Merge pull request #5 from CodeMeAPixel/dev

fix(stuff): create internal routes for external apis and more

Author: CodeMeAPixel

CHANGELOG.md

@@ -20,19 +20,27 @@ For more information, see:
 - Middleware and Navbar now gate dashboard/tools access for unverified users; only Overview is accessible until email is verified.
 - NextAuth session callback now always includes emailVerified for reliable client checks.
 - Health check API endpoints for all tools: `/api/definer/health`, `/api/rephraser/health`, `/api/spellcheck/health`, `/api/tldr/health`.
+- Internal API routes for Ackee analytics: `/api/ackee/tracker.js` proxies the tracker script, `/api/ackee/collect` proxies tracking requests.
 
 ### Changed
 
 - Navbar and middleware logic now use emailVerified as a date (not boolean) for verification checks.
 - Improved spellchecker result logic and user activity payload to include wordsFixed and issuesCount.
 - Settings page and API routes now properly handle user data directory in production.
+- StatusIndicator now uses the internal `/api/status` route and displays a user-friendly status label as a link.
+- Footer component updated: system status indicator moved beside social icons for improved UX.
+- All auth forms (sign-in, sign-up, reset, forgot) now open the keyboard immediately on mobile by removing `readOnly` and `onFocus` from input fields.
+- After login and email verification, the app now calls `router.refresh()` to ensure session and navbar state update instantly (fixes mobile redirect and UI issues).
+- Ackee analytics script in layout now uses internal API endpoints for improved privacy and CORS handling.
 
 ### Fixed
 
 - Fixed Prisma errors for spellchecker: correct model name, user relation, and added missing wordsFixed field.
 - Fixed CORS error explanation for external analytics (Ackee): clarified that CORS must be set server-side, not in Next.js config.
 - Fixed email verification logic to match NextAuth's use of a date for emailVerified.
 - Fixed middleware to allow /auth/verify for logged-in users.
+- Mobile keyboard now reliably opens for all input fields in authentication forms.
+- Auth redirect and navbar state now update immediately after login and email verification, especially on mobile devices.
 
 ### Removed
 

next.config.ts

@@ -19,9 +19,17 @@ const nextConfig: NextConfig = {
       {
         source: "/:path*",
         headers: [
+          {
+            key: "Powered-By",
+            value: "ByteBrush Studios <bytebrush.dev>",
+          },
+          {
+            key: "X-Powered-By",
+            value: "ByteBrush Studios <bytebrush.dev>",
+          },
           {
             key: "Access-Control-Allow-Origin",
-            value: "*", // Set your origin
+            value: "*",
           },
           {
             key: "Access-Control-Allow-Methods",
@@ -31,6 +39,26 @@ const nextConfig: NextConfig = {
             key: "Access-Control-Allow-Headers",
             value: "Content-Type, Authorization",
           },
+          {
+            key: "X-DNS-Prefetch-Control",
+            value: "on",
+          },
+          {
+            key: "Strict-Transport-Policy",
+            value: "max-age=63072000; includeSubDomains; preload",
+          },
+          {
+            key: "X-Content-Type-Options",
+            value: "nosniff",
+          },
+          {
+            key: "X-XSS-Protection",
+            value: "1; mode=block",
+          },
+          {
+            key: "Referrer-Policy",
+            value: "same-origin",
+          },
         ],
       },
     ];

src/app/api/ackee/collect/route.ts

@@ -0,0 +1,28 @@
+import { NextResponse } from "next/server";
+
+const COLLECT_URL = "https://ackee.bytebrush.dev/api";
+
+export async function POST(req: Request) {
+  try {
+    const body = await req.text();
+    const res = await fetch(COLLECT_URL, {
+      method: "POST",
+      headers: {
+        "Content-Type": req.headers.get("Content-Type") || "application/json",
+      },
+      body,
+    });
+    const data = await res.text();
+    return new Response(data, {
+      status: res.status,
+      headers: {
+        "Content-Type": res.headers.get("Content-Type") || "application/json",
+      },
+    });
+  } catch (error) {
+    return NextResponse.json(
+      { error: "Unable to proxy Ackee collect" },
+      { status: 500 },
+    );
+  }
+}

src/app/api/ackee/tracker.js/route.ts

@@ -0,0 +1,22 @@
+import { NextResponse } from "next/server";
+
+const TRACKER_URL = "https://ackee.bytebrush.dev/tracker.js";
+
+export async function GET() {
+  try {
+    const res = await fetch(TRACKER_URL);
+    const js = await res.text();
+    return new Response(js, {
+      status: 200,
+      headers: {
+        "Content-Type": "application/javascript",
+        "Cache-Control": "public, max-age=3600",
+      },
+    });
+  } catch (error) {
+    return NextResponse.json(
+      { error: "Unable to fetch Ackee tracker" },
+      { status: 500 },
+    );
+  }
+}

src/app/api/status/route.ts

@@ -0,0 +1,22 @@
+import { NextResponse } from "next/server";
+
+const STATUS_API_URL = "https://status.lexiapp.space/api/monitor";
+const STATUS_API_TOKEN = process.env.STATUS_API_TOKEN;
+
+export async function GET() {
+  try {
+    const res = await fetch(STATUS_API_URL, {
+      headers: STATUS_API_TOKEN
+        ? { Authorization: `Bearer ${STATUS_API_TOKEN}` }
+        : {},
+      next: { revalidate: 30 }, // cache for 30s
+    });
+    const data = await res.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    return NextResponse.json(
+      { error: "Unable to fetch status" },
+      { status: 500 },
+    );
+  }
+}

src/app/auth/forgot/page.tsx

@@ -86,8 +86,6 @@ export default function ForgotPage() {
               onChange={(e) => setEmail(e.target.value)}
               placeholder="you@example.com"
               autoComplete="off"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 

src/app/auth/reset/page.tsx

@@ -108,8 +108,6 @@ export default function ResetPage() {
                 onChange={(e) => setCurrentPassword(e.target.value)}
                 placeholder="Enter your current password"
                 autoComplete="current-password"
-                readOnly
-                onFocus={(e) => (e.currentTarget.readOnly = false)}
               />
             </div>
           )}
@@ -127,8 +125,6 @@ export default function ResetPage() {
               onChange={(e) => setPassword(e.target.value)}
               placeholder="At least 8 characters"
               autoComplete="new-password"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 
@@ -143,8 +139,6 @@ export default function ResetPage() {
               onChange={(e) => setConfirm(e.target.value)}
               placeholder="Confirm new password"
               autoComplete="new-password"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 

src/app/auth/signin/page.tsx

@@ -26,6 +26,7 @@ export default function SignInPage() {
       if (res?.ok) {
         toast.success("Signed in");
         router.push("/dashboard");
+        router.refresh();
       } else {
         // next-auth returns an error string in res.error when redirect=false
         toast.error(res?.error || "Sign in failed");
@@ -87,8 +88,6 @@ export default function SignInPage() {
               placeholder="Enter your email"
               onChange={(e) => setEmail(e.target.value)}
               autoComplete="off"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 
@@ -105,8 +104,6 @@ export default function SignInPage() {
               placeholder="Enter your password"
               onChange={(e) => setPassword(e.target.value)}
               autoComplete="off"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 

src/app/auth/signup/page.tsx

@@ -125,8 +125,6 @@ export default function SignUpPage() {
               onChange={(e) => setEmail(e.target.value)}
               placeholder="you@example.com"
               autoComplete="off"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 
@@ -143,8 +141,6 @@ export default function SignUpPage() {
               onChange={(e) => setPassword(e.target.value)}
               placeholder="At least 8 characters"
               autoComplete="new-password"
-              readOnly
-              onFocus={(e) => (e.currentTarget.readOnly = false)}
             />
           </div>
 

src/app/auth/verify/page.tsx

@@ -56,6 +56,7 @@ export default function VerifyPage() {
       // Optionally redirect to dashboard after a short delay
       setTimeout(() => {
         router.push("/dashboard");
+        router.refresh();
       }, 1400);
     } catch (err) {
       console.error(err);