denshooter/cloudlense
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1c545c93b4f15659de8fdd0093f9bfe5b54e9078
cloudlense/website-monitoring-backend
T
History
Dennis 1c545c93b4 feat: production hardening + smart subpage scanning with layout dedup 
Security:
- Add CRON_SECRET auth to /api/cron/* endpoints
- Add admin role verification to /api/admin/* routes
- Add org membership check to /api/billing/usage
- Add security headers (HSTS, X-Frame-Options, CSP, etc.)
- Add env variable validation at startup
- Add rate limiting to backend API (30 req/min per IP)

Infrastructure:
- Multi-stage Dockerfiles with non-root user + healthchecks
- Updated cron workflow to pass CRON_SECRET header
- Updated .env.example with all optional vars

Smart subpage scanning:
- Crawler now computes template_hash (DOM structure without content)
- Scanner scans ALL unique-layout pages, not just main page
- Pages with same layout (e.g. product pages) scanned only once
- Deduplication by template_hash, fallback to content_hash
- Main page always scanned with high priority
- Re-checks subscription limits before each page scan

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-06 07:44:32 +01:00
..
src
feat: production hardening + smart subpage scanning with layout dedup
2026-03-06 07:44:32 +01:00
.env.example
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
.gitignore
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
.prettierrc
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
Dockerfile
feat: production hardening + smart subpage scanning with layout dedup
2026-03-06 07:44:32 +01:00
eslint.config.mjs
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
jest.config.mjs
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
package-lock.json
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
package.json
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
README.md
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00
tsconfig.json
feat: initialize monorepo with full dev team best practices
2026-03-06 00:05:50 +01:00

README.md

Website Monitoring Backend

Express.js API server that runs Google Lighthouse audits on websites and streams real-time progress via Server-Sent Events.

Tech Stack

  • Runtime: Node.js 18+
  • Framework: Express.js
  • Language: TypeScript
  • Auditing: Google Lighthouse + Chrome Headless
  • Database: PostgreSQL (via pg)

Quick Start

cp .env.example .env
npm install
npm run build
npm start

Scripts

Script Description
npm run build Compile TypeScript to dist/
npm start Run the production server
npm run dev Watch mode for development
npm test Run Jest tests
npm run test:coverage Run tests with coverage report
npm run lint Run ESLint
npm run format Format code with Prettier

API Endpoints

Method Path Description
GET / API info
GET /health Health check
POST /api/lighthouse Start Lighthouse audit (body: { "url": "https://example.com" })
GET /api/lighthouse/status/:id SSE stream for audit progress

Environment Variables

Variable Default Description
PORT 5000 Server port
DATABASE_URL PostgreSQL connection string
CORS_ORIGIN * Allowed CORS origin
CHROME_PATH Path to Chrome binary (Docker)

Docker

docker build -t website-monitoring-backend .
docker run -p 5000:5000 website-monitoring-backend
Reference in New Issue View Git Blame Copy Permalink