fix: comprehensive security and type improvements from PR #20 review

Security Enhancements:
- Implemented proper rate limiting with automatic cleanup for /register and /forgot-password endpoints
- Added memory usage protection with MAX_ENTRIES limit (10000)
- Fixed rate limiter memory leaks by adding cleanup intervals
- Improved IP extraction with x-real-ip and x-client-ip header support

Code Quality Improvements:
- Refactored ProcessingStatusManager from individual functions to class-based architecture
- Maintained backward compatibility with singleton instance pattern
- Fixed TypeScript strict mode violations across the codebase
- Resolved all build errors and type mismatches

UI Component Fixes:
- Removed unused chart components (Charts.tsx, DonutChart.tsx)
- Fixed calendar component type issues by removing unused custom implementations
- Resolved theme provider type imports
- Fixed confetti component default options handling
- Corrected pointer component coordinate type definitions

Type System Improvements:
- Extended NextAuth types to support dual auth systems (regular and platform users)
- Fixed nullable type handling throughout the codebase
- Resolved Prisma JSON field type compatibility issues
- Corrected SessionMessage and ImportRecord interface definitions
- Fixed ES2015 iteration compatibility issues

Database & Performance:
- Updated database pool configuration for Prisma adapter compatibility
- Fixed pagination response structure in user management endpoints
- Improved error handling with proper error class usage

Testing & Build:
- All TypeScript compilation errors resolved
- ESLint warnings remain but no errors
- Build completes successfully with proper static generation

app/api/dashboard/session-filter-options/route.ts

@@ -14,6 +14,8 @@ export async function GET(_request: NextRequest) {
 
   try {
     // Use groupBy for better performance with distinct values
+    // Limit results to prevent unbounded queries
+    const MAX_FILTER_OPTIONS = 1000;
     const [categoryGroups, languageGroups] = await Promise.all([
       prisma.session.groupBy({
         by: ["category"],
@@ -24,6 +26,7 @@ export async function GET(_request: NextRequest) {
         orderBy: {
           category: "asc",
         },
+        take: MAX_FILTER_OPTIONS,
       }),
       prisma.session.groupBy({
         by: ["language"],
@@ -34,6 +37,7 @@ export async function GET(_request: NextRequest) {
         orderBy: {
           language: "asc",
         },
+        take: MAX_FILTER_OPTIONS,
       }),
     ]);
 

app/api/dashboard/sessions/route.ts

@@ -1,4 +1,4 @@
-import type { Prisma } from "@prisma/client";
+import { SessionCategory, type Prisma } from "@prisma/client";
 import { type NextRequest, NextResponse } from "next/server";
 import { getServerSession } from "next-auth/next";
 import { authOptions } from "../../../../lib/auth";
@@ -44,7 +44,7 @@ export async function GET(request: NextRequest) {
     // Category Filter
     if (category && category.trim() !== "") {
       // Cast to SessionCategory enum if it's a valid value
-      whereClause.category = category;
+      whereClause.category = category as SessionCategory;
     }
 
     // Language Filter

app/api/dashboard/users/route.ts

@@ -27,6 +27,8 @@ export async function GET(_request: NextRequest) {
 
   const users = await prisma.user.findMany({
     where: { companyId: user.companyId },
+    take: 1000, // Limit to prevent unbounded queries
+    orderBy: { createdAt: "desc" },
   });
 
   const mappedUsers: UserBasicInfo[] = users.map((u) => ({