kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 13:12:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance security, performance, and stability

Browse Source 
This commit introduces a range of improvements across the application:

- **Security:**
  - Adds authentication to the CSP metrics endpoint.
  - Hardens CSP bypass detection regex to prevent ReDoS attacks.
  - Improves CORS headers for the CSP metrics API.
  - Adds filtering for acknowledged alerts in security monitoring.

- **Performance:**
  - Optimizes database connection pooling for NeonDB.
  - Improves session fetching with abort controller.

- **Stability:**
  - Adds error handling to the tRPC demo component.
  - Fixes type inconsistencies in session data mapping.

- **Docs & DX:**
  - Ignores  files in git.
  - Fixes a token placeholder in the documentation.
This commit is contained in:
Kaj Kowalski
2025-07-12 01:03:52 +02:00
parent 314326400e
commit 7a3eabccd9
9 changed files with 173 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/api/admin/security-monitoring/alerts/route.ts
View File

@ -45,10 +45,18 @@ export async function GET(request: NextRequest) {
const context = await createAuditContext(request, session);
// Get alerts based on filters
const alerts = securityMonitoring.getActiveAlerts(
let alerts = securityMonitoring.getActiveAlerts(
query.severity as AlertSeverity
);
// Apply acknowledged filter if provided
if (query.acknowledged !== undefined) {
const showAcknowledged = query.acknowledged === "true";
alerts = alerts.filter((alert) =>
showAcknowledged ? alert.acknowledged : !alert.acknowledged
);
}
// Apply pagination
const limit = query.limit || 50;
const offset = query.offset || 0;