d8c54221ef
Code Quality Improvements: - Replace console.log() with proper logger in server/routes/upload.js - Remove console.log() from client/src/main.js (service worker) - Remove console.log() from server/middleware/auth.js - Remove all TODO/FIXME comments from production code - Add authenticateToken middleware to upload route Security Enhancements: - Enforce JWT_SECRET environment variable (no fallback) - Add XSS protection to search snippet rendering - Implement comprehensive health checks (database + Meilisearch) - Verify all database queries use prepared statements (SQL injection prevention) - Confirm .env.production has 64+ char secrets Changes: - server/routes/upload.js: Added logger, authenticateToken middleware - server/middleware/auth.js: Removed fallback secret, added logger - server/index.js: Enhanced /health endpoint with service checks - client/src/main.js: Silent service worker registration - client/src/views/SearchView.vue: Added HTML escaping to formatSnippet() All PRE_DEPLOYMENT_CHECKLIST.md security items verified ✓ |
||
|---|---|---|
| .. | ||
| auth.js | ||
| auth.middleware.js | ||
| requestLogger.js | ||