feat(api): implement rate limiting and SSRF protection across endpoints

- Added rate limiting to `reaction-users`, `search`, and `image-proxy` APIs to prevent abuse. - Introduced SSRF protection in `image-proxy` to block requests to private IP ranges. - Enhanced `link-preview` to use `linkedom` for HTML parsing and improved meta tag extraction. - Refactored authentication checks in various pages to utilize middleware for cleaner code. - Improved JWT key loading with error handling and security warnings for production. - Updated `authFetch` utility to handle token refresh more efficiently with deduplication. - Enhanced rate limiting utility to trust proxy headers from known sources. - Numerous layout / design changes
2025-12-05 14:21:52 -05:00
parent 55e4c5ff0c
commit e18aa3f42c
44 changed files with 3512 additions and 892 deletions
--- a/src/assets/styles/global.css
+++ b/src/assets/styles/global.css
@@ -4,22 +4,23 @@

@theme {
  /* Font families */
-  --font-sans: "Geist Sans", system-ui, sans-serif;
+  --font-sans: "IBM Plex Sans", "Geist Sans", system-ui, sans-serif;
  --font-mono: "Geist Mono", ui-monospace, monospace;
 }

 ::selection {
-  background-color: #47a3f3;
-  color: #fefefe;
+  background-color: #3b82f6;
+  color: #ffffff;
 }

 /* Dark theme colors */
 [data-theme="dark"] {
-  background-color: #121212;
+  background-color: #0a0a0a;
 }

 html {
  min-width: 360px;
+  scroll-behavior: smooth;
 }

 .prose {
@@ -200,9 +201,24 @@ Custom
  width: 64px;
 }

+/* Page section - consistent spacing for all page content */
+.page-section {
+  width: 100%;
+}
+
 .footer {
  display: grid;
  align-items: end;
+  padding: 2.5rem 0 2rem 0;
+  margin-top: auto;
+  padding-top: 3rem;
+  text-align: center;
+  font-size: 0.95rem;
+  border-top: 1px solid rgba(0, 0, 0, 0.06);
+}
+
+[data-theme="dark"] .footer {
+  border-top-color: rgba(255, 255, 255, 0.06);
 }

 .header-text, .footer-text {
@@ -235,8 +251,103 @@ Custom
  margin-left: 50%;
 }

-#exclude-checkboxes {
-  margin-left: 5.5%;
+/* Search button */
+.search-btn {
+  padding: 0.625rem 1.5rem;
+  background: linear-gradient(135deg, #171717 0%, #262626 100%);
+  color: white;
+  border: none;
+  border-radius: 10px;
+  font-weight: 600;
+  font-size: 0.9rem;
+  cursor: pointer;
+  transition: all 0.2s ease;
+  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
+}
+
+.search-btn:hover {
+  transform: translateY(-1px);
+  box-shadow: 0 4px 12px rgba(0, 0, 0, 0.2);
+}
+
+.search-btn:active {
+  transform: translateY(0);
+}
+
+[data-theme="dark"] .search-btn {
+  background: linear-gradient(135deg, #fafafa 0%, #e5e5e5 100%);
+  color: #171717;
+  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.3);
+}
+
+[data-theme="dark"] .search-btn:hover {
+  box-shadow: 0 4px 16px rgba(255, 255, 255, 0.15);
+}
+
+/* Exclude sources - toggle chips */
+.exclude-sources {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+}
+
+.exclude-label {
+  font-size: 0.75rem;
+  font-weight: 500;
+  color: #737373;
+  margin-right: 0.125rem;
+}
+
+[data-theme="dark"] .exclude-label {
+  color: #525252;
+}
+
+.exclude-chip {
+  display: inline-flex;
+  align-items: center;
+  font-size: 0.75rem;
+  font-weight: 500;
+  padding: 0.375rem 0.75rem;
+  border-radius: 9999px;
+  border: 1px solid rgba(0, 0, 0, 0.2);
+  background: rgba(0, 0, 0, 0.03);
+  color: #525252;
+  cursor: pointer;
+  transition: all 0.15s ease;
+  user-select: none;
+}
+
+[data-theme="dark"] .exclude-chip {
+  border-color: rgba(255, 255, 255, 0.25);
+  background: rgba(255, 255, 255, 0.06);
+  color: #d4d4d4;
+}
+
+.exclude-chip:hover {
+  border-color: rgba(239, 68, 68, 0.4);
+  color: #dc2626;
+  background: rgba(239, 68, 68, 0.05);
+}
+
+[data-theme="dark"] .exclude-chip:hover {
+  border-color: rgba(248, 113, 113, 0.4);
+  color: #f87171;
+  background: rgba(248, 113, 113, 0.08);
+}
+
+/* Active/excluded state */
+.exclude-chip--active {
+  border-color: rgba(239, 68, 68, 0.5);
+  background: rgba(239, 68, 68, 0.1);
+  color: #dc2626;
+  text-decoration: line-through;
+  text-decoration-thickness: 1.5px;
+}
+
+[data-theme="dark"] .exclude-chip--active {
+  border-color: rgba(248, 113, 113, 0.5);
+  background: rgba(248, 113, 113, 0.12);
+  color: #f87171;
 }

 #lyric-search-input {
@@ -247,7 +358,7 @@ Custom
 .lyric-search-input-wrapper {
  position: relative;
  width: 100%;
-  max-width: 900px;
+  max-width: 640px;
 }

 .lyric-search-input-wrapper .p-autocomplete {
@@ -255,19 +366,46 @@ Custom
 }

 .lyric-search-input-wrapper .p-autocomplete-input {
-  padding-right: 2.5rem;
+  width: 100%;
+  padding: 0.875rem 2.75rem 0.875rem 1.125rem;
+  border-radius: 12px;
+  border: 1px solid rgba(0, 0, 0, 0.1);
+  font-size: 1rem;
+  background: white;
+  transition: border-color 0.2s ease, box-shadow 0.2s ease;
+}
+
+.lyric-search-input-wrapper .p-autocomplete-input:focus {
+  outline: none;
+  border-color: #3b82f6;
+  box-shadow: 0 0 0 4px rgba(59, 130, 246, 0.1);
+}
+
+[data-theme="dark"] .lyric-search-input-wrapper .p-autocomplete-input {
+  background: rgba(255, 255, 255, 0.08);
+  border-color: rgba(255, 255, 255, 0.15);
+  color: #f5f5f5;
+}
+
+[data-theme="dark"] .lyric-search-input-wrapper .p-autocomplete-input:focus {
+  border-color: #60a5fa;
+  box-shadow: 0 0 0 4px rgba(96, 165, 250, 0.15);
+}
+
+[data-theme="dark"] .lyric-search-input-wrapper .p-autocomplete-input::placeholder {
+  color: #a3a3a3;
 }

 .input-status-icon {
  position: absolute;
-  right: 0.85rem;
-  top: 0;
-  bottom: 0;
-  transform: none;
+  right: 1rem;
+  top: 50%;
+  transform: translateY(-50%);
  display: flex;
  align-items: center;
  justify-content: center;
  pointer-events: none;
+  z-index: 10;
  transition: opacity 0.2s ease, color 0.2s ease;
 }

@@ -282,10 +420,29 @@ Custom
 }

 .lyrics-card {
-  border-radius: 12px;
-  box-shadow: 0 4px 12px rgba(0,0,0,0.05);
+  border-radius: 16px;
+  box-shadow: 0 1px 3px rgba(0,0,0,0.08), 0 8px 24px rgba(0,0,0,0.04);
  padding: 1.5rem;
-  transition: background 0.3s;
+  transition: background 0.3s, box-shadow 0.3s;
+  background: white;
+  border: 1px solid rgba(0, 0, 0, 0.06);
+}
+
+[data-theme="dark"] .lyrics-card {
+  background: rgba(255, 255, 255, 0.04);
+  border-color: rgba(255, 255, 255, 0.08);
+  box-shadow: 0 1px 3px rgba(0,0,0,0.2), 0 8px 24px rgba(0,0,0,0.15);
+}
+
+.lyrics-card-animate {
+  opacity: 0;
+  transform: translateY(12px);
+  transition: opacity 0.4s ease-out, transform 0.4s ease-out;
+}
+
+.lyrics-card-visible {
+  opacity: 1;
+  transform: translateY(0);
 }

 .lyrics-toolbar {
@@ -294,11 +451,18 @@ Custom
  justify-content: space-between;
  flex-wrap: wrap;
  gap: 0.75rem;
-  margin-bottom: 1rem;
+  margin-bottom: 1.25rem;
+  padding-bottom: 1rem;
+  border-bottom: 1px solid rgba(0, 0, 0, 0.06);
+}
+
+[data-theme="dark"] .lyrics-toolbar {
+  border-bottom-color: rgba(255, 255, 255, 0.08);
 }

 .lyrics-title {
  font-weight: 600;
+  font-size: 1.1rem;
  flex: 1;
  text-align: left;
 }
@@ -306,22 +470,27 @@ Custom
 .lyrics-actions {
  display: flex;
  align-items: center;
-  gap: 0.35rem;
+  gap: 0.5rem;
 }

 .text-size-buttons {
  display: flex;
-  border: 1px solid rgba(79, 70, 229, 0.25);
-  border-radius: 999px;
+  border: 1px solid rgba(0, 0, 0, 0.1);
+  border-radius: 8px;
  overflow: hidden;
-  background: rgba(79, 70, 229, 0.06);
+  background: rgba(0, 0, 0, 0.03);
+}
+
+[data-theme="dark"] .text-size-buttons {
+  border-color: rgba(255, 255, 255, 0.1);
+  background: rgba(255, 255, 255, 0.05);
 }

 .text-size-btn {
  background: transparent;
  border: none;
  color: inherit;
-  padding: 0.15rem 0.5rem;
+  padding: 0.25rem 0.6rem;
  font-size: 0.85rem;
  cursor: pointer;
  transition: background 0.2s, color 0.2s;
@@ -332,13 +501,17 @@ Custom
 }

 .text-size-btn.active {
-  background: rgba(79, 70, 229, 0.15);
+  background: rgba(0, 0, 0, 0.08);
  font-weight: 600;
 }

+[data-theme="dark"] .text-size-btn.active {
+  background: rgba(255, 255, 255, 0.12);
+}
+
 .lyrics-content {
  line-height: 2.0;
-  font-family: 'Inter', sans-serif;
+  font-family: 'IBM Plex Sans', 'Inter', sans-serif;
  font-size: 1rem;
  white-space: pre-wrap;
 }
@@ -348,6 +521,32 @@ Custom
  line-height: 1.85;
 }

+.lyrics-verse {
+  padding: 0.5rem 0.75rem;
+  margin: 0.25rem -0.75rem;
+  border-radius: 8px;
+  cursor: pointer;
+  transition: background-color 0.2s ease, box-shadow 0.2s ease;
+}
+
+.lyrics-verse:hover {
+  background-color: rgba(79, 70, 229, 0.06);
+}
+
+.lyrics-verse-highlighted {
+  background-color: rgba(79, 70, 229, 0.15);
+  box-shadow: inset 3px 0 0 rgba(79, 70, 229, 0.6);
+}
+
+.lyrics-card-dark .lyrics-verse:hover {
+  background-color: rgba(139, 92, 246, 0.1);
+}
+
+.lyrics-card-dark .lyrics-verse-highlighted {
+  background-color: rgba(139, 92, 246, 0.2);
+  box-shadow: inset 3px 0 0 rgba(139, 92, 246, 0.7);
+}
+
 .lyrics-action-button {
  color: inherit;
  border: 1px solid transparent;
@@ -384,10 +583,52 @@ Custom
  padding-bottom: 3%;
 }

+/* PrimeReact AutoComplete Panel - Global Styling */
+.p-autocomplete-panel {
+  background: white;
+  border: 1px solid rgba(0, 0, 0, 0.1);
+  border-radius: 12px;
+  box-shadow: 0 4px 24px rgba(0, 0, 0, 0.12);
+  overflow: hidden;
+  z-index: 9999;
+}
+
+[data-theme="dark"] .p-autocomplete-panel {
+  background: #1a1a1a;
+  border-color: rgba(255, 255, 255, 0.1);
+  box-shadow: 0 4px 24px rgba(0, 0, 0, 0.4);
+}
+
 .p-autocomplete-items {
  max-height: 200px !important;
  overflow-y: auto !important;
  overscroll-behavior: contain;
+  padding: 0.25rem;
+}
+
+.p-autocomplete-item {
+  padding: 0.625rem 0.875rem;
+  border-radius: 8px;
+  margin: 0.125rem 0;
+  cursor: pointer;
+  transition: background-color 0.15s ease;
+  color: #262626;
+}
+
+.p-autocomplete-item:hover,
+.p-autocomplete-item.p-highlight {
+  background: rgba(59, 130, 246, 0.1);
+  color: #1d4ed8;
+}
+
+[data-theme="dark"] .p-autocomplete-item {
+  color: #e5e5e5;
+}
+
+[data-theme="dark"] .p-autocomplete-item:hover,
+[data-theme="dark"] .p-autocomplete-item.p-highlight {
+  background: rgba(96, 165, 250, 0.15);
+  color: #60a5fa;
 }

 .p-autocomplete-input {
@@ -396,6 +637,7 @@ Custom
  border: 1px solid #ccc;
  transition: border 0.2s;
 }
+
 .p-autocomplete-input:focus {
  border-color: #4f46e5;
  outline: none;
@@ -510,18 +752,52 @@ Custom
 /*
 Toastify customizations
 */
-.Toastify__toast--error {
-  background-color: rgba(255, 0, 0, 0.5) !important;
-  color: inherit !important;
+.Toastify__toast {
+  border-radius: 12px !important;
+  backdrop-filter: blur(12px) !important;
+  box-shadow: 0 4px 24px rgba(0, 0, 0, 0.3) !important;
+  font-family: 'IBM Plex Sans', sans-serif !important;
+  font-size: 0.9rem !important;
+  background: rgba(30, 30, 30, 0.95) !important;
+  color: #e5e5e5 !important;
 }
+
+.Toastify__toast--error {
+  background: rgba(30, 30, 30, 0.95) !important;
+  border-left: 4px solid #ef4444 !important;
+  color: #fca5a5 !important;
+}
+
 .Toastify__toast--info {
-  background-color: rgba(217, 242, 255, 0.8) !important;
-  color: #000 !important;
+  background: rgba(30, 30, 30, 0.95) !important;
+  border-left: 4px solid #3b82f6 !important;
+  color: #93c5fd !important;
 }

 .Toastify__toast--success {
-  background-color: rgba(46, 186, 106, 0.8) !important;
-  color: inherit !important;
+  background: rgba(30, 30, 30, 0.95) !important;
+  border-left: 4px solid #22c55e !important;
+  color: #86efac !important;
+}
+
+.Toastify__toast--warning {
+  background: rgba(30, 30, 30, 0.95) !important;
+  border-left: 4px solid #f59e0b !important;
+  color: #fcd34d !important;
+}
+
+.Toastify__close-button {
+  color: #a3a3a3 !important;
+  opacity: 0.7 !important;
+}
+
+.Toastify__close-button:hover {
+  opacity: 1 !important;
+  color: #e5e5e5 !important;
+}
+
+.Toastify__progress-bar {
+  background: rgba(255, 255, 255, 0.2) !important;
 }

 .Toastify__toast--success > .Toastify__toast-icon svg {
@@ -531,3 +807,8 @@ Toastify customizations
 .Toastify__toast--success > .Toastify__toast-icon::after {
  content: "🦄" !important;
 }
+
+/* Light mode - keep dark toasts */
+[data-theme="light"] .Toastify__toast {
+  box-shadow: 0 4px 24px rgba(0, 0, 0, 0.2) !important;
+}