter, Depends, HTTPException, Query, status
+import httpx
+from fastapi import APIRouter, Depends, File, HTTPException, Query, UploadFile, status
+from fastapi.responses import FileResponse
 from sqlalchemy import delete, func, select, literal_column
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import selectinload
@@ -23,13 +31,301 @@
     FilamentResponse,
     FilamentUpdate,
     ManufacturerCreate,
+    ManufacturerLogoImportRequest,
     ManufacturerResponse,
     ManufacturerUpdate,
 )
 from app.core.event_bus import event_bus
 from app.models import Color, Filament, FilamentColor, Manufacturer, Spool, SpoolStatus
+from app.services.manufacturer_logo_service import (
+    CONTENT_TYPE_SUFFIXES,
+    MAX_LOGO_SIZE_BYTES,
+    delete_manufacturer_logo,
+    resolve_logo_file_path,
+    save_manufacturer_logo,
+    sniff_logo_suffix,
+)
 
 router = APIRouter(prefix="/manufacturers", tags=["manufacturers"])
+logger = logging.getLogger(__name__)
+
+_SAFE_LOGO_IMPORT_SCHEMES = {"http", "https"}
+_MAX_LOGO_REDIRECTS = 5
+_SUPPORTED_LOGO_TYPES = "PNG, JPEG, GIF, or WebP"
+
+
+async def _resolve_hostname_ips(host: str) -> set[str]:
+    def _lookup() -> set[str]:
+        resolved_ips: set[str] = set()
+        for family, _, _, _, sockaddr in socket.getaddrinfo(host, None, type=socket.SOCK_STREAM):
+            if family == socket.AF_INET:
+                resolved_ips.add(sockaddr[0])
+            elif family == socket.AF_INET6:
+                resolved_ips.add(sockaddr[0])
+        return resolved_ips
+
+    try:
+        return await asyncio.to_thread(_lookup)
+    except socket.gaierror as exc:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "invalid_logo_url", "message": f"Unable to resolve logo host: {exc}"},
+        ) from exc
+
+
+def _build_host_header(url: httpx.URL) -> str:
+    if url.port and url.port not in {80, 443}:
+        return f"{url.host}:{url.port}"
+    return url.host
+
+
+def _validate_logo_bytes(file_bytes: bytes, content_type: str | None) -> str:
+    normalized_content_type = (content_type or "").split(";", 1)[0].strip().lower()
+    if normalized_content_type not in CONTENT_TYPE_SUFFIXES:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={
+                "code": "invalid_content_type",
+                "message": f"Expected a {_SUPPORTED_LOGO_TYPES} image",
+            },
+        )
+
+    if not file_bytes:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "empty_file", "message": "Empty file"},
+        )
+
+    if len(file_bytes) > MAX_LOGO_SIZE_BYTES:
+        raise HTTPException(
+            status_code=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE,
+            detail={
+                "code": "file_too_large",
+                "message": "Logo must be 5 MB or smaller",
+            },
+        )
+
+    detected_suffix = sniff_logo_suffix(file_bytes)
+    if detected_suffix is None:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={
+                "code": "invalid_image",
+                "message": f"File is not a valid {_SUPPORTED_LOGO_TYPES} image",
+            },
+        )
+
+    expected_suffix = CONTENT_TYPE_SUFFIXES[normalized_content_type]
+    if expected_suffix != detected_suffix:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={
+                "code": "invalid_image",
+                "message": "File contents do not match the reported image type",
+            },
+        )
+
+    return detected_suffix
+
+
+async def _validate_logo_source_url(url: httpx.URL) -> None:
+    if url.scheme not in _SAFE_LOGO_IMPORT_SCHEMES or not url.host:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "invalid_logo_url", "message": "Logo URL must use http or https"},
+        )
+
+    if url.userinfo:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "invalid_logo_url", "message": "Logo URL must not include credentials"},
+        )
+
+    host = url.host.lower()
+    if host == "localhost" or host.endswith(".localhost"):
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "unsafe_logo_url", "message": "Logo URL must not target local or private hosts"},
+        )
+
+    resolved_ips = await _resolve_hostname_ips(host)
+    if not resolved_ips:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "invalid_logo_url", "message": "Unable to resolve logo host"},
+        )
+
+    for resolved_ip in resolved_ips:
+        ip = ipaddress.ip_address(resolved_ip)
+        if (
+            ip.is_private
+            or ip.is_loopback
+            or ip.is_link_local
+            or ip.is_multicast
+            or ip.is_reserved
+            or ip.is_unspecified
+        ):
+            raise HTTPException(
+                status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+                detail={"code": "unsafe_logo_url", "message": "Logo URL must not target local or private hosts"},
+            )
+
+
+async def _read_logo_response_bytes(response: httpx.Response) -> bytes:
+    content_length = response.headers.get("content-length")
+    if content_length:
+        try:
+            if int(content_length) > MAX_LOGO_SIZE_BYTES:
+                raise HTTPException(
+                    status_code=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE,
+                    detail={
+                        "code": "file_too_large",
+                        "message": "Logo must be 5 MB or smaller",
+                    },
+                )
+        except ValueError:
+            pass
+
+    file_bytes = bytearray()
+    async for chunk in response.aiter_bytes(chunk_size=8192):
+        file_bytes.extend(chunk)
+        if len(file_bytes) > MAX_LOGO_SIZE_BYTES:
+            raise HTTPException(
+                status_code=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE,
+                detail={
+                    "code": "file_too_large",
+                    "message": "Logo must be 5 MB or smaller",
+                },
+            )
+
+    return bytes(file_bytes)
+
+
+async def _fetch_logo_from_url(logo_url: str) -> tuple[bytes, str, str | None, str]:
+    current_url = httpx.URL(logo_url)
+
+    async with httpx.AsyncClient(
+        follow_redirects=False,
+        timeout=httpx.Timeout(20.0, connect=5.0, read=10.0, write=10.0, pool=5.0),
+        trust_env=False,
+        headers={
+            "User-Agent": (
+                "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) "
+                "AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0 Safari/537.36"
+            ),
+            "Accept": "image/png,image/jpeg,image/gif,image/webp,image/*;q=0.8,*/*;q=0.5",
+        },
+    ) as client:
+        for _ in range(_MAX_LOGO_REDIRECTS + 1):
+            await _validate_logo_source_url(current_url)
+            resolved_ips = sorted(await _resolve_hostname_ips(current_url.host))
+            request_url = current_url.copy_with(host=resolved_ips[0])
+            host_header = _build_host_header(current_url)
+            request = client.build_request(
+                "GET",
+                request_url,
+                headers={
+                    "Host": host_header,
+                    "Referer": f"{current_url.scheme}://{host_header}/",
+                },
+                extensions=(
+                    {"sni_hostname": current_url.host}
+                    if current_url.scheme == "https"
+                    else None
+                ),
+            )
+            response = await client.send(request, stream=True)
+
+            try:
+                if response.is_redirect:
+                    location = response.headers.get("location")
+                    if not location:
+                        raise HTTPException(
+                            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+                            detail={
+                                "code": "logo_fetch_failed",
+                                "message": "Logo URL redirect was missing a location header",
+                            },
+                        )
+                    current_url = current_url.join(location)
+                    continue
+
+                response.raise_for_status()
+                content_type = response.headers.get("content-type", "").split(";", 1)[0].strip().lower()
+                file_bytes = await _read_logo_response_bytes(response)
+                detected_suffix = _validate_logo_bytes(file_bytes, content_type)
+                fallback_name = f"logo{detected_suffix}"
+                return file_bytes, content_type, Path(current_url.path).name or fallback_name, detected_suffix
+            except httpx.HTTPStatusError as exc:
+                raise HTTPException(
+                    status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+                    detail={
+                        "code": "logo_fetch_failed",
+                        "message": f"Failed to fetch logo from URL: {exc}",
+                    },
+                ) from exc
+            finally:
+                await response.aclose()
+
+    raise HTTPException(
+        status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+        detail={"code": "logo_fetch_failed", "message": "Logo URL redirected too many times"},
+    )
+
+
+async def _commit_manufacturer_logo_change(
+    *,
+    db: AsyncSession,
+    manufacturer: Manufacturer,
+    new_logo_path: str | None,
+) -> Manufacturer:
+    previous_logo_path = manufacturer.logo_file_path
+    manufacturer.logo_file_path = new_logo_path
+
+    try:
+        await db.commit()
+    except Exception:
+        await db.rollback()
+        if new_logo_path and new_logo_path != previous_logo_path:
+            try:
+                delete_manufacturer_logo(new_logo_path)
+            except (OSError, ValueError) as cleanup_exc:
+                logger.warning("Failed to clean up new manufacturer logo %s: %s", new_logo_path, cleanup_exc)
+        raise
+
+    await db.refresh(manufacturer)
+
+    if previous_logo_path and previous_logo_path != new_logo_path:
+        try:
+            delete_manufacturer_logo(previous_logo_path)
+        except (OSError, ValueError) as cleanup_exc:
+            logger.warning("Failed to delete previous manufacturer logo %s: %s", previous_logo_path, cleanup_exc)
+
+    return manufacturer
+
+
+@router.get("/logo-files/{filename}")
+async def get_manufacturer_logo_file(filename: str, principal: PrincipalDep):
+    stored_path = f"manufacturer-logos/{Path(filename).name}"
+    try:
+        file_path = resolve_logo_file_path(stored_path)
+    except ValueError as exc:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={"code": "not_found", "message": "Manufacturer logo not found"},
+        ) from exc
+
+    if not file_path.exists() or not file_path.is_file():
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={"code": "not_found", "message": "Manufacturer logo not found"},
+        )
+    media_type, _ = mimetypes.guess_type(file_path.name)
+    return FileResponse(
+        file_path,
+        media_type=media_type or "application/octet-stream",
+        headers={"X-Content-Type-Options": "nosniff"},
+    )
 
 
 @router.get("", response_model=PaginatedResponse[ManufacturerResponse])
@@ -112,6 +408,7 @@ async def list_manufacturers(
         ManufacturerResponse.model_validate(
             {
                 **m.__dict__,
+                "resolved_logo_url": m.resolved_logo_url,
                 "filament_count": fil_counts.get(m.id, 0),
                 "spool_count": active_spool_counts.get(m.id, 0),
                 "archived_spool_count": archived_spool_counts.get(m.id, 0),
@@ -160,6 +457,99 @@ async def create_manufacturer(
     return manufacturer
 
 
+@router.post("/{manufacturer_id}/logo-from-url", response_model=ManufacturerResponse)
+async def import_manufacturer_logo_from_url(
+    manufacturer_id: int,
+    data: ManufacturerLogoImportRequest,
+    db: DBSession,
+    principal=RequirePermission("manufacturers:update"),
+):
+    result = await db.execute(
+        select(Manufacturer).where(Manufacturer.id == manufacturer_id)
+    )
+    manufacturer = result.scalar_one_or_none()
+    if not manufacturer:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={"code": "not_found", "message": "Manufacturer not found"},
+        )
+
+    source_url = (data.url or "").strip()
+    if not source_url:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "invalid_logo_url", "message": "Logo URL is required"},
+        )
+
+    try:
+        file_bytes, content_type, fetched_filename, detected_suffix = await _fetch_logo_from_url(source_url)
+    except HTTPException:
+        raise
+    except httpx.HTTPError as exc:
+        raise HTTPException(
+            status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+            detail={"code": "logo_fetch_failed", "message": f"Failed to fetch logo from URL: {exc}"},
+        ) from exc
+
+    new_logo_path = save_manufacturer_logo(
+        manufacturer_name=manufacturer.name,
+        file_bytes=file_bytes,
+        filename=fetched_filename,
+        content_type=content_type,
+        detected_suffix=detected_suffix,
+    )
+
+    manufacturer = await _commit_manufacturer_logo_change(
+        db=db,
+        manufacturer=manufacturer,
+        new_logo_path=new_logo_path,
+    )
+
+    await event_bus.publish({"event": "manufacturers_changed"})
+    return manufacturer
+
+
+@router.post("/{manufacturer_id}/logo", response_model=ManufacturerResponse)
+async def upload_manufacturer_logo(
+    manufacturer_id: int,
+    db: DBSession,
+    file: UploadFile = File(...),
+    principal=RequirePermission("manufacturers:update"),
+):
+    result = await db.execute(
+        select(Manufacturer).where(Manufacturer.id == manufacturer_id)
+    )
+    manufacturer = result.scalar_one_or_none()
+    if not manufacturer:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={"code": "not_found", "message": "Manufacturer not found"},
+        )
+
+    try:
+        file_bytes = await file.read(MAX_LOGO_SIZE_BYTES + 1)
+    finally:
+        await file.close()
+
+    detected_suffix = _validate_logo_bytes(file_bytes, file.content_type)
+    new_logo_path = save_manufacturer_logo(
+        manufacturer_name=manufacturer.name,
+        file_bytes=file_bytes,
+        filename=file.filename,
+        content_type=file.content_type,
+        detected_suffix=detected_suffix,
+    )
+
+    manufacturer = await _commit_manufacturer_logo_change(
+        db=db,
+        manufacturer=manufacturer,
+        new_logo_path=new_logo_path,
+    )
+
+    await event_bus.publish({"event": "manufacturers_changed"})
+    return manufacturer
+
+
 @router.get("/{manufacturer_id}", response_model=ManufacturerResponse)
 async def get_manufacturer(
     manufacturer_id: int, db: DBSession, principal: PrincipalDep
@@ -176,6 +566,31 @@ async def get_manufacturer(
     return manufacturer
 
 
+@router.delete("/{manufacturer_id}/logo", response_model=ManufacturerResponse)
+async def delete_manufacturer_logo_file(
+    manufacturer_id: int,
+    db: DBSession,
+    principal=RequirePermission("manufacturers:update"),
+):
+    result = await db.execute(
+        select(Manufacturer).where(Manufacturer.id == manufacturer_id)
+    )
+    manufacturer = result.scalar_one_or_none()
+    if not manufacturer:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail={"code": "not_found", "message": "Manufacturer not found"},
+        )
+
+    manufacturer = await _commit_manufacturer_logo_change(
+        db=db,
+        manufacturer=manufacturer,
+        new_logo_path=None,
+    )
+    await event_bus.publish({"event": "manufacturers_changed"})
+    return manufacturer
+
+
 @router.patch("/{manufacturer_id}", response_model=ManufacturerResponse)
 async def update_manufacturer(
     manufacturer_id: int,
@@ -266,8 +681,16 @@ async def delete_manufacturer(
                     await db.delete(s)
                 await db.delete(f)
 
+    logo_to_delete = manufacturer.logo_file_path
     await db.delete(manufacturer)
     await db.commit()
+
+    if logo_to_delete:
+        try:
+            delete_manufacturer_logo(logo_to_delete)
+        except (OSError, ValueError) as cleanup_exc:
+            logger.warning("Failed to delete manufacturer logo %s: %s", logo_to_delete, cleanup_exc)
+
     await event_bus.publish({"event": "manufacturers_changed"})
 
 
diff --git a/backend/app/api/v1/schemas_filament.py b/backend/app/api/v1/schemas_filament.py
index b8eac636..4c87e66d 100644
--- a/backend/app/api/v1/schemas_filament.py
+++ b/backend/app/api/v1/schemas_filament.py
@@ -6,6 +6,7 @@
 class ManufacturerCreate(BaseModel):
     name: str
     url: str | None = None
+    logo_url: str | None = None
     empty_spool_weight_g: float | None = None
     spool_outer_diameter_mm: float | None = None
     spool_width_mm: float | None = None
@@ -16,6 +17,7 @@ class ManufacturerCreate(BaseModel):
 class ManufacturerUpdate(BaseModel):
     name: str | None = None
     url: str | None = None
+    logo_url: str | None = None
     empty_spool_weight_g: float | None = None
     spool_outer_diameter_mm: float | None = None
     spool_width_mm: float | None = None
@@ -23,10 +25,18 @@ class ManufacturerUpdate(BaseModel):
     custom_fields: dict[str, Any] | None = None
 
 
+class ManufacturerLogoImportRequest(BaseModel):
+    url: str | None = None
+    logo_url: str | None = None
+
+
 class ManufacturerResponse(BaseModel):
     id: int
     name: str
     url: str | None
+    logo_url: str | None = None
+    logo_file_path: str | None = None
+    resolved_logo_url: str | None = None
     empty_spool_weight_g: float | None = None
     spool_outer_diameter_mm: float | None = None
     spool_width_mm: float | None = None
diff --git a/backend/app/core/config.py b/backend/app/core/config.py
index 143a62fd..ee87bd69 100644
--- a/backend/app/core/config.py
+++ b/backend/app/core/config.py
@@ -53,5 +53,7 @@ def resolve_relative_db_path(cls, v: str) -> str:
     # User-installed plugins directory (auto-detected if empty)
     plugins_dir: str = ""
 
+    manufacturer_logos_dir: str = str(PROJECT_ROOT / "data" / "manufacturer-logos")
+
 
 settings = Settings()
diff --git a/backend/app/main.py b/backend/app/main.py
index e9802097..2f02f440 100644
--- a/backend/app/main.py
+++ b/backend/app/main.py
@@ -48,10 +48,11 @@ def run_migrations() -> None:
     from alembic import command
     from alembic.config import Config
 
-    alembic_cfg = Config("alembic.ini")
+    backend_dir = Path(__file__).resolve().parent.parent
+    alembic_cfg = Config(str(backend_dir / "alembic.ini"))
     alembic_cfg.set_main_option(
         "script_location",
-        str(__import__("pathlib").Path(__file__).resolve().parent.parent / "alembic"),
+        str(backend_dir / "alembic"),
     )
     # Wir muessen hier nichts mehr an der URL drehen, das macht env.py jetzt selbst.
 
diff --git a/backend/app/models/filament.py b/backend/app/models/filament.py
index 59a0e0de..14dfac7b 100644
--- a/backend/app/models/filament.py
+++ b/backend/app/models/filament.py
@@ -1,4 +1,5 @@
 from datetime import datetime
+from pathlib import Path
 from typing import Any
 
 from sqlalchemy import Float, ForeignKey, Integer, String, Text, UniqueConstraint, func
@@ -13,6 +14,7 @@ class Manufacturer(Base, TimestampMixin):
     id: Mapped[int] = mapped_column(Integer, primary_key=True, autoincrement=True)
     name: Mapped[str] = mapped_column(String(255), nullable=False, unique=True, index=True)
     url: Mapped[str | None] = mapped_column(String(500), nullable=True)
+    logo_file_path: Mapped[str | None] = mapped_column(String(500), nullable=True)
     
     empty_spool_weight_g: Mapped[float | None] = mapped_column(Float, nullable=True)
     spool_outer_diameter_mm: Mapped[float | None] = mapped_column(Float, nullable=True)
@@ -23,6 +25,21 @@ class Manufacturer(Base, TimestampMixin):
 
     filaments: Mapped[list["Filament"]] = relationship(back_populates="manufacturer")
 
+    @property
+    def resolved_logo_url(self) -> str | None:
+        if not isinstance(self.logo_file_path, str):
+            return None
+
+        normalized = self.logo_file_path.strip().lstrip("/")
+        if not normalized.startswith("manufacturer-logos/"):
+            return None
+
+        filename = Path(normalized).name
+        if not filename or normalized != f"manufacturer-logos/{filename}":
+            return None
+
+        return f"/api/v1/manufacturers/logo-files/{filename}"
+
 
 class Color(Base, TimestampMixin):
     __tablename__ = "colors"
diff --git a/backend/app/services/manufacturer_logo_service.py b/backend/app/services/manufacturer_logo_service.py
new file mode 100644
index 00000000..79fc7554
--- /dev/null
+++ b/backend/app/services/manufacturer_logo_service.py
@@ -0,0 +1,103 @@
+import re
+import secrets
+from pathlib import Path
+
+from app.core.config import settings
+
+LOGO_PATH_PREFIX = "manufacturer-logos/"
+MAX_LOGO_SIZE_BYTES = 5 * 1024 * 1024
+
+ALLOWED_LOGO_SUFFIXES = {".png", ".jpg", ".jpeg", ".gif", ".webp"}
+CONTENT_TYPE_SUFFIXES = {
+    "image/png": ".png",
+    "image/jpeg": ".jpg",
+    "image/gif": ".gif",
+    "image/webp": ".webp",
+}
+
+
+def get_manufacturer_logos_dir() -> Path:
+    logo_dir = Path(settings.manufacturer_logos_dir)
+    logo_dir.mkdir(parents=True, exist_ok=True)
+    return logo_dir
+
+
+def slugify_manufacturer_name(name: str) -> str:
+    slug = re.sub(r"[^a-z0-9]+", "-", name.lower()).strip("-")
+    return slug or "manufacturer-logo"
+
+
+def sniff_logo_suffix(file_bytes: bytes) -> str | None:
+    if file_bytes.startswith(b"\x89PNG\r\n\x1a\n"):
+        return ".png"
+    if file_bytes.startswith(b"\xff\xd8\xff"):
+        return ".jpg"
+    if file_bytes.startswith((b"GIF87a", b"GIF89a")):
+        return ".gif"
+    if len(file_bytes) >= 12 and file_bytes.startswith(b"RIFF") and file_bytes[8:12] == b"WEBP":
+        return ".webp"
+    return None
+
+
+def determine_logo_suffix(
+    filename: str | None,
+    content_type: str | None,
+    detected_suffix: str | None = None,
+) -> str:
+    if detected_suffix in ALLOWED_LOGO_SUFFIXES:
+        return detected_suffix
+    if filename:
+        suffix = Path(filename).suffix.lower()
+        if suffix in ALLOWED_LOGO_SUFFIXES:
+            return suffix
+    if content_type in CONTENT_TYPE_SUFFIXES:
+        return CONTENT_TYPE_SUFFIXES[content_type]
+    return ".png"
+
+
+def save_manufacturer_logo(
+    *,
+    manufacturer_name: str,
+    file_bytes: bytes,
+    filename: str | None,
+    content_type: str | None,
+    detected_suffix: str | None = None,
+) -> str:
+    logo_dir = get_manufacturer_logos_dir()
+    safe_name = slugify_manufacturer_name(manufacturer_name)
+    suffix = determine_logo_suffix(filename, content_type, detected_suffix)
+    stored_name = f"{safe_name}-{secrets.token_hex(4)}{suffix}"
+    stored_path = logo_dir / stored_name
+    stored_path.write_bytes(file_bytes)
+    return f"{LOGO_PATH_PREFIX}{stored_name}"
+
+
+def validate_stored_logo_path(stored_path: str) -> str:
+    normalized = (stored_path or "").strip().lstrip("/")
+    if not normalized.startswith(LOGO_PATH_PREFIX):
+        raise ValueError(f"Invalid manufacturer logo path: {stored_path!r}")
+
+    filename = Path(normalized).name
+    if not filename or filename in {".", ".."}:
+        raise ValueError(f"Invalid manufacturer logo filename: {stored_path!r}")
+
+    if normalized != f"{LOGO_PATH_PREFIX}{filename}":
+        raise ValueError(f"Unexpected nested manufacturer logo path: {stored_path!r}")
+
+    if Path(filename).suffix.lower() not in ALLOWED_LOGO_SUFFIXES:
+        raise ValueError(f"Unsupported manufacturer logo suffix: {stored_path!r}")
+
+    return filename
+
+
+def resolve_logo_file_path(stored_path: str) -> Path:
+    filename = validate_stored_logo_path(stored_path)
+    return get_manufacturer_logos_dir() / filename
+
+
+def delete_manufacturer_logo(stored_path: str | None) -> None:
+    if not stored_path:
+        return
+    path = resolve_logo_file_path(stored_path)
+    if path.exists():
+        path.unlink()
\ No newline at end of file
diff --git a/backend/tests/test_filaments.py b/backend/tests/test_filaments.py
index ca6f1466..0641f558 100644
--- a/backend/tests/test_filaments.py
+++ b/backend/tests/test_filaments.py
@@ -1,9 +1,21 @@
+from pathlib import Path
+
 import pytest
 from sqlalchemy import select
 
+from app.core.config import settings
 from app.models import Color, Filament, FilamentColor, Manufacturer, Spool, SpoolStatus
 
 
+_MINIMAL_PNG_BYTES = (
+    b"\x89PNG\r\n\x1a\n"
+    b"\x00\x00\x00\rIHDR"
+    b"\x00\x00\x00\x01\x00\x00\x00\x01\x08\x06\x00\x00\x00\x1f\x15\xc4\x89"
+    b"\x00\x00\x00\x0cIDATx\x9cc``\x00\x00\x00\x02\x00\x01\xe2!\xbc3"
+    b"\x00\x00\x00\x00IEND\xaeB`\x82"
+)
+
+
 async def _create_manufacturer(db_session, name: str = "Test Manufacturer", **kwargs) -> Manufacturer:
     manufacturer = Manufacturer(name=name, **kwargs)
     db_session.add(manufacturer)
@@ -223,6 +235,90 @@ async def test_delete_manufacturer_with_filaments_force(self, auth_client, db_se
         spool_result = await db_session.execute(select(Spool).where(Spool.id == spool.id))
         assert spool_result.scalar_one_or_none() is None
 
+    @pytest.mark.asyncio
+    async def test_upload_manufacturer_logo_persists_and_serves_file(self, auth_client, db_session, monkeypatch, tmp_path):
+        client, csrf_token = auth_client
+        manufacturer = await _create_manufacturer(db_session, name="LogoMaker")
+        monkeypatch.setattr(settings, "manufacturer_logos_dir", str(tmp_path))
+
+        response = await client.post(
+            f"/api/v1/manufacturers/{manufacturer.id}/logo",
+            files={"file": ("logo.png", _MINIMAL_PNG_BYTES, "image/png")},
+            headers={"X-CSRF-Token": csrf_token},
+        )
+
+        assert response.status_code == 200
+        data = response.json()
+        assert data["logo_file_path"].startswith("manufacturer-logos/")
+        assert data["resolved_logo_url"].endswith(Path(data["logo_file_path"]).name)
+
+        stored_file = Path(settings.manufacturer_logos_dir) / Path(data["logo_file_path"]).name
+        assert stored_file.exists()
+        assert stored_file.read_bytes() == _MINIMAL_PNG_BYTES
+
+        logo_response = await client.get(data["resolved_logo_url"])
+        assert logo_response.status_code == 200
+        assert logo_response.content == _MINIMAL_PNG_BYTES
+
+    @pytest.mark.asyncio
+    async def test_upload_manufacturer_logo_rejects_invalid_image_bytes(self, auth_client, db_session, monkeypatch, tmp_path):
+        client, csrf_token = auth_client
+        manufacturer = await _create_manufacturer(db_session, name="BadLogoMaker")
+        monkeypatch.setattr(settings, "manufacturer_logos_dir", str(tmp_path))
+
+        response = await client.post(
+            f"/api/v1/manufacturers/{manufacturer.id}/logo",
+            files={"file": ("fake.png", b"not-a-real-image", "image/png")},
+            headers={"X-CSRF-Token": csrf_token},
+        )
+
+        assert response.status_code == 422
+        assert response.json()["detail"]["code"] == "invalid_image"
+
+    @pytest.mark.asyncio
+    async def test_upload_manufacturer_logo_rejects_oversized_files(self, auth_client, db_session, monkeypatch, tmp_path):
+        client, csrf_token = auth_client
+        manufacturer = await _create_manufacturer(db_session, name="HugeLogoMaker")
+        monkeypatch.setattr(settings, "manufacturer_logos_dir", str(tmp_path))
+        oversized_png = _MINIMAL_PNG_BYTES + (b"0" * (5 * 1024 * 1024))
+
+        response = await client.post(
+            f"/api/v1/manufacturers/{manufacturer.id}/logo",
+            files={"file": ("huge.png", oversized_png, "image/png")},
+            headers={"X-CSRF-Token": csrf_token},
+        )
+
+        assert response.status_code == 413
+        assert response.json()["detail"]["code"] == "file_too_large"
+
+    @pytest.mark.asyncio
+    async def test_import_manufacturer_logo_rejects_local_urls(self, auth_client, db_session):
+        client, csrf_token = auth_client
+        manufacturer = await _create_manufacturer(db_session, name="UnsafeImportMaker")
+
+        response = await client.post(
+            f"/api/v1/manufacturers/{manufacturer.id}/logo-from-url",
+            json={"url": "http://localhost/logo.png"},
+            headers={"X-CSRF-Token": csrf_token},
+        )
+
+        assert response.status_code == 422
+        assert response.json()["detail"]["code"] == "unsafe_logo_url"
+
+    @pytest.mark.asyncio
+    async def test_import_manufacturer_logo_rejects_urls_with_credentials(self, auth_client, db_session):
+        client, csrf_token = auth_client
+        manufacturer = await _create_manufacturer(db_session, name="CredentialImportMaker")
+
+        response = await client.post(
+            f"/api/v1/manufacturers/{manufacturer.id}/logo-from-url",
+            json={"url": "https://user:secret@example.com/logo.png"},
+            headers={"X-CSRF-Token": csrf_token},
+        )
+
+        assert response.status_code == 422
+        assert response.json()["detail"]["code"] == "invalid_logo_url"
+
 
 class TestColorCRUD:
     @pytest.mark.asyncio

From 33db9bbc815cd7b5eaef3472d25e0bb86f0c863b Mon Sep 17 00:00:00 2001
From: akira69 <akira69@gmail.com>
Date: Fri, 3 Apr 2026 19:16:03 -0500
Subject: [PATCH 2/3] feat: add manufacturer logo management UI

---
 ...a1e6f4b2d0_add_manufacturer_logo_fields.py |   4 +-
 backend/app/api/v1/schemas_filament.py        |   4 -
 frontend/src/i18n/de.json                     |  18 +
 frontend/src/i18n/en.json                     |  18 +
 frontend/src/lib/api.ts                       |  11 +-
 frontend/src/lib/manufacturer-logo.ts         |  84 ++++
 frontend/src/pages/filaments/[id]/edit.astro  |  24 ++
 frontend/src/pages/manufacturers/index.astro  | 358 +++++++++++++++++-
 frontend/src/pages/spools/[id]/edit.astro     |  27 ++
 9 files changed, 524 insertions(+), 24 deletions(-)
 create mode 100644 frontend/src/lib/manufacturer-logo.ts

diff --git a/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py b/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
index ea215b0a..76e5bce3 100644
--- a/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
+++ b/backend/alembic/versions/c9a1e6f4b2d0_add_manufacturer_logo_fields.py
@@ -21,11 +21,9 @@
 
 def upgrade() -> None:
     with op.batch_alter_table("manufacturers") as batch_op:
-        batch_op.add_column(sa.Column("logo_url", sa.String(length=500), nullable=True))
         batch_op.add_column(sa.Column("logo_file_path", sa.String(length=500), nullable=True))
 
 
 def downgrade() -> None:
     with op.batch_alter_table("manufacturers") as batch_op:
-        batch_op.drop_column("logo_file_path")
-        batch_op.drop_column("logo_url")
\ No newline at end of file
+        batch_op.drop_column("logo_file_path")
\ No newline at end of file
diff --git a/backend/app/api/v1/schemas_filament.py b/backend/app/api/v1/schemas_filament.py
index 4c87e66d..f120b32d 100644
--- a/backend/app/api/v1/schemas_filament.py
+++ b/backend/app/api/v1/schemas_filament.py
@@ -6,7 +6,6 @@
 class ManufacturerCreate(BaseModel):
     name: str
     url: str | None = None
-    logo_url: str | None = None
     empty_spool_weight_g: float | None = None
     spool_outer_diameter_mm: float | None = None
     spool_width_mm: float | None = None
@@ -17,7 +16,6 @@ class ManufacturerCreate(BaseModel):
 class ManufacturerUpdate(BaseModel):
     name: str | None = None
     url: str | None = None
-    logo_url: str | None = None
     empty_spool_weight_g: float | None = None
     spool_outer_diameter_mm: float | None = None
     spool_width_mm: float | None = None
@@ -27,14 +25,12 @@ class ManufacturerUpdate(BaseModel):
 
 class ManufacturerLogoImportRequest(BaseModel):
     url: str | None = None
-    logo_url: str | None = None
 
 
 class ManufacturerResponse(BaseModel):
     id: int
     name: str
     url: str | None
-    logo_url: str | None = None
     logo_file_path: str | None = None
     resolved_logo_url: str | None = None
     empty_spool_weight_g: float | None = None
diff --git a/frontend/src/i18n/de.json b/frontend/src/i18n/de.json
index 84271b21..e4e3ed74 100644
--- a/frontend/src/i18n/de.json
+++ b/frontend/src/i18n/de.json
@@ -540,6 +540,24 @@
     "title": "Hersteller",
     "addManufacturer": "Hersteller hinzufügen",
     "editManufacturer": "Hersteller bearbeiten",
+    "logo": "Logo",
+    "logoSection": "Logo",
+    "uploadLogoFromUrl": "Logo von URL importieren",
+    "logoUrlPlaceholder": "z.B. https://example.com/logo.png",
+    "uploadLogo": "Logo-Datei hochladen",
+    "uploadLogoHelp": "Ein Logo von einer Web-URL importieren oder eine lokale Datei hochladen.",
+    "logoFilePath": "Gespeicherter Dateipfad",
+    "logoPreview": "Logo-Vorschau",
+    "noLogoConfigured": "Kein Logo konfiguriert",
+    "pendingUpload": "Ausstehender Upload: {filename}",
+    "clearLogo": "Logo entfernen",
+    "clearLogoConfirm": "Dieses Logo entfernen? Falls eine lokale Datei gespeichert ist, wird sie ebenfalls gelöscht.",
+    "failedUpload": "Herstellerlogo konnte nicht hochgeladen werden",
+    "failedImportFromUrl": "Herstellerlogo konnte nicht von der URL importiert werden",
+    "failedClearLogo": "Hochgeladenes Logo konnte nicht entfernt werden",
+    "savedWithoutLogo": "Die Herstellerdaten wurden gespeichert, aber der Logo-Schritt ist fehlgeschlagen. Du kannst ihn jetzt erneut versuchen.",
+    "selectedLogoFile": "Ausgewählte Datei: {filename}",
+    "uploadLogoFileButton": "Logo-Datei auswählen",
     "name": "Name",
     "namePlaceholder": "z.B. Bambu Lab",
     "url": "URL",
diff --git a/frontend/src/i18n/en.json b/frontend/src/i18n/en.json
index 9f916e95..2c4e1236 100644
--- a/frontend/src/i18n/en.json
+++ b/frontend/src/i18n/en.json
@@ -538,6 +538,24 @@
     "title": "Manufacturers",
     "addManufacturer": "Add Manufacturer",
     "editManufacturer": "Edit Manufacturer",
+    "logo": "Logo",
+    "logoSection": "Logo",
+    "uploadLogoFromUrl": "Upload logo from URL",
+    "logoUrlPlaceholder": "e.g. https://example.com/logo.png",
+    "uploadLogo": "Upload logo file from disk",
+    "uploadLogoHelp": "Import a logo from a web URL or upload a local file.",
+    "logoFilePath": "Stored file path",
+    "logoPreview": "Logo Preview",
+    "noLogoConfigured": "No logo configured",
+    "pendingUpload": "Pending upload: {filename}",
+    "clearLogo": "Clear Logo",
+    "clearLogoConfirm": "Clear this logo? If a stored local file exists it will also be deleted.",
+    "failedUpload": "Failed to upload manufacturer logo",
+    "failedImportFromUrl": "Failed to import manufacturer logo from URL",
+    "failedClearLogo": "Failed to clear uploaded logo",
+    "savedWithoutLogo": "Manufacturer details were saved, but the logo step failed. You can retry it now.",
+    "selectedLogoFile": "Selected file: {filename}",
+    "uploadLogoFileButton": "Choose logo file",
     "name": "Name",
     "namePlaceholder": "e.g. Bambu Lab",
     "url": "URL",
diff --git a/frontend/src/lib/api.ts b/frontend/src/lib/api.ts
index 6778f016..d87f39a9 100644
--- a/frontend/src/lib/api.ts
+++ b/frontend/src/lib/api.ts
@@ -36,11 +36,15 @@ async function request<T>(path: string, options: RequestInit = {}): Promise<T> {
     url = API_BASE + path
   }
 
+  const isFormDataBody = options.body instanceof FormData
   const headers: Record<string, string> = {
-    'Content-Type': 'application/json',
     ...options.headers as Record<string, string>,
   }
 
+  if (!isFormDataBody && !headers['Content-Type']) {
+    headers['Content-Type'] = 'application/json'
+  }
+
   const csrfToken = getCsrfToken()
   if (csrfToken) {
     headers['X-CSRF-Token'] = csrfToken
@@ -84,6 +88,11 @@ export const api = {
       method: 'PATCH',
       body: body ? JSON.stringify(body) : undefined,
     }),
+  postFormData: <T>(path: string, body: FormData) =>
+    request<T>(path, {
+      method: 'POST',
+      body,
+    }),
   delete: <T>(path: string) => request<T>(path, { method: 'DELETE' }),
 }
 
diff --git a/frontend/src/lib/manufacturer-logo.ts b/frontend/src/lib/manufacturer-logo.ts
new file mode 100644
index 00000000..4f26fcca
--- /dev/null
+++ b/frontend/src/lib/manufacturer-logo.ts
@@ -0,0 +1,84 @@
+export interface ManufacturerLogoLike {
+  name?: string | null
+  logo_file_path?: string | null
+  resolved_logo_url?: string | null
+}
+
+interface RenderManufacturerLogoOptions {
+  size?: number
+  width?: number
+  height?: number
+  borderRadius?: string
+  previewUrl?: string | null
+  tooltipText?: string | null
+  flexibleWidth?: boolean
+  multilineFallback?: boolean
+  withPill?: boolean
+  pillWidth?: number | string
+  pillPadding?: string
+  pillBorderRadius?: string
+  pillJustify?: 'flex-start' | 'center' | 'flex-end'
+}
+
+export function escapeHtml(value: string | number | null | undefined): string {
+  const div = document.createElement('div')
+  div.textContent = value == null ? '' : String(value)
+  return div.innerHTML
+}
+
+export function normalizeOptionalString(value: string | null | undefined): string | null {
+  if (typeof value !== 'string') return null
+  const trimmed = value.trim()
+  return trimmed ? trimmed : null
+}
+
+export function getManufacturerLogoUrl(manufacturer?: ManufacturerLogoLike | null): string | null {
+  return normalizeOptionalString(manufacturer?.resolved_logo_url)
+}
+
+export function renderManufacturerLogo(
+  manufacturer?: ManufacturerLogoLike | null,
+  options: RenderManufacturerLogoOptions = {},
+): string {
+  const size = options.size ?? 40
+  const width = options.width ?? size
+  const height = options.height ?? size
+  const borderRadius = options.borderRadius ?? '10px'
+  const previewUrl = normalizeOptionalString(options.previewUrl)
+  const tooltipText = normalizeOptionalString(options.tooltipText)
+  const flexibleWidth = options.flexibleWidth ?? false
+  const multilineFallback = options.multilineFallback ?? false
+  const withPill = options.withPill ?? false
+  const pillWidth = options.pillWidth
+  const pillPadding = options.pillPadding ?? '4px 10px'
+  const pillBorderRadius = options.pillBorderRadius ?? '8px'
+  const pillJustify = options.pillJustify ?? (multilineFallback ? 'flex-end' : 'center')
+  const imageUrl = previewUrl ?? getManufacturerLogoUrl(manufacturer)
+  const altText = escapeHtml(`${manufacturer?.name || 'Manufacturer'} logo`)
+  const fallbackText = escapeHtml(manufacturer?.name?.trim() || 'Logo')
+  const fallbackFontSize = multilineFallback
+    ? Math.max(11, Math.floor(Math.min(width / 10, height * 0.32)))
+    : Math.max(12, Math.floor(Math.min(width, height) * 0.34))
+  const titleAttr = tooltipText ? ` title="${escapeHtml(tooltipText)}"` : ''
+  const pillWidthStyle = typeof pillWidth === 'number'
+    ? `width: ${pillWidth}px;`
+    : pillWidth
+      ? `width: ${pillWidth};`
+      : ''
+
+  const wrapWithPill = (content: string) => {
+    if (!withPill) return content
+    return `<div${titleAttr} style="display: inline-flex; align-items: center; justify-content: ${pillJustify}; max-width: 100%; ${pillWidthStyle} min-height: ${height + 8}px; padding: ${pillPadding}; border-radius: ${pillBorderRadius}; background: color-mix(in srgb, white 30%, var(--bg-soft) 70%); border: 1px solid color-mix(in srgb, white 22%, var(--border) 78%); box-sizing: border-box;">${content}</div>`
+  }
+
+  if (imageUrl) {
+    const widthStyle = flexibleWidth ? `max-width: ${width}px; width: auto;` : `width: ${width}px;`
+    return wrapWithPill(`<img src="${escapeHtml(imageUrl)}" alt="${altText}"${titleAttr} style="${widthStyle} height: ${height}px; object-fit: contain; border-radius: ${borderRadius}; flex-shrink: 0; min-width: 0;" />`)
+  }
+
+  const fallbackLayout = multilineFallback
+    ? `max-width: ${width}px; width: ${width}px; line-height: 1.05; text-align: right; white-space: normal; display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical;`
+    : `width: ${width}px; white-space: nowrap; text-overflow: ellipsis;`
+
+  return wrapWithPill(`<div aria-hidden="true" style="${fallbackLayout} height: ${height}px; overflow: hidden; color: #111827; font-size: ${fallbackFontSize}px; font-weight: 600; font-family: var(--font-serif); letter-spacing: 0.03em; font-style: italic; flex-shrink: 0; display: flex; align-items: center; justify-content: ${multilineFallback ? 'flex-end' : 'center'};">${fallbackText}</div>`)
+}
\ No newline at end of file
diff --git a/frontend/src/pages/filaments/[id]/edit.astro b/frontend/src/pages/filaments/[id]/edit.astro
index 654e720f..2b8c8ee2 100644
--- a/frontend/src/pages/filaments/[id]/edit.astro
+++ b/frontend/src/pages/filaments/[id]/edit.astro
@@ -42,6 +42,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
             <option value="" data-i18n="filaments.selectManufacturer">Select manufacturer...</option>
           </select>
         </div>
+        <div id="manufacturer-preview" class="fm-card hidden" style="padding: 12px;"></div>
         
         <!-- Designation -->
         <div>
@@ -355,6 +356,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
   <script>
     import { t, initI18n } from '../../../lib/i18n'
     import { fetchAllPages } from '../../../lib/api'
+    import { renderManufacturerLogo } from '../../../lib/manufacturer-logo'
     await initI18n()
 
     const CUSTOM_TYPE_VALUE = '__custom__'
@@ -416,6 +418,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
     const submitBtn = document.getElementById('submit-btn') as HTMLButtonElement
     const typeSelect = document.getElementById('type') as HTMLSelectElement
     const manufacturerSelect = document.getElementById('manufacturer_id') as HTMLSelectElement
+    const manufacturerPreview = document.getElementById('manufacturer-preview') as HTMLDivElement
     const customTypeWrapper = document.getElementById('custom-type-wrapper') as HTMLDivElement
     const customTypeInput = document.getElementById('custom_type') as HTMLInputElement
     const colorGrid = document.getElementById('color-grid') as HTMLDivElement
@@ -583,11 +586,29 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
           option.textContent = m.name || t('common.unknown')
           select.appendChild(option)
         })
+        renderSelectedManufacturerPreview()
       } catch (error) {
         console.error('Failed to load manufacturers:', error)
       }
     }
 
+    function renderSelectedManufacturerPreview() {
+      const selectedId = parseInt(manufacturerSelect.value)
+      const manufacturer = allManufacturers.find((item: any) => item.id === selectedId)
+      if (!manufacturer) {
+        manufacturerPreview.classList.add('hidden')
+        manufacturerPreview.innerHTML = ''
+        return
+      }
+
+      manufacturerPreview.classList.remove('hidden')
+      manufacturerPreview.innerHTML = `
+        <div style="display: flex; align-items: center; min-height: 42px;">
+          ${renderManufacturerLogo(manufacturer, { width: 156, height: 46, borderRadius: '8px', withPill: true, pillPadding: '4px 10px', pillBorderRadius: '8px' })}
+        </div>
+      `
+    }
+
     manufacturerSelect.addEventListener('change', () => {
       const selectedId = parseInt(manufacturerSelect.value)
       
@@ -601,6 +622,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
         matInput.value = ''
         odInput.value = ''
         wInput.value = ''
+        renderSelectedManufacturerPreview()
         return
       }
 
@@ -612,6 +634,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
         odInput.value = mfr.spool_outer_diameter_mm != null ? String(mfr.spool_outer_diameter_mm) : ''
         wInput.value = mfr.spool_width_mm != null ? String(mfr.spool_width_mm) : ''
       }
+      renderSelectedManufacturerPreview()
     })
 
     async function loadTypes(): Promise<void> {
@@ -842,6 +865,7 @@ const backHref = id === 'detail' ? '/filaments' : `/filaments/${id}`
       // Manufacturer
       const mfgSelect = document.getElementById('manufacturer_id') as HTMLSelectElement
       mfgSelect.value = String(f.manufacturer_id)
+      renderSelectedManufacturerPreview()
 
       // Designation
       ;(document.getElementById('designation') as HTMLInputElement).value = f.designation || ''
diff --git a/frontend/src/pages/manufacturers/index.astro b/frontend/src/pages/manufacturers/index.astro
index 4da48391..baadbffc 100644
--- a/frontend/src/pages/manufacturers/index.astro
+++ b/frontend/src/pages/manufacturers/index.astro
@@ -21,6 +21,114 @@ import Layout from '../../layouts/Layout.astro'
       min-width: 200px;
       max-width: 400px;
     }
+    .manufacturer-modal-card {
+      max-height: min(90vh, 920px);
+      overflow-y: auto;
+    }
+    .manufacturer-logo-upload-input {
+      position: absolute;
+      width: 1px;
+      height: 1px;
+      padding: 0;
+      margin: -1px;
+      overflow: hidden;
+      clip: rect(0, 0, 0, 0);
+      white-space: nowrap;
+      border: 0;
+    }
+    .manufacturer-logo-code-input {
+      font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, 'Liberation Mono', 'Courier New', monospace;
+      font-size: 0.8rem;
+      line-height: 1.2;
+      min-height: 0;
+      padding: 10px 14px;
+    }
+    .manufacturer-logo-section-header {
+      display: flex;
+      align-items: flex-start;
+      justify-content: space-between;
+      gap: 16px;
+      margin-bottom: 12px;
+    }
+    .manufacturer-logo-header-preview {
+      display: flex;
+      justify-content: flex-end;
+      align-items: center;
+      min-height: 52px;
+      flex: 1;
+      min-width: 0;
+    }
+    .manufacturer-logo-file-trigger {
+      display: inline-flex;
+      width: auto;
+      justify-content: center;
+      align-items: center;
+      gap: 8px;
+    }
+    .manufacturer-logo-file-column {
+      display: flex;
+      flex-direction: column;
+      align-items: flex-end;
+      justify-self: end;
+      width: max-content;
+      max-width: 100%;
+    }
+    .manufacturer-logo-file-column .fm-label,
+    .manufacturer-logo-file-column .manufacturer-logo-upload-state {
+      width: auto;
+      text-align: left;
+    }
+    .manufacturer-clear-logo-button {
+      display: inline-flex;
+      align-items: center;
+      justify-content: center;
+      gap: 8px;
+      color: #f8d66d;
+      border-color: color-mix(in srgb, #f8d66d 45%, var(--border));
+      background: color-mix(in srgb, #f8d66d 10%, transparent);
+    }
+    .manufacturer-clear-logo-button:hover {
+      background: color-mix(in srgb, #f8d66d 16%, transparent);
+      border-color: color-mix(in srgb, #f8d66d 60%, var(--border));
+    }
+    .manufacturer-logo-upload-state {
+      display: none;
+      font-size: 0.8rem;
+      color: var(--text-muted);
+      margin-top: 4px;
+    }
+    .manufacturers-name-cell {
+      min-width: 180px;
+      width: 22%;
+      white-space: normal;
+      word-break: break-word;
+    }
+    .manufacturers-url-cell,
+    .manufacturers-url-cell a {
+      font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, 'Liberation Mono', 'Courier New', monospace;
+      font-size: 0.82rem;
+      line-height: 1.2;
+    }
+    .manufacturers-url-cell {
+      max-width: 180px;
+      white-space: nowrap;
+      overflow: hidden;
+      text-overflow: ellipsis;
+    }
+    .manufacturers-url-cell a {
+      display: inline-block;
+      max-width: 100%;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      vertical-align: bottom;
+    }
+    .fm-table th.col-logo,
+    .fm-table td.col-logo {
+      width: 180px;
+      min-width: 180px;
+      text-align: left;
+      vertical-align: middle;
+    }
   </style>
   <style is:global>
     .pagination-container { display: flex; justify-content: space-between; align-items: center; }
@@ -65,8 +173,9 @@ import Layout from '../../layouts/Layout.astro'
     <table class="fm-table">
       <thead>
         <tr>
-          <th data-i18n="manufacturers.name" data-sort="name" class="sortable">Name</th>
-          <th data-i18n="manufacturers.url" data-sort="url" class="sortable col-url">URL</th>
+          <th data-i18n="manufacturers.name" data-sort="name" class="sortable manufacturers-name-cell">Name</th>
+          <th data-i18n="manufacturers.logo" class="col-logo" style="width: 180px; min-width: 180px; text-align: left; vertical-align: middle;">Logo</th>
+          <th data-i18n="manufacturers.url" data-sort="url" class="sortable col-url manufacturers-url-cell">URL</th>
           <th data-i18n="manufacturers.filaments" data-sort="filament_count" class="sortable col-filaments">Filaments</th>
           <th data-i18n="manufacturers.spools" data-sort="spool_count" class="sortable col-spools">Spools</th>
           <th data-i18n="manufacturers.materials" data-sort="materials" class="sortable col-materials">Materials</th>
@@ -78,7 +187,7 @@ import Layout from '../../layouts/Layout.astro'
       </thead>
       <tbody id="manufacturers-table">
         <tr>
-          <td colspan="9" style="text-align: center; color: var(--text-muted); padding: 24px;" data-i18n="common.loading">Loading...</td>
+          <td colspan="10" style="text-align: center; color: var(--text-muted); padding: 24px;" data-i18n="common.loading">Loading...</td>
         </tr>
       </tbody>
     </table>
@@ -87,8 +196,8 @@ import Layout from '../../layouts/Layout.astro'
   <div class="pagination-container" id="pagination" style="margin-top: 16px;"></div>
 
   <!-- Modal -->
-  <div id="modal-container" style="display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.5); align-items: center; justify-content: center; z-index: 50;">
-    <div class="fm-card" style="width: 100%; max-width: 480px; margin: 16px;">
+  <div id="modal-container" style="display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.5); align-items: center; justify-content: center; z-index: 50; overflow-y: auto; padding: 24px 16px; overscroll-behavior: contain;">
+    <div class="fm-card manufacturer-modal-card" style="width: 100%; max-width: 640px; margin: auto;">
       <h3 id="modal-title" style="font-size: 1.1rem; font-weight: 600; margin-bottom: 16px;" data-i18n="manufacturers.addManufacturer">Add Manufacturer</h3>
       <form id="modal-form" style="display: grid; gap: 16px;">
         <input type="hidden" id="manufacturer-id" />
@@ -117,7 +226,7 @@ import Layout from '../../layouts/Layout.astro'
             placeholder="e.g. https://bambulab.com"
           />
         </div>
-        
+
         <!-- Spool Defaults -->
         <div class="fm-card" style="padding: 16px; margin-top: 8px;">
           <h3 class="fm-label" style="font-size: 1rem; margin-bottom: 16px; margin-top: 0; color: var(--text);">Spool Defaults</h3>
@@ -171,6 +280,53 @@ import Layout from '../../layouts/Layout.astro'
             </div>
           </div>
         </div>
+
+        <div class="fm-card" style="padding: 16px; margin-top: 8px;">
+          <div class="manufacturer-logo-section-header">
+            <h3 class="fm-label" style="font-size: 1rem; margin: 0; color: var(--text);" data-i18n="manufacturers.logoSection">Logo</h3>
+            <div id="manufacturer-logo-preview" class="manufacturer-logo-header-preview"></div>
+          </div>
+          <div style="display: grid; grid-template-columns: minmax(0, 1fr) max-content; gap: 12px; align-items: start;">
+            <div>
+              <label for="manufacturer-logo-url" class="fm-label" data-i18n="manufacturers.uploadLogoFromUrl">Upload logo from URL</label>
+              <input
+                type="url"
+                id="manufacturer-logo-url"
+                class="fm-input manufacturer-logo-code-input"
+                data-i18n-placeholder="manufacturers.logoUrlPlaceholder"
+                placeholder="e.g. https://example.com/logo.png"
+              />
+            </div>
+            <div class="manufacturer-logo-file-column">
+              <label class="fm-label" data-i18n="manufacturers.uploadLogo">Upload logo file from disk</label>
+              <input type="file" id="manufacturer-logo-file" accept="image/*" class="manufacturer-logo-upload-input" />
+              <button type="button" id="manufacturer-logo-file-trigger" class="fm-btn fm-btn-outline manufacturer-logo-file-trigger">
+                <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true">
+                  <path d="M12 3v12"/>
+                  <path d="m17 8-5-5-5 5"/>
+                  <path d="M21 15v4a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2v-4"/>
+                </svg>
+                <span data-i18n="manufacturers.uploadLogoFileButton">Choose logo file</span>
+              </button>
+              <div id="manufacturer-logo-upload-state" class="manufacturer-logo-upload-state"></div>
+            </div>
+          </div>
+          <div style="display: grid; grid-template-columns: 1fr auto; gap: 12px; align-items: end; margin-top: 2px;">
+            <div>
+              <label for="manufacturer-logo-file-path" class="fm-label" data-i18n="manufacturers.logoFilePath">Stored file path</label>
+              <input type="text" id="manufacturer-logo-file-path" class="fm-input manufacturer-logo-code-input" readonly />
+            </div>
+            <button type="button" id="manufacturer-clear-logo" class="fm-btn fm-btn-outline manufacturer-clear-logo-button">
+              <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true">
+                <path d="m7 21 9.4-9.4c.5-.5.5-1.3 0-1.8L14.2 7.6c-.5-.5-1.3-.5-1.8 0L3 17"/>
+                <path d="m18 13 3-3a1.7 1.7 0 0 0 0-2.4l-4.6-4.6a1.7 1.7 0 0 0-2.4 0l-3 3"/>
+                <path d="M8 22h12"/>
+                <path d="m5 16 7 7"/>
+              </svg>
+              <span data-i18n="manufacturers.clearLogo">Clear Logo</span>
+            </button>
+          </div>
+        </div>
         
         <div id="modal-error" class="fm-alert-error hidden"></div>
         <div style="display: flex; gap: 12px;">
@@ -187,7 +343,7 @@ import Layout from '../../layouts/Layout.astro'
 
   <!-- Info Modal -->
   <div id="info-modal-container" style="display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.5); align-items: center; justify-content: center; z-index: 50;">
-    <div class="fm-card" style="width: 100%; max-width: 480px; margin: 16px;">
+    <div class="fm-card" style="width: 100%; max-width: 720px; margin: 16px;">
       <h3 id="info-modal-title" style="font-size: 1.1rem; font-weight: 600; margin-bottom: 16px;">Manufacturer Details</h3>
       <div id="info-modal-content" style="display: grid; gap: 12px;">
         <!-- Filled via JS -->
@@ -202,9 +358,10 @@ import Layout from '../../layouts/Layout.astro'
 
   <script>
     import { t, initI18n } from '../../lib/i18n'
-    import { fetchAllPages } from '../../lib/api'
+    import { api, fetchAllPages } from '../../lib/api'
     import { formatPrice, getCurrency, initCurrency } from '../../lib/format'
     import { initColumnPicker, type ColumnGroup } from '../../lib/column-picker'
+    import { normalizeOptionalString, renderManufacturerLogo } from '../../lib/manufacturer-logo'
     await initI18n()
     await initCurrency()
 
@@ -233,6 +390,9 @@ import Layout from '../../layouts/Layout.astro'
     })()
     let currentPage = 1
     let isInitialLoad = true
+    let pendingLogoFile: File | null = null
+    let pendingLogoPreviewUrl: string | null = null
+    let shouldClearLogo = false
 
     // Restore page from localStorage
     try {
@@ -359,7 +519,7 @@ import Layout from '../../layouts/Layout.astro'
         console.error('Failed to load manufacturers:', error)
         document.getElementById('manufacturers-table')!.innerHTML = `
           <tr>
-            <td colspan="9" style="text-align: center; color: var(--error-text); padding: 24px;">${t('manufacturers.failedLoad')}</td>
+            <td colspan="10" style="text-align: center; color: var(--error-text); padding: 24px;">${t('manufacturers.failedLoad')}</td>
           </tr>
         `
       }
@@ -477,7 +637,7 @@ import Layout from '../../layouts/Layout.astro'
         const hasFilters = search || material
         tbody.innerHTML = `
           <tr>
-            <td colspan="9" style="text-align: center; color: var(--text-muted); padding: 24px;">
+            <td colspan="10" style="text-align: center; color: var(--text-muted); padding: 24px;">
               ${hasFilters ? t('manufacturers.noResults') : t('manufacturers.noManufacturers')}
             </td>
           </tr>
@@ -493,8 +653,20 @@ import Layout from '../../layouts/Layout.astro'
       // Note: escapeHtml() is used for all user-supplied data; URLs use escapeHtml for both href and text
       tbody.innerHTML = paged.map(mf => `
         <tr style="cursor: pointer;" class="manufacturer-row" data-mf='${escapeHtml(JSON.stringify(mf))}'>
-          <td style="font-weight: 500;">${escapeHtml(mf.name)}</td>
-          <td class="col-url">${mf.url ? `<a href="${escapeHtml(mf.url)}" target="_blank" rel="noopener" class="stop-prop" style="color: var(--accent); text-decoration: none;">${escapeHtml(mf.url)}</a>` : '<span style="color: var(--text-muted);">-</span>'}</td>
+          <td class="manufacturers-name-cell" style="font-weight: 500;">${escapeHtml(mf.name)}</td>
+          <td class="col-logo" style="width: 180px; min-width: 180px; text-align: left; vertical-align: middle;"><div style="width: 100%; display: flex; align-items: center; justify-content: flex-start;">${renderManufacturerLogo(mf, {
+            width: 132,
+            height: 36,
+            tooltipText: mf.logo_file_path || t('manufacturers.noLogoConfigured'),
+            flexibleWidth: true,
+            multilineFallback: true,
+            withPill: true,
+            pillWidth: 156,
+            pillPadding: '4px 10px',
+            pillBorderRadius: '8px',
+            pillJustify: 'flex-start',
+          })}</div></td>
+          <td class="col-url manufacturers-url-cell">${mf.url ? `<a href="${escapeHtml(mf.url)}" target="_blank" rel="noopener" class="stop-prop" style="color: var(--accent); text-decoration: none;">${escapeHtml(mf.url)}</a>` : '<span style="color: var(--text-muted);">-</span>'}</td>
           <td class="col-filaments"><a href="/filaments?manufacturer_id=${mf.id}" class="stop-prop" style="color: var(--accent); text-decoration: none; font-weight: 500;">${mf.filament_count || 0}</a></td>
           <td class="col-spools"><a href="/spools?manufacturer_id=${mf.id}" class="stop-prop" style="color: var(--accent); text-decoration: none; font-weight: 500;">${mf.spool_count || 0}</a></td>
           <td class="col-materials">${mf.materials && mf.materials.length > 0 ? mf.materials.map(m => escapeHtml(m)).join(', ') : '<span style="color: var(--text-muted);">-</span>'}</td>
@@ -578,6 +750,68 @@ import Layout from '../../layouts/Layout.astro'
       renderPagination(sorted.length, currentPage)
     }
 
+    function resetPendingLogoPreviewUrl() {
+      if (pendingLogoPreviewUrl) {
+        URL.revokeObjectURL(pendingLogoPreviewUrl)
+      }
+      pendingLogoPreviewUrl = null
+    }
+
+    function getModalLogoState() {
+      const name = (document.getElementById('manufacturer-name') as HTMLInputElement).value.trim()
+      const filePathInput = document.getElementById('manufacturer-logo-file-path') as HTMLInputElement
+      const preview = document.getElementById('manufacturer-logo-preview') as HTMLDivElement
+      const currentPath = shouldClearLogo ? null : normalizeOptionalString(filePathInput.dataset.currentPath)
+      const currentResolvedUrl = shouldClearLogo ? null : normalizeOptionalString(preview.dataset.resolvedUrl)
+      return {
+        name,
+        logo_file_path: currentPath,
+        resolved_logo_url: currentResolvedUrl,
+      }
+    }
+
+    function renderModalLogoPreview() {
+      const preview = document.getElementById('manufacturer-logo-preview') as HTMLDivElement
+      const uploadState = document.getElementById('manufacturer-logo-upload-state') as HTMLDivElement
+      const logoState = getModalLogoState()
+      const typedLogoUrl = normalizeOptionalString((document.getElementById('manufacturer-logo-url') as HTMLInputElement).value)
+
+      uploadState.textContent = pendingLogoFile
+        ? t('manufacturers.selectedLogoFile', { filename: pendingLogoFile.name })
+        : ''
+      uploadState.style.display = pendingLogoFile ? 'block' : 'none'
+
+      preview.innerHTML = renderManufacturerLogo(logoState, {
+        width: 240,
+        height: 52,
+        previewUrl: pendingLogoPreviewUrl || typedLogoUrl,
+        tooltipText: logoState.logo_file_path || null,
+        flexibleWidth: true,
+        multilineFallback: true,
+        withPill: true,
+        pillPadding: '4px 10px',
+        pillBorderRadius: '8px',
+      })
+    }
+
+    function applyModalManufacturerState(mf: any = null) {
+      const logoUrlInput = document.getElementById('manufacturer-logo-url') as HTMLInputElement
+      const logoFileInput = document.getElementById('manufacturer-logo-file') as HTMLInputElement
+      const logoFilePathInput = document.getElementById('manufacturer-logo-file-path') as HTMLInputElement
+      const logoPreview = document.getElementById('manufacturer-logo-preview') as HTMLDivElement
+
+      resetPendingLogoPreviewUrl()
+      pendingLogoFile = null
+      shouldClearLogo = false
+
+      logoUrlInput.value = ''
+      logoFileInput.value = ''
+      logoFilePathInput.value = mf?.logo_file_path || ''
+      logoFilePathInput.dataset.currentPath = mf?.logo_file_path || ''
+      logoPreview.dataset.resolvedUrl = mf?.resolved_logo_url || ''
+      renderModalLogoPreview()
+    }
+
     function openModal(mf: any = null) {
       const container = document.getElementById('modal-container')!
       const title = document.getElementById('modal-title')!
@@ -608,14 +842,18 @@ import Layout from '../../layouts/Layout.astro'
         widthInput.value = '65'
       }
       
+      applyModalManufacturerState(mf)
       error.classList.add('hidden')
 
       container.style.display = 'flex'
+      document.body.style.overflow = 'hidden'
       nameInput.focus()
     }
 
     function closeModal() {
+      resetPendingLogoPreviewUrl()
       document.getElementById('modal-container')!.style.display = 'none'
+      document.body.style.overflow = ''
     }
 
     function openInfoModal(mf: any) {
@@ -626,6 +864,9 @@ import Layout from '../../layouts/Layout.astro'
       title.textContent = mf.name
 
       content.innerHTML = `
+        <div style="display: flex; align-items: center; margin-bottom: 12px; min-height: 52px;">
+          ${renderManufacturerLogo(mf, { width: 188, height: 52, tooltipText: mf.logo_file_path || t('manufacturers.noLogoConfigured'), withPill: true, pillPadding: '4px 10px', pillBorderRadius: '8px' })}
+        </div>
         <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 16px;">
           <div class="fm-card" style="padding: 12px; background: var(--bg-soft);">
             <div style="font-size: 0.75rem; color: var(--text-muted);">${t('manufacturers.filaments')}</div>
@@ -669,6 +910,45 @@ import Layout from '../../layouts/Layout.astro'
     document.getElementById('btn-new')?.addEventListener('click', () => openModal())
     document.getElementById('modal-cancel')?.addEventListener('click', closeModal)
     document.getElementById('info-modal-close')?.addEventListener('click', closeInfoModal)
+    document.getElementById('manufacturer-name')?.addEventListener('input', renderModalLogoPreview)
+    document.getElementById('manufacturer-logo-url')?.addEventListener('input', renderModalLogoPreview)
+    document.getElementById('manufacturer-logo-file-trigger')?.addEventListener('click', () => {
+      ;(document.getElementById('manufacturer-logo-file') as HTMLInputElement).click()
+    })
+    document.getElementById('manufacturer-logo-url')?.addEventListener('keydown', (e) => {
+      if (e.key === 'Enter') {
+        e.preventDefault()
+        renderModalLogoPreview()
+      }
+    })
+    document.getElementById('manufacturer-clear-logo')?.addEventListener('click', async () => {
+      const hasStoredLogo = !!normalizeOptionalString((document.getElementById('manufacturer-logo-file-path') as HTMLInputElement).dataset.currentPath)
+      if (hasStoredLogo) {
+        const shouldProceed = await (window as any).__fmConfirm(t('manufacturers.clearLogoConfirm'))
+        if (!shouldProceed) return
+      }
+      shouldClearLogo = true
+      pendingLogoFile = null
+      resetPendingLogoPreviewUrl()
+      ;(document.getElementById('manufacturer-logo-file') as HTMLInputElement).value = ''
+      ;(document.getElementById('manufacturer-logo-url') as HTMLInputElement).value = ''
+      const logoFilePathInput = document.getElementById('manufacturer-logo-file-path') as HTMLInputElement
+      const logoPreview = document.getElementById('manufacturer-logo-preview') as HTMLDivElement
+      logoFilePathInput.value = ''
+      logoFilePathInput.dataset.currentPath = ''
+      logoPreview.dataset.resolvedUrl = ''
+      renderModalLogoPreview()
+    })
+    document.getElementById('manufacturer-logo-file')?.addEventListener('change', (e) => {
+      const input = e.currentTarget as HTMLInputElement
+      pendingLogoFile = input.files?.[0] || null
+      resetPendingLogoPreviewUrl()
+      if (pendingLogoFile) {
+        shouldClearLogo = false
+        pendingLogoPreviewUrl = URL.createObjectURL(pendingLogoFile)
+      }
+      renderModalLogoPreview()
+    })
 
     // Close modals on backdrop click
     document.getElementById('modal-container')?.addEventListener('click', (e) => {
@@ -692,6 +972,7 @@ import Layout from '../../layouts/Layout.astro'
       const id = (document.getElementById('manufacturer-id') as HTMLInputElement).value
       const name = (document.getElementById('manufacturer-name') as HTMLInputElement).value
       const url = (document.getElementById('manufacturer-url') as HTMLInputElement).value || null
+      const logoUrl = normalizeOptionalString((document.getElementById('manufacturer-logo-url') as HTMLInputElement).value)
       const emptyWeight = (document.getElementById('manufacturer-empty-weight') as HTMLInputElement).value
       const material = (document.getElementById('manufacturer-material') as HTMLSelectElement).value || null
       const outerDiameter = (document.getElementById('manufacturer-outer-diameter') as HTMLInputElement).value
@@ -712,11 +993,14 @@ import Layout from '../../layouts/Layout.astro'
       submitBtn.disabled = true
       submitBtn.textContent = t('common.saving')
 
+      let savedManufacturer: any = null
+      let manufacturerSaved = false
+
       try {
         const apiUrl = id ? `/api/v1/manufacturers/${id}` : '/api/v1/manufacturers'
         const method = id ? 'PATCH' : 'POST'
 
-        const response = await fetch(apiUrl, {
+        let response = await fetch(apiUrl, {
           method,
           headers: {
             'Content-Type': 'application/json',
@@ -731,10 +1015,51 @@ import Layout from '../../layouts/Layout.astro'
           throw new Error(errorData.detail?.message || errorData.message || t('manufacturers.failedSave'))
         }
 
+        savedManufacturer = await response.json()
+        manufacturerSaved = true
+        ;(document.getElementById('manufacturer-id') as HTMLInputElement).value = String(savedManufacturer.id)
+        ;(document.getElementById('manufacturer-logo-file-path') as HTMLInputElement).value = savedManufacturer.logo_file_path || ''
+        ;(document.getElementById('manufacturer-logo-file-path') as HTMLInputElement).dataset.currentPath = savedManufacturer.logo_file_path || ''
+        ;(document.getElementById('manufacturer-logo-preview') as HTMLDivElement).dataset.resolvedUrl = savedManufacturer.resolved_logo_url || ''
+
+        if (shouldClearLogo && !pendingLogoFile && !logoUrl && savedManufacturer.logo_file_path) {
+          try {
+            savedManufacturer = await api.delete(`/manufacturers/${savedManufacturer.id}/logo`)
+          } catch (clearError: any) {
+            throw new Error(clearError.message || t('manufacturers.failedClearLogo'))
+          }
+        }
+
+        if (pendingLogoFile) {
+          try {
+            const formData = new FormData()
+            formData.append('file', pendingLogoFile)
+            savedManufacturer = await api.postFormData(`/manufacturers/${savedManufacturer.id}/logo`, formData)
+          } catch (uploadError: any) {
+            throw new Error(uploadError.message || t('manufacturers.failedUpload'))
+          }
+        } else if (logoUrl) {
+          try {
+            savedManufacturer = await api.post(`/manufacturers/${savedManufacturer.id}/logo-from-url`, { url: logoUrl })
+          } catch (importError: any) {
+            throw new Error(importError.message || t('manufacturers.failedImportFromUrl'))
+          }
+        }
+
+        applyModalManufacturerState(savedManufacturer)
+
         closeModal()
-        loadManufacturers()
+        await loadManufacturers()
       } catch (err: any) {
-        error.textContent = err.message
+        if (savedManufacturer) {
+          applyModalManufacturerState(savedManufacturer)
+          await loadManufacturers()
+        }
+
+        const errorMessage = err?.message || t('manufacturers.failedSave')
+        error.textContent = manufacturerSaved
+          ? `${t('manufacturers.savedWithoutLogo')} ${errorMessage}`.trim()
+          : errorMessage
         error.classList.remove('hidden')
       } finally {
         submitBtn.disabled = false
@@ -762,6 +1087,7 @@ import Layout from '../../layouts/Layout.astro'
       {
         heading: t('common.columnsStandard'),
         columns: [
+          { key: 'logo', label: t('manufacturers.logo') },
           { key: 'url', label: t('manufacturers.url') },
           { key: 'filaments', label: t('manufacturers.filaments') },
           { key: 'spools', label: t('manufacturers.spools') },
@@ -779,7 +1105,7 @@ import Layout from '../../layouts/Layout.astro'
     ]
     initColumnPicker({
       storageKey: 'filaman-columns-manufacturers',
-      defaultVisible: ['url', 'filaments', 'spools', 'materials'],
+      defaultVisible: ['logo', 'url', 'filaments', 'spools', 'materials'],
       groups: mfrColumnGroups,
       btnId: 'btn-columns',
       dropdownId: 'columns-dropdown',
diff --git a/frontend/src/pages/spools/[id]/edit.astro b/frontend/src/pages/spools/[id]/edit.astro
index 3716cabe..aed38e4d 100644
--- a/frontend/src/pages/spools/[id]/edit.astro
+++ b/frontend/src/pages/spools/[id]/edit.astro
@@ -42,6 +42,7 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
           <option value="" data-i18n="spools.selectFilament">Select filament...</option>
         </select>
       </div>
+      <div id="filament-manufacturer-preview" class="fm-card hidden" style="padding: 12px;"></div>
 
       <!-- Status -->
       <div>
@@ -257,6 +258,7 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
   <script>
     import { t, initI18n } from '../../../lib/i18n'
     import { fetchAllPages } from '../../../lib/api'
+    import { renderManufacturerLogo } from '../../../lib/manufacturer-logo'
     await initI18n()
 
     const pathParts = window.location.pathname.split('/').filter(Boolean)
@@ -286,6 +288,7 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
     const customFieldsContainer = document.getElementById('custom-fields-container')
     const btnAddField = document.getElementById('btn-add-field')
     let customFields = []
+    const filamentManufacturerPreview = document.getElementById('filament-manufacturer-preview') as HTMLDivElement
 
     function flattenObject(obj, prefix = '', res = {}) {
       for (const key in obj) {
@@ -404,6 +407,28 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
       } else {
         priceInput.value = ''
       }
+
+      renderSelectedFilamentManufacturerPreview(filament)
+    }
+
+    function renderSelectedFilamentManufacturerPreview(filament?: any) {
+      if (!filament?.manufacturer) {
+        filamentManufacturerPreview.classList.add('hidden')
+        filamentManufacturerPreview.innerHTML = ''
+        return
+      }
+
+      filamentManufacturerPreview.classList.remove('hidden')
+      filamentManufacturerPreview.innerHTML = `
+        <div style="display: flex; align-items: center; gap: 12px;">
+          ${renderManufacturerLogo(filament.manufacturer, { width: 132, height: 42, borderRadius: '8px', withPill: true, pillPadding: '4px 10px', pillBorderRadius: '8px' })}
+          <div style="min-width: 0;">
+            <div style="font-size: 0.78rem; color: var(--text-muted);">${escapeHtml(t('manufacturers.logo'))}</div>
+            <div style="font-size: 0.95rem; font-weight: 600; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">${escapeHtml(filament.manufacturer.name || t('common.unknown'))}</div>
+            <div style="font-size: 0.8rem; color: var(--text-muted); white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">${escapeHtml(filament.manufacturer.logo_file_path || t('manufacturers.noLogoConfigured'))}</div>
+          </div>
+        </div>
+      `
     }
 
     document.getElementById('filament_id').addEventListener('change', (e) => {
@@ -417,6 +442,7 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
         (document.getElementById('spool_outer_diameter_mm') as HTMLInputElement).value = '';
         (document.getElementById('spool_width_mm') as HTMLInputElement).value = '';
         (document.getElementById('purchase_price') as HTMLInputElement).value = '';
+        renderSelectedFilamentManufacturerPreview()
       }
     })
 
@@ -582,6 +608,7 @@ const backHref = id === 'detail' ? '/spools' : `/spools/${id}`
         renderSystemFields({})
       }
       renderCustomFields()
+      renderSelectedFilamentManufacturerPreview(s.filament)
     }
 
     const form = document.getElementById('spool-form')

From ea501ffaff543d13db79408ee6f1c26c01699fdf Mon Sep 17 00:00:00 2001
From: akira69 <akira69@gmail.com>
Date: Fri, 3 Apr 2026 19:16:07 -0500
Subject: [PATCH 3/3] feat: polish filament and spool hero cards

---
 frontend/src/layouts/Layout.astro             | 30 ++++++--
 frontend/src/pages/filaments/[id]/index.astro | 26 +++++--
 frontend/src/pages/spools/[id]/index.astro    | 74 ++++++++++++++-----
 3 files changed, 101 insertions(+), 29 deletions(-)

diff --git a/frontend/src/layouts/Layout.astro b/frontend/src/layouts/Layout.astro
index 6e9688d3..65d19d0a 100644
--- a/frontend/src/layouts/Layout.astro
+++ b/frontend/src/layouts/Layout.astro
@@ -31,7 +31,8 @@ const { title } = Astro.props
         // Sidebar state
         var s = localStorage.getItem('sidebar-collapsed');
         var isMobile = window.innerWidth <= 768;
-        if (s === 'true' || isMobile) {
+        var isCompactDesktop = window.innerWidth <= 1280;
+        if (s === 'true' || isMobile || isCompactDesktop) {
           document.documentElement.classList.add('sidebar-collapsed');
         }
       })();
@@ -423,7 +424,14 @@ const { title } = Astro.props
         page.classList.add('collapsed')
       }
 
-      function setSidebarCollapsed(collapsed: boolean) {
+      const mobileMediaQuery = window.matchMedia('(max-width: 768px)')
+      const compactSidebarMediaQuery = window.matchMedia('(max-width: 1280px)')
+
+      function getStoredDesktopSidebarState() {
+        return localStorage.getItem('sidebar-collapsed') === 'true'
+      }
+
+      function setSidebarCollapsed(collapsed: boolean, persist = true) {
         if (collapsed) {
           page.classList.add('collapsed')
           html.classList.add('sidebar-collapsed')
@@ -431,18 +439,30 @@ const { title } = Astro.props
           page.classList.remove('collapsed')
           html.classList.remove('sidebar-collapsed')
         }
-        // Only persist sidebar state on desktop
-        if (window.innerWidth > 768) {
+        // Only persist user sidebar state on wide desktop layouts
+        if (persist && window.innerWidth > 1280) {
           localStorage.setItem('sidebar-collapsed', collapsed ? 'true' : 'false')
         }
       }
 
+      function syncSidebarToViewport() {
+        if (mobileMediaQuery.matches || compactSidebarMediaQuery.matches) {
+          setSidebarCollapsed(true, false)
+          return
+        }
+
+        setSidebarCollapsed(getStoredDesktopSidebarState(), false)
+      }
+
       // Update sidebar state
       sidebarToggle.addEventListener('click', () => {
         const isCollapsed = page.classList.contains('collapsed')
-        setSidebarCollapsed(!isCollapsed)
+        setSidebarCollapsed(!isCollapsed, !compactSidebarMediaQuery.matches)
       })
 
+      mobileMediaQuery.addEventListener('change', syncSidebarToViewport)
+      compactSidebarMediaQuery.addEventListener('change', syncSidebarToViewport)
+
       // Close sidebar on mobile when clicking backdrop
       const sidebarBackdrop = document.getElementById('sidebar-backdrop')!
       sidebarBackdrop.addEventListener('click', () => {
diff --git a/frontend/src/pages/filaments/[id]/index.astro b/frontend/src/pages/filaments/[id]/index.astro
index cdf91b94..5be4ffd1 100644
--- a/frontend/src/pages/filaments/[id]/index.astro
+++ b/frontend/src/pages/filaments/[id]/index.astro
@@ -84,6 +84,7 @@ const { id } = Astro.params
     import { t, initI18n } from '../../../lib/i18n'
     import { fetchAllPages } from '../../../lib/api'
     import { formatPrice, getCurrency, initCurrency } from '../../../lib/format'
+    import { escapeHtml, renderManufacturerLogo } from '../../../lib/manufacturer-logo'
     await initI18n()
     await initCurrency()
 
@@ -164,10 +165,10 @@ const { id } = Astro.params
       return colors.map(fc => {
         const c = fc.color
         if (!c) return ''
-        const label = fc.display_name_override || c.name
+        const hexCode = escapeHtml((c.hex_code || '-').toUpperCase())
         return `<span style="display: inline-flex; align-items: center; gap: 6px; margin-right: 10px;">
-          <span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: ${c.hex_code}; border: 2px solid var(--border); vertical-align: middle;"></span>
-          <span>${label}</span>
+          <span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: ${hexCode}; border: 2px solid var(--border); vertical-align: middle;"></span>
+          <span>${hexCode}</span>
         </span>`
       }).join('')
     }
@@ -180,8 +181,21 @@ const { id } = Astro.params
     }
     
     function renderFilament(f: any) {
+      const manufacturerName = escapeHtml(f.manufacturer?.name || t('filaments.unknownManufacturer'))
+      const manufacturerCard = `
+          <div class="fm-card" style="grid-column: 1 / -1; padding: 12px 18px; display: flex; align-items: center; justify-content: space-between; gap: 18px; min-width: 0; flex-wrap: wrap;">
+            <div style="min-width: 0; flex: 1 1 220px; display: flex; flex-direction: column; gap: 6px;">
+              <div style="font-size: 0.85rem; color: var(--text-muted);">${t('filaments.manufacturer')}</div>
+              <div style="font-size: 1rem; font-weight: 600; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">${manufacturerName}</div>
+            </div>
+            <div style="display: flex; justify-content: flex-end; align-items: center; flex: 1 1 184px; min-width: 160px;">
+              ${renderManufacturerLogo(f.manufacturer, { width: 184, height: 52, borderRadius: '10px', flexibleWidth: true, multilineFallback: true, withPill: true, pillPadding: '4px 10px', pillBorderRadius: '8px' })}
+            </div>
+        </div>
+      `
+
       // Build the secondary info cards grid
-      const cards: string[] = []
+      const cards: string[] = [manufacturerCard]
       cards.push(renderDetailCard(t('filaments.type'), f.material_type))
       if (f.material_subgroup) {
         cards.push(renderDetailCard(t('filaments.materialSubgroup'), f.material_subgroup))
@@ -208,7 +222,6 @@ const { id } = Astro.params
         colorModeDisplay += ` (${styleKey ? t(styleKey) : f.multi_color_style})`
       }
 
-      // Colors section
       const colorsHtml = f.colors && f.colors.length > 0
         ? `<div class="fm-card" style="margin-top: 16px;">
             <div style="font-size: 0.85rem; color: var(--text-muted); margin-bottom: 8px;">
@@ -291,7 +304,6 @@ const { id } = Astro.params
         <div style="display: flex; justify-content: space-between; align-items: flex-start; margin-bottom: 24px;">
           <div>
             <h1 style="font-size: 1.8rem; font-weight: 700; margin: 0; font-family: var(--font-serif);">${f.designation}</h1>
-            <p style="color: var(--text-muted); margin: 4px 0 0;">${f.manufacturer?.name || t('filaments.unknownManufacturer')}</p>
           </div>
           <div style="display: flex; gap: 8px;">
             <a href="/spools/new?filament_id=${f.id}" class="fm-btn fm-btn-primary">
@@ -308,7 +320,7 @@ const { id } = Astro.params
             </button>
           </div>
         </div>
-        
+
         <div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(140px, 1fr)); gap: 16px;">
           ${cards.join('\n')}
         </div>
diff --git a/frontend/src/pages/spools/[id]/index.astro b/frontend/src/pages/spools/[id]/index.astro
index 16a61b47..dccd436a 100644
--- a/frontend/src/pages/spools/[id]/index.astro
+++ b/frontend/src/pages/spools/[id]/index.astro
@@ -166,6 +166,7 @@ const { id } = Astro.params
   <script>
     import { t, initI18n } from '../../../lib/i18n'
     import { fetchAllPages } from '../../../lib/api'
+    import { escapeHtml, renderManufacturerLogo } from '../../../lib/manufacturer-logo'
     await initI18n()
 
     const id = window.location.pathname.split('/').filter(Boolean).pop()!
@@ -302,6 +303,43 @@ const { id } = Astro.params
       const l = locations.find(l => l.id === locationId)
       return l ? l.name : `#${locationId}`
     }
+
+    function isHexColor(value) {
+      return typeof value === 'string' && /^#[0-9a-fA-F]{6}$/.test(value.trim())
+    }
+
+    function hexToRgba(hex, alpha) {
+      const normalized = hex.trim()
+      const r = parseInt(normalized.slice(1, 3), 16)
+      const g = parseInt(normalized.slice(3, 5), 16)
+      const b = parseInt(normalized.slice(5, 7), 16)
+      return `rgba(${r}, ${g}, ${b}, ${alpha})`
+    }
+
+    function buildFilamentCardStyle(filament, fallbackStyle) {
+      const hexes = (filament?.colors || [])
+        .map(fc => fc.color?.hex_code)
+        .filter(isHexColor)
+
+      if (hexes.length === 0) return fallbackStyle
+      if (hexes.length === 1) {
+        const hex = hexes[0]
+        const r = parseInt(hex.slice(1, 3), 16)
+        const g = parseInt(hex.slice(3, 5), 16)
+        const b = parseInt(hex.slice(5, 7), 16)
+        return `background: rgba(${r}, ${g}, ${b}, 0.15); border: 1px solid rgba(${r}, ${g}, ${b}, 0.4);`
+      }
+
+      const direction = filament?.multi_color_style === 'gradient' ? 'to bottom' : 'to right'
+      const segmentSize = 100 / hexes.length
+      const stops = hexes.map((hex, index) => {
+        const start = (index * segmentSize).toFixed(2)
+        const end = ((index + 1) * segmentSize).toFixed(2)
+        return `${hexToRgba(hex, 0.18)} ${start}% ${end}%`
+      }).join(', ')
+
+      return `background-color: color-mix(in srgb, var(--bg-soft) 88%, transparent); background-image: linear-gradient(${direction}, ${stops}); border: 1px solid color-mix(in srgb, ${hexes[0]} 45%, var(--border));`
+    }
     
     function renderSpool() {
       const isLow = spool.remaining_weight_g !== null && 
@@ -312,12 +350,12 @@ const { id } = Astro.params
       let statusStyle = 'background: var(--success-bg); border-color: var(--success-border);'
       if (isEmpty) statusStyle = 'background: var(--error-bg); border-color: var(--error-border);'
       else if (isLow) statusStyle = 'background: rgba(247, 200, 106, 0.15); border: 1px solid rgba(247, 200, 106, 0.4);'
+      const filamentCardStyle = buildFilamentCardStyle(spool.filament, statusStyle)
       
       document.getElementById('spool-content').innerHTML = `
         <div style="display: flex; justify-content: space-between; align-items: flex-start; margin-bottom: 24px; gap: 16px;">
           <div>
             <h1 style="font-size: 1.8rem; font-weight: 700; margin: 0; font-family: var(--font-serif);">${t('spools.spoolId', { id: spool.id })}</h1>
-            <p style="color: var(--text-muted); margin: 4px 0 0;">${t('spools.filament')}: <a href="/filaments/${spool.filament_id}" style="color: var(--accent); text-decoration: none;">${t('spools.filament')} #${spool.filament_id}</a></p>
           </div>
           <div id="printer-slots-inline"></div>
           <div style="display: flex; gap: 8px;">
@@ -329,8 +367,25 @@ const { id } = Astro.params
             <button id="btn-delete" class="fm-btn fm-btn-danger">${t('common.delete')}</button>
           </div>
         </div>
-        
+
         <div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(140px, 1fr)); gap: 16px;">
+          <div class="fm-card" style="grid-column: 1 / -1; padding: 16px 18px; ${filamentCardStyle}; display: flex; align-items: center; gap: 18px; min-width: 0; flex-wrap: wrap;">
+            <div style="display: flex; flex-direction: column; gap: 8px; min-width: 0; flex: 1 1 0;">
+              <div style="font-size: 0.85rem; color: var(--text-muted);">
+                ${t('spools.filament')}: <a href="/filaments/${spool.filament_id}" style="color: var(--accent); text-decoration: none;">${t('spools.filament')} #${spool.filament_id}</a>
+              </div>
+              <div style="display: flex; align-items: flex-start; gap: 12px; min-width: 0;">
+                ${(spool.filament?.colors && spool.filament.colors.length > 0) ? spool.filament.colors.map(fc => `<span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: ${fc.color?.hex_code || 'var(--border)'}; border: 2px solid var(--border); flex-shrink: 0;"></span>`).join('') : '<span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: var(--bg-soft); border: 2px solid var(--border); flex-shrink: 0;"></span>'}
+                <div style="min-width: 0; flex: 1 1 auto;">
+                  <div style="font-size: 0.95rem; font-weight: 600; white-space: normal; overflow-wrap: anywhere; line-height: 1.15;">${spool.filament?.designation || '-'}</div>
+                  <div style="font-size: 0.75rem; color: var(--text-muted); white-space: normal; overflow-wrap: anywhere; line-height: 1.25; margin-top: 4px;">${escapeHtml(spool.filament?.manufacturer?.name || '-')} · ${escapeHtml(spool.filament?.material_type || '-')}</div>
+                </div>
+              </div>
+            </div>
+            <div style="display: flex; justify-content: flex-end; align-items: center; flex: 0 0 auto; margin-left: auto; min-width: 0;">
+              ${renderManufacturerLogo(spool.filament?.manufacturer, { width: 184, height: 52, borderRadius: '10px', flexibleWidth: true, multilineFallback: true, withPill: true, pillPadding: '4px 10px', pillBorderRadius: '8px' })}
+            </div>
+          </div>
           <div class="fm-card">
             <div style="font-size: 0.85rem; color: var(--text-muted);">${t('spools.status')}</div>
             <div style="font-size: 1.1rem; font-weight: 600;">${getStatusLabel(spool.status_id)}</div>
@@ -362,21 +417,6 @@ const { id } = Astro.params
             <div style="font-size: 0.85rem; color: var(--text-muted);">${t('spools.rfidUid')}</div>
             <div style="font-size: 0.9rem; font-weight: 600; font-family: monospace;">${spool.rfid_uid || '-'}</div>
           </div>
-          <div class="fm-card" style="${(() => {
-            const hex = spool.filament?.colors?.[0]?.color?.hex_code;
-            if (!hex) return statusStyle;
-            const r = parseInt(hex.slice(1,3), 16), g = parseInt(hex.slice(3,5), 16), b = parseInt(hex.slice(5,7), 16);
-            return `background: rgba(${r}, ${g}, ${b}, 0.15); border: 1px solid rgba(${r}, ${g}, ${b}, 0.4);`;
-          })()}">
-            <div style="font-size: 0.85rem; color: var(--text-muted);">${t('spools.filament')}</div>
-            <div style="display: flex; align-items: center; gap: 10px;">
-              ${(spool.filament?.colors && spool.filament.colors.length > 0) ? spool.filament.colors.map(fc => `<span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: ${fc.color?.hex_code || 'var(--border)'}; border: 2px solid var(--border); flex-shrink: 0;"></span>`).join('') : '<span style="display: inline-block; width: 22px; height: 22px; border-radius: 50%; background: var(--bg-soft); border: 2px solid var(--border); flex-shrink: 0;"></span>'}
-              <div style="min-width: 0;">
-                <div style="font-size: 0.95rem; font-weight: 600; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">${spool.filament?.designation || '-'}</div>
-                <div style="font-size: 0.75rem; color: var(--text-muted); white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">${spool.filament?.manufacturer?.name || '-'} · ${spool.filament?.material_type || '-'}</div>
-              </div>
-            </div>
-          </div>
         </div>
         
         ${spool.lot_number ? `