Add Strict CSP Headers (#243)

* Add CSP nonce support and enhance security headers

Introduced secure headers and CSP nonce to improve app security by integrating `@nosecone/next`. Updated middleware, root providers, and layout to handle nonce propagation, enabling stricter CSP policies when configured. Also upgraded dependencies and tooling versions.

* Add OTP and security guidelines documentation and additional checks on client-provided values

- Introduced additional checks on client-provided values such as cookies
- Introduced a new OTP API documentation outlining the creation and verification of OTP tokens for sensitive operations.
- Added comprehensive security guidelines for writing secure code in Next.js, covering client and server components, environment variables, authentication, and error handling.

These additions enhance the project's security posture and provide clear instructions for developers on implementing secure practices.

apps/web/app/layout.tsx

@@ -1,3 +1,5 @@
+import { headers } from 'next/headers';
+
 import { Toaster } from '@kit/ui/sonner';
 
 import { RootProviders } from '~/components/root-providers';
@@ -20,11 +22,12 @@ export default async function RootLayout({
   const { language } = await createI18nServerInstance();
   const theme = await getRootTheme();
   const className = getFontsClassName(theme);
+  const nonce = await getCspNonce();
 
   return (
     <html lang={language} className={className}>
       <body>
-        <RootProviders theme={theme} lang={language}>
+        <RootProviders theme={theme} lang={language} nonce={nonce}>
           {children}
         </RootProviders>
 
@@ -33,3 +36,9 @@ export default async function RootLayout({
     </html>
   );
 }
+
+async function getCspNonce() {
+  const headersStore = await headers();
+
+  return headersStore.get('x-nonce') ?? undefined;
+}