codey/codey.lol
1
0
Fork 0
Code Issues Pull Requests Activity

feat(api): implement rate limiting and SSRF protection across endpoints

Browse Source 
- Added rate limiting to `reaction-users`, `search`, and `image-proxy` APIs to prevent abuse.
- Introduced SSRF protection in `image-proxy` to block requests to private IP ranges.
- Enhanced `link-preview` to use `linkedom` for HTML parsing and improved meta tag extraction.
- Refactored authentication checks in various pages to utilize middleware for cleaner code.
- Improved JWT key loading with error handling and security warnings for production.
- Updated `authFetch` utility to handle token refresh more efficiently with deduplication.
- Enhanced rate limiting utility to trust proxy headers from known sources.
- Numerous layout / design changes
This commit is contained in:
codey
2025-12-05 14:21:52 -05:00
parent 55e4c5ff0c
commit e18aa3f42c
44 changed files with 3512 additions and 892 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/components/req/ReqForm.jsx
View File

@@ -15,6 +15,7 @@ export default function ReqForm() {
const [selectedTitle, setSelectedTitle] = useState("");
const [isSubmitting, setIsSubmitting] = useState(false);
const [suggestions, setSuggestions] = useState([]);
const [posterLoading, setPosterLoading] = useState(true);
useEffect(() => {
if (title !== selectedTitle) {
@@ -22,6 +23,7 @@ export default function ReqForm() {
if (selectedItem) setSelectedItem(null);
if (type) setType("");
if (selectedTitle) setSelectedTitle("");
setPosterLoading(true);
}
}, [title, selectedTitle, selectedOverview, selectedItem, type]);
@@ -116,18 +118,18 @@ export default function ReqForm() {
return (
<div className="flex items-center justify-center min-h-[60vh] p-4">
<div className="w-full max-w-lg p-8 bg-white dark:bg-[#1E1E1E] rounded-3xl shadow-2xl border border-gray-200 dark:border-gray-700">
<div className="w-full max-w-lg p-8 bg-white dark:bg-[#141414] rounded-2xl shadow-lg shadow-neutral-900/5 dark:shadow-black/20 border border-neutral-200/60 dark:border-neutral-800/60">
<div className="text-center mb-8">
<h1 className="text-4xl font-bold text-gray-800 dark:text-white mb-2">
<h1 className="text-3xl font-bold text-neutral-900 dark:text-white mb-2 tracking-tight font-['IBM_Plex_Sans',sans-serif]">
Request Movies/TV
</h1>
<p className="text-gray-600 dark:text-gray-400 text-sm">
<p className="text-neutral-500 dark:text-neutral-400 text-sm">
Submit your request for review
</p>
</div>
<form onSubmit={handleSubmit} className="space-y-6">
<div className="space-y-2">
<label htmlFor="title" className="block text-sm font-semibold text-gray-700 dark:text-gray-300">
<label htmlFor="title" className="block text-sm font-medium text-neutral-700 dark:text-neutral-300">
Title <span className="text-red-500">*</span>
</label>
<AutoComplete
@@ -148,43 +150,50 @@ export default function ReqForm() {
placeholder="Enter movie or TV title"
title="Enter movie or TV show title"
className="w-full"
inputClassName="w-full border-2 border-gray-200 dark:border-gray-600 rounded-xl px-4 py-3 focus:border-[#12f8f4] transition-colors"
panelClassName="border-2 border-gray-200 dark:border-gray-600 rounded-xl"
inputClassName="w-full border border-neutral-200 dark:border-neutral-700 rounded-xl px-4 py-3 bg-white dark:bg-neutral-900/50 focus:border-blue-500 dark:focus:border-blue-400 focus:ring-2 focus:ring-blue-500/20 transition-all outline-none"
panelClassName="rounded-xl overflow-hidden"
field="label"
onShow={attachScrollFix}
itemTemplate={(item) => (
<div className="p-2 hover:bg-gray-100 dark:hover:bg-gray-700 rounded">
<div className="p-2 rounded">
<span className="font-medium">{item.label}</span>
{item.year && <span className="text-sm text-gray-500 ml-2">({item.year})</span>}
<span className="text-xs text-gray-400 ml-2 uppercase">{item.mediaType === 'tv' ? 'TV' : 'Movie'}</span>
{item.year && <span className="text-sm text-neutral-500 ml-2">({item.year})</span>}
<span className="text-xs text-neutral-400 ml-2 uppercase">{item.mediaType === 'tv' ? 'TV' : 'Movie'}</span>
</div>
)}
/>
{selectedItem && selectedTypeLabel && (
<div className="text-xs font-semibold uppercase text-gray-500 dark:text-gray-400">
Selected type: {selectedTypeLabel}
<div className="text-xs font-medium uppercase text-neutral-500 dark:text-neutral-400 tracking-wide">
Selected type: <span className="font-bold text-neutral-700 dark:text-neutral-200">{selectedTypeLabel}</span>
</div>
)}
</div>
{selectedOverview && (
<div className="space-y-2">
<label className="block text-sm font-semibold text-gray-700 dark:text-gray-300">
<label className="block text-sm font-medium text-neutral-700 dark:text-neutral-300">
Synopsis
</label>
<div className="p-3 bg-gray-50 dark:bg-gray-800 rounded-xl border border-gray-200 dark:border-gray-600">
<div className="p-4 bg-neutral-50 dark:bg-neutral-900/50 rounded-xl border border-neutral-200/60 dark:border-neutral-700/60">
<div className="flex flex-col sm:flex-row gap-4">
<div className="flex-1">
<p className="text-sm text-gray-600 dark:text-gray-400 leading-relaxed">
<p className="text-sm text-neutral-600 dark:text-neutral-400 leading-relaxed">
{selectedOverview}
</p>
</div>
{selectedItem?.poster_path && (
<img
src={`https://image.tmdb.org/t/p/w200${selectedItem.poster_path}`}
alt="Poster"
className="w-24 sm:w-32 md:w-40 h-auto rounded-lg border border-gray-200 dark:border-gray-600"
/>
<div className="relative w-24 sm:w-32 md:w-40 flex-shrink-0 overflow-hidden rounded-lg">
{posterLoading && (
<div className="w-full bg-neutral-200 dark:bg-neutral-700 rounded-lg animate-pulse" style={{ aspectRatio: '2/3' }} />
)}
<img
src={`https://image.tmdb.org/t/p/w200${selectedItem.poster_path}`}
alt="Poster"
className={`w-full h-auto rounded-lg border border-neutral-200 dark:border-neutral-700 transition-opacity duration-300 ${posterLoading ? 'hidden' : 'block'}`}
onLoad={() => setPosterLoading(false)}
onError={() => setPosterLoading(false)}
/>
</div>
)}
</div>
</div>
@@ -192,28 +201,28 @@ export default function ReqForm() {
)}
<div className="space-y-2">
<label htmlFor="year" className="block text-sm font-semibold text-gray-700 dark:text-gray-300">
Year <span className="text-gray-500">(optional)</span>
<label htmlFor="year" className="block text-sm font-medium text-neutral-700 dark:text-neutral-300">
Year <span className="text-neutral-400">(optional)</span>
</label>
<InputText
id="year"
value={year}
onChange={(e) => setYear(e.target.value)}
placeholder="e.g. 2023"
className="w-full border-2 border-gray-200 dark:border-gray-600 rounded-xl px-4 py-3 focus:border-[#12f8f4] transition-colors"
className="w-full border border-neutral-200 dark:border-neutral-700 rounded-xl px-4 py-3 bg-white dark:bg-neutral-900/50 focus:border-blue-500 dark:focus:border-blue-400 focus:ring-2 focus:ring-blue-500/20 transition-all outline-none"
/>
</div>
<div className="space-y-2">
<label htmlFor="requester" className="block text-sm font-semibold text-gray-700 dark:text-gray-300">
Your Name <span className="text-gray-500">(optional)</span>
<label htmlFor="requester" className="block text-sm font-medium text-neutral-700 dark:text-neutral-300">
Your Name <span className="text-neutral-400">(optional)</span>
</label>
<InputText
id="requester"
value={requester}
onChange={(e) => setRequester(e.target.value)}
placeholder="Who is requesting this?"
className="w-full border-2 border-gray-200 dark:border-gray-600 rounded-xl px-4 py-3 focus:border-[#12f8f4] transition-colors"
className="w-full border border-neutral-200 dark:border-neutral-700 rounded-xl px-4 py-3 bg-white dark:bg-neutral-900/50 focus:border-blue-500 dark:focus:border-blue-400 focus:ring-2 focus:ring-blue-500/20 transition-all outline-none"
/>
</div>
@@ -221,7 +230,7 @@ export default function ReqForm() {
<Button
type="submit"
disabled={isSubmitting}
className="w-full py-3 px-6 bg-[#12f8f4] text-gray-900 font-semibold rounded-xl disabled:opacity-50 disabled:cursor-not-allowed"
className="w-full py-3 px-6 bg-neutral-900 dark:bg-white text-white dark:text-neutral-900 font-semibold rounded-xl hover:bg-neutral-800 dark:hover:bg-neutral-100 disabled:opacity-50 disabled:cursor-not-allowed transition-colors shadow-sm"
>
{isSubmitting ? "Submitting..." : "Submit Request"}
</Button>