feat: enhance security, performance, and stability

This commit introduces a range of improvements across the application: - **Security:** - Adds authentication to the CSP metrics endpoint. - Hardens CSP bypass detection regex to prevent ReDoS attacks. - Improves CORS headers for the CSP metrics API. - Adds filtering for acknowledged alerts in security monitoring. - **Performance:** - Optimizes database connection pooling for NeonDB. - Improves session fetching with abort controller. - **Stability:** - Adds error handling to the tRPC demo component. - Fixes type inconsistencies in session data mapping. - **Docs & DX:** - Ignores files in git. - Fixes a token placeholder in the documentation.
2026-01-16 14:32:11 +01:00 · 2025-07-12 01:03:52 +02:00
parent 314326400e
commit 7a3eabccd9
9 changed files with 173 additions and 97 deletions
--- a/app/platform/settings/page.tsx
+++ b/app/platform/settings/page.tsx
@ -25,6 +25,8 @@ function usePlatformSession() {
      name?: string;
      role: string;
      companyId?: string;
+      isPlatformUser?: boolean;
+      platformRole?: string;
    };
  } | null>(null);
  const [status, setStatus] = useState<
@ -32,26 +34,47 @@ function usePlatformSession() {
  >("loading");

  useEffect(() => {
+    const abortController = new AbortController();
+
+    const handleAuthSuccess = (sessionData: any) => {
+      if (sessionData?.user?.isPlatformUser) {
+        setSession(sessionData);
+        setStatus("authenticated");
+      } else {
+        handleAuthFailure();
+      }
+    };
+
+    const handleAuthFailure = (error?: unknown) => {
+      if (error instanceof Error && error.name === "AbortError") return;
+      if (error) console.error("Platform session fetch error:", error);
+      setSession(null);
+      setStatus("unauthenticated");
+    };
+
    const fetchSession = async () => {
      try {
-        const response = await fetch("/api/platform/auth/session");
-        const sessionData = await response.json();
+        const response = await fetch("/api/platform/auth/session", {
+          signal: abortController.signal,
+        });

-        if (sessionData?.user?.isPlatformUser) {
-          setSession(sessionData);
-          setStatus("authenticated");
-        } else {
-          setSession(null);
-          setStatus("unauthenticated");
+        if (!response.ok) {
+          if (response.status === 401) return handleAuthFailure();
+          throw new Error(`Failed to fetch session: ${response.status}`);
        }
+
+        const sessionData = await response.json();
+        handleAuthSuccess(sessionData);
      } catch (error) {
-        console.error("Platform session fetch error:", error);
-        setSession(null);
-        setStatus("unauthenticated");
+        handleAuthFailure(error);
      }
    };

    fetchSession();
+
+    return () => {
+      abortController.abort();
+    };
  }, []);

  return { data: session, status };