theo/dofus-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a22fed0f9de10187987fdfa47eb5369ecfb1cfc3
dofus-manager/docs/architecture/15-security-performance.md
BeauTroll 46907ca153 initial commit
2026-01-19 08:52:38 +01:00

69 lines
1.6 KiB
Markdown
Raw Blame History

# 15. Security & Performance
## Security Measures
### Authentication
- Session-based authentication with secure cookies
- Password hashing with bcrypt (cost factor 12)
- Session expiration and rotation
### Input Validation
- All inputs validated with Zod schemas
- Server-side validation mandatory
- Prisma parameterized queries (SQL injection prevention)
### Headers (via Traefik)
```yaml
# Security headers middleware
http:
middlewares:
security-headers:
headers:
stsSeconds: 31536000
stsIncludeSubdomains: true
contentTypeNosniff: true
frameDeny: true
browserXssFilter: true
referrerPolicy: "strict-origin-when-cross-origin"
contentSecurityPolicy: "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"
```
## Performance Optimizations
### Database
- Indexes on foreign keys and search fields
- Pagination for all list queries
- Connection pooling via Prisma
### Caching
- node-cache for server-side caching
- TanStack Query for client-side caching
- DofusDB data cached for 1 hour
### Frontend
- Code splitting via TanStack Router
- Lazy loading for routes
- Optimistic updates for better UX
### Bundle Optimization
```typescript
// app.config.ts
export default defineConfig({
vite: {
build: {
rollupOptions: {
output: {
manualChunks: {
'vendor-react': ['react', 'react-dom'],
'vendor-tanstack': ['@tanstack/react-router', '@tanstack/react-query'],
'vendor-ui': ['@radix-ui/react-dialog', '@radix-ui/react-select'],
},
},
},
},
},
});
```
---
Reference in New Issue View Git Blame Copy Permalink