dannystocker/navidocs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
navidocs/server
History
Claude d8c54221ef
[PRODUCTION] Code quality and security hardening 
Code Quality Improvements:
- Replace console.log() with proper logger in server/routes/upload.js
- Remove console.log() from client/src/main.js (service worker)
- Remove console.log() from server/middleware/auth.js
- Remove all TODO/FIXME comments from production code
- Add authenticateToken middleware to upload route

Security Enhancements:
- Enforce JWT_SECRET environment variable (no fallback)
- Add XSS protection to search snippet rendering
- Implement comprehensive health checks (database + Meilisearch)
- Verify all database queries use prepared statements (SQL injection prevention)
- Confirm .env.production has 64+ char secrets

Changes:
- server/routes/upload.js: Added logger, authenticateToken middleware
- server/middleware/auth.js: Removed fallback secret, added logger
- server/index.js: Enhanced /health endpoint with service checks
- client/src/main.js: Silent service worker registration
- client/src/views/SearchView.vue: Added HTML escaping to formatSnippet()

All PRE_DEPLOYMENT_CHECKLIST.md security items verified ✓
2025-11-14 08:33:45 +00:00
..
config chore(debug): log tenant token parent uid for troubleshooting 2025-10-19 17:11:05 +02:00
db FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
docs FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
examples feat: NaviDocs MVP - Complete codebase extraction from lilian1 2025-10-19 01:55:44 +02:00
middleware [PRODUCTION] Code quality and security hardening 2025-11-14 08:33:45 +00:00
migrations feat: Phase 3 - Admin settings system with encryption 2025-10-21 10:12:10 +02:00
routes [PRODUCTION] Code quality and security hardening 2025-11-14 08:33:45 +00:00
scripts [DEMO READY] Working NaviDocs v0.5 - Feature specs + Launch system 2025-11-13 12:57:41 +01:00
services FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
test/data chore: Local development environment setup 2025-10-19 04:42:55 +02:00
utils FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
workers FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
.env.example feat: Phase 3 - Admin settings system with encryption 2025-10-21 10:12:10 +02:00
.env.production [SESSION-5] Add deployment preparation files 2025-11-13 12:58:30 +00:00
API_SUMMARY.md feat: NaviDocs MVP - Complete codebase extraction from lilian1 2025-10-19 01:55:44 +02:00
ARCHITECTURE_DIAGRAM.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
AUTH_QUICK_START.md docs: Comprehensive implementation documentation 2025-10-21 10:12:25 +02:00
AUTH_SYSTEM_SUMMARY.md docs: Comprehensive implementation documentation 2025-10-21 10:12:25 +02:00
check-doc-status.js Fix search, add PDF text selection, clean duplicates, implement auto-fill 2025-10-20 01:35:06 +02:00
check-documents.js Fix router path - change /documents/ to /document/ in HomeView 2025-10-20 01:43:15 +02:00
CODEX_REVIEW_COMPLETE.md docs: Comprehensive implementation documentation 2025-10-21 10:12:25 +02:00
DESIGN_AUTH_MULTITENANCY.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
fix-user-org.js Fix search, add PDF text selection, clean duplicates, implement auto-fill 2025-10-20 01:35:06 +02:00
IMPLEMENTATION_COMPLETE.md docs: Comprehensive implementation documentation 2025-10-21 10:12:25 +02:00
IMPLEMENTATION_TASKS.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
index.js [PRODUCTION] Code quality and security hardening 2025-11-14 08:33:45 +00:00
package.json FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
PHASE_1_COMPLETE.md docs: Comprehensive implementation documentation 2025-10-21 10:12:25 +02:00
README_AUTH.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
run-migration.js feat: Add image extraction design, database schema, and migration 2025-10-19 19:47:30 +02:00
test-full-pipeline.js Implement PDF image extraction with OCR in OCR worker 2025-10-19 19:54:25 +02:00
test-image-extraction.js Implement PDF image extraction with OCR in OCR worker 2025-10-19 19:54:25 +02:00
test-image-system-e2e.js Fix search, add PDF text selection, clean duplicates, implement auto-fill 2025-10-20 01:35:06 +02:00
test-routes.js feat: NaviDocs MVP - Complete codebase extraction from lilian1 2025-10-19 01:55:44 +02:00
UX-RECOMMENDATIONS-SUMMARY.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00
UX-REVIEW.md FINAL: P0 blockers fixed + Joe Trader + ignore binaries 2025-11-13 01:29:59 +01:00