1.6 KiB
1.6 KiB
15. Security & Performance
Security Measures
Authentication
- Session-based authentication with secure cookies
- Password hashing with bcrypt (cost factor 12)
- Session expiration and rotation
Input Validation
- All inputs validated with Zod schemas
- Server-side validation mandatory
- Prisma parameterized queries (SQL injection prevention)
Headers (via Traefik)
# Security headers middleware
http:
middlewares:
security-headers:
headers:
stsSeconds: 31536000
stsIncludeSubdomains: true
contentTypeNosniff: true
frameDeny: true
browserXssFilter: true
referrerPolicy: "strict-origin-when-cross-origin"
contentSecurityPolicy: "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"
Performance Optimizations
Database
- Indexes on foreign keys and search fields
- Pagination for all list queries
- Connection pooling via Prisma
Caching
- node-cache for server-side caching
- TanStack Query for client-side caching
- DofusDB data cached for 1 hour
Frontend
- Code splitting via TanStack Router
- Lazy loading for routes
- Optimistic updates for better UX
Bundle Optimization
// app.config.ts
export default defineConfig({
vite: {
build: {
rollupOptions: {
output: {
manualChunks: {
'vendor-react': ['react', 'react-dom'],
'vendor-tanstack': ['@tanstack/react-router', '@tanstack/react-query'],
'vendor-ui': ['@radix-ui/react-dialog', '@radix-ui/react-select'],
},
},
},
},
},
});