denshooter/portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): implement session token creation and verification for enhanced security

Browse Source 
feat(api): require session authentication for admin routes and improve error handling

fix(api): streamline project image generation by fetching data directly from the database

fix(api): optimize project import/export functionality with session validation and improved error handling

fix(api): enhance analytics dashboard and email manager with session token for admin requests

fix(components): improve loading states and dynamic imports for better user experience

chore(security): update Content Security Policy to avoid unsafe-eval in production

chore(deps): update package.json scripts for consistent environment handling in linting and testing
This commit is contained in:
denshooter
2026-01-12 00:27:03 +01:00
parent 9cc03bc475
commit 0349c686fa
25 changed files with 423 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
components/AnalyticsDashboard.tsx
View File

@@ -72,15 +72,16 @@ export function AnalyticsDashboard({ isAuthenticated }: AnalyticsDashboardProps)
try {
setLoading(true);
setError(null);
const sessionToken = sessionStorage.getItem('admin_session_token') || '';
// Add cache-busting parameter to ensure fresh data after reset
const cacheBust = `?nocache=true&t=${Date.now()}`;
const [analyticsRes, performanceRes] = await Promise.all([
fetch(`/api/analytics/dashboard${cacheBust}`, {
headers: { 'x-admin-request': 'true' }
headers: { 'x-admin-request': 'true', 'x-session-token': sessionToken }
}),
fetch(`/api/analytics/performance${cacheBust}`, {
headers: { 'x-admin-request': 'true' }
headers: { 'x-admin-request': 'true', 'x-session-token': sessionToken }
})
]);
@@ -128,11 +129,13 @@ export function AnalyticsDashboard({ isAuthenticated }: AnalyticsDashboardProps)
setResetting(true);
setError(null);
try {
const sessionToken = sessionStorage.getItem('admin_session_token') || '';
const response = await fetch('/api/analytics/reset', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'x-admin-request': 'true'
'x-admin-request': 'true',
'x-session-token': sessionToken
},
body: JSON.stringify({ type: resetType })
});