fix(security): lock down admin + add bulk cleanup UI

2026-06-20 22:03:48 +00:00 · 2026-02-05 23:18:25 -08:00
parent 59cbbd0428
commit 223560e874
12 changed files with 2100 additions and 765 deletions
@@ -1,43 +1,3 @@
-// Authentication helper functions
-// Handles user authentication state
-
-export const authHelpers = `
-  // Check if user is authenticated
-  function isAuthenticated() {
-    // Check localStorage first (client-side)
-    if (localStorage.getItem('authenticated') === 'true') {
-      return true;
-    }
-    
-    // Check for cookie (server-side auth)
-    function getCookie(name) {
-      const value = \`; \${document.cookie}\`;
-      const parts = value.split(\`; \${name}=\`);
-      if (parts.length === 2) return parts.pop().split(';').shift();
-      return null;
-    }
-    
-    return getCookie('admin_auth') === 'true';
-  }
-  
-  // Set authentication state
-  function setAuthenticated(value) {
-    localStorage.setItem('authenticated', value ? 'true' : 'false');
-  }
-  
-  // Logout function
-  function logout() {
-    localStorage.removeItem('authenticated');
-    // Also clear the cookie by setting expiry in the past
-    document.cookie = 'admin_auth=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
-    window.location.href = '/admin/login';
-  }
-  
-  // Check authentication on page load
-  document.addEventListener('DOMContentLoaded', () => {
-    const path = window.location.pathname;
-    if (path !== '/admin/login' && !isAuthenticated()) {
-      window.location.href = '/admin/login';
-    }
-  });
-`; 
+// Legacy export retained for compatibility.
+// Authentication is now fully enforced server-side.
+export const authHelpers = ``;
@@ -1,9 +1,9 @@
 // Main scripts exports file
 // Combines and re-exports all JavaScript functionality

-import { modalScripts, emailViewScripts, initScripts } from './interactions';
-import { clipboardScripts } from './clipboard';
-import { authHelpers } from './auth';
+import { modalScripts, emailViewScripts, initScripts } from "./interactions";
+import { clipboardScripts } from "./clipboard";
+import { authHelpers } from "./auth";

 // Combine all scripts into a single JavaScript string
 export const interactiveScripts = `
@@ -14,4 +14,10 @@ export const interactiveScripts = `
 `;

 // Re-export for modular usage if needed
-export { modalScripts, emailViewScripts, initScripts, clipboardScripts, authHelpers }; 
+export {
+  modalScripts,
+  emailViewScripts,
+  initScripts,
+  clipboardScripts,
+  authHelpers,
+};