feat(api): require session authentication for admin routes and improve error handling
fix(api): streamline project image generation by fetching data directly from the database
fix(api): optimize project import/export functionality with session validation and improved error handling
fix(api): enhance analytics dashboard and email manager with session token for admin requests
fix(components): improve loading states and dynamic imports for better user experience
chore(security): update Content Security Policy to avoid unsafe-eval in production
chore(deps): update package.json scripts for consistent environment handling in linting and testing
- Integrate real page view data from the database for accurate analytics.
- Implement cache-busting for fresh data retrieval in analytics dashboard.
- Calculate and display bounce rate, average session duration, and unique users.
- Refactor performance metrics to ensure only real data is considered.
- Improve user experience with toast notifications for success and error messages.
- Update project editor with undo/redo functionality and enhanced content management.
✅ Updated Middleware Logic:
- Enhanced admin route protection with Basic Auth for legacy routes and session-based auth for `/manage` and `/editor`.
✅ Improved Admin Panel Styles:
- Added glassmorphism styles for admin components to enhance UI aesthetics.
✅ Refined Rate Limiting:
- Adjusted rate limits for admin dashboard requests to allow more generous access.
✅ Introduced Analytics Reset API:
- Added a new endpoint for resetting analytics data with rate limiting and admin authentication.
🎯 Overall Improvements:
- Strengthened security and user experience for admin functionalities.
- Enhanced visual design for better usability.
- Streamlined analytics management processes.
✅ Updated Admin Dashboard URL:
- Changed the Admin Dashboard access path from `/admin` to `/manage` in multiple files for consistency.
✅ Enhanced Middleware Authentication:
- Updated middleware to protect new admin routes including `/manage` and `/dashboard`.
✅ Implemented CSRF Protection:
- Added CSRF token generation and validation for login and session validation routes.
✅ Introduced Rate Limiting:
- Added rate limiting for admin routes and CSRF token requests to enhance security.
✅ Refactored Admin Page:
- Created a new admin management page with improved authentication handling and user feedback.
🎯 Overall Improvements:
- Strengthened security measures for admin access.
- Improved user experience with clearer navigation and feedback.
- Streamlined authentication processes for better performance.
