zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e193c94f06f9f83e93b4ae1f8a606235eb830fd1
myeasycms-v2/apps/web/app/home/[account]/layout.tsx
Giancarlo Buomprisco e193c94f06 Cookies validation and Security Guidelines (#242) 
* Add OTP and security guidelines documentation and additional checks on client-provided values

- Introduced additional checks on client-provided values such as cookies
- Introduced a new OTP API documentation outlining the creation and verification of OTP tokens for sensitive operations.
- Added comprehensive security guidelines for writing secure code in Next.js, covering client and server components, environment variables, authentication, and error handling.

These additions enhance the project's security posture and provide clear instructions for developers on implementing secure practices.

* Add OTP API documentation and enhance security guidelines

- Introduced comprehensive documentation for the OTP API, detailing the creation and verification of OTP tokens for sensitive operations.
- Enhanced security guidelines for Next.js, emphasizing the importance of input validation, environment variable management, and error handling.
- Implemented additional checks for client-provided values to improve overall security posture.

These updates provide clear instructions for developers and strengthen the project's security framework.
2025-04-22 06:44:55 +08:00

148 lines
4.2 KiB
TypeScript
Raw Blame History

import { use } from 'react';
import { cookies } from 'next/headers';
import { z } from 'zod';
import { TeamAccountWorkspaceContextProvider } from '@kit/team-accounts/components';
import { Page, PageMobileNavigation, PageNavigation } from '@kit/ui/page';
import { SidebarProvider } from '@kit/ui/shadcn-sidebar';
import { AppLogo } from '~/components/app-logo';
import { getTeamAccountSidebarConfig } from '~/config/team-account-navigation.config';
import { withI18n } from '~/lib/i18n/with-i18n';
// local imports
import { TeamAccountLayoutMobileNavigation } from './_components/team-account-layout-mobile-navigation';
import { TeamAccountLayoutSidebar } from './_components/team-account-layout-sidebar';
import { TeamAccountNavigationMenu } from './_components/team-account-navigation-menu';
import { loadTeamWorkspace } from './_lib/server/team-account-workspace.loader';
type TeamWorkspaceLayoutProps = React.PropsWithChildren<{
params: Promise<{ account: string }>;
}>;
function TeamWorkspaceLayout({ children, params }: TeamWorkspaceLayoutProps) {
const account = use(params).account;
const state = use(getLayoutState(account));
if (state.style === 'sidebar') {
return <SidebarLayout account={account}>{children}</SidebarLayout>;
}
return <HeaderLayout account={account}>{children}</HeaderLayout>;
}
function SidebarLayout({
account,
children,
}: React.PropsWithChildren<{
account: string;
}>) {
const data = use(loadTeamWorkspace(account));
const state = use(getLayoutState(account));
const accounts = data.accounts.map(({ name, slug, picture_url }) => ({
label: name,
value: slug,
image: picture_url,
}));
return (
<TeamAccountWorkspaceContextProvider value={data}>
<SidebarProvider defaultOpen={state.open}>
<Page style={'sidebar'}>
<PageNavigation>
<TeamAccountLayoutSidebar
account={account}
accountId={data.account.id}
accounts={accounts}
user={data.user}
/>
</PageNavigation>
<PageMobileNavigation className={'flex items-center justify-between'}>
<AppLogo />
<div className={'flex space-x-4'}>
<TeamAccountLayoutMobileNavigation
userId={data.user.id}
accounts={accounts}
account={account}
/>
</div>
</PageMobileNavigation>
{children}
</Page>
</SidebarProvider>
</TeamAccountWorkspaceContextProvider>
);
}
function HeaderLayout({
account,
children,
}: React.PropsWithChildren<{
account: string;
}>) {
const data = use(loadTeamWorkspace(account));
const accounts = data.accounts.map(({ name, slug, picture_url }) => ({
label: name,
value: slug,
image: picture_url,
}));
return (
<TeamAccountWorkspaceContextProvider value={data}>
<Page style={'header'}>
<PageNavigation>
<TeamAccountNavigationMenu workspace={data} />
</PageNavigation>
<PageMobileNavigation className={'flex items-center justify-between'}>
<AppLogo />
<div className={'group-data-[mobile:hidden]'}>
<TeamAccountLayoutMobileNavigation
userId={data.user.id}
accounts={accounts}
account={account}
/>
</div>
</PageMobileNavigation>
{children}
</Page>
</TeamAccountWorkspaceContextProvider>
);
}
async function getLayoutState(account: string) {
const cookieStore = await cookies();
const config = getTeamAccountSidebarConfig(account);
const LayoutStyleSchema = z
.enum(['sidebar', 'header', 'custom'])
.default(config.style);
const sidebarOpenCookie = cookieStore.get('sidebar:state');
const layoutCookie = cookieStore.get('layout-style');
const layoutStyle = LayoutStyleSchema.safeParse(layoutCookie?.value);
const sidebarOpenCookieValue = sidebarOpenCookie
? sidebarOpenCookie.value === 'false'
: !config.sidebarCollapsed;
const style = layoutStyle.success ? layoutStyle.data : config.style;
return {
open: sidebarOpenCookieValue,
style,
};
}
export default withI18n(TeamWorkspaceLayout);
Reference in New Issue View Git Blame Copy Permalink