mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security hardening and edge case fixes across frontend

Browse Source 
Security Improvements:
- Add input sanitization utilities (XSS, SQL injection prevention)
- Add token validation with JWT structure verification
- Add secure form validators with pattern enforcement
- Implement proper token storage with encryption support

Service Hardening:
- Add timeout (30s) and retry logic (3 attempts) to all API calls
- Add UUID validation for all ID parameters
- Add null/undefined checks with defensive defaults
- Proper error propagation with typed error handling

Component Fixes:
- Fix memory leaks with takeUntilDestroyed pattern
- Remove mock data fallbacks in error handlers
- Add proper loading/error state management
- Add form field length limits and validation

Files affected: 51 (6000+ lines added for security)
This commit is contained in:
Mahi
2026-02-08 02:10:09 -04:00
parent 80566bf0a2
commit 2c10cd5662
51 changed files with 6094 additions and 656 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
frontend/src/app/features/admin/user-list/user-list.component.ts
View File

@@ -1,9 +1,10 @@
import { Component, OnInit } from '@angular/core';
import { Component, OnInit, signal } from '@angular/core';
import { CommonModule } from '@angular/common';
import { MatTableModule } from '@angular/material/table';
import { MatChipsModule } from '@angular/material/chips';
import { MatCardModule } from '@angular/material/card';
import { ApiService } from '../../../core/services/api.service';
import { NotificationService } from '../../../core/services/notification.service';
@Component({
selector: 'app-user-list',
@@ -52,14 +53,20 @@ import { ApiService } from '../../../core/services/api.service';
export class UserListComponent implements OnInit {
users: any[] = [];
displayedColumns = ['name', 'email', 'role', 'wallet'];
readonly loading = signal(false);
constructor(private api: ApiService) {}
constructor(private api: ApiService, private notification: NotificationService) {}
async ngOnInit() {
this.loading.set(true);
try {
this.users = await this.api.get<any[]>('/admin/users').toPromise() || [];
} catch (error) {
console.error('Failed to load users', error);
this.loading.set(false);
this.notification.error('Failed to load users. Please try again.');
console.error('Error:', error);
} finally {
this.loading.set(false);
}
}
}