Merge pull request #10 from bandish1304/bandish-contribution

thedipankarroy · web-flow · commit 0c93e57ae863 · 2025-02-18T03:58:21.000+05:30
security improvements issue #6
diff --git a/script/.gitignore b/script/.gitignore
@@ -0,0 +1 @@
+.env
diff --git a/script/dashboard.js b/script/dashboard.js
@@ -5,16 +5,19 @@ import {
   signOut,
 } from "https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js";
 
+// Its to load environment variables
+import dotenv from 'dotenv';
+dotenv.config();
+
 const firebaseConfig = {
-  apiKey:
-    "AIzaSyCf3OuJ3LfQIOrY_ytB-VMwPTm2jaKIBJ4",
-  authDomain: "ubercoders.firebaseapp.com",
-  projectId: "ubercoders",
-  storageBucket: "ubercoders.firebasestorage.app",
-  messagingSenderId: "648246074997",
+  apiKey: process.env.REACT_APP_FIREBASE_API_KEY,
+  authDomain: process.env.REACT_APP_FIREBASE_AUTH_DOMAIN,
+  projectId: process.env.REACT_APP_FIREBASE_PROJECT_ID,
+  storageBucket: process.env.REACT_APP_FIREBASE_STORAGE_BUCKET,
+  messagingSenderId: process.env.REACT_APP_FIREBASE_MESSAGING_SENDER_ID,
   appId:
-    "1:648246074997:web:d8724fc2c7aed70c6ee23c",
-  measurementId: "G-02D2QNJ8P7",
+    process.env.REACT_APP_FIREBASE_APP_ID,
+  measurementId: process.env.REACT_APP_FIREBASE_MEASUREMENT_ID,
 };
 
 const app = initializeApp(firebaseConfig);
diff --git a/script/index.js b/script/index.js
@@ -8,17 +8,21 @@ import {
   signOut,
 } from "https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js";
 
+
+// Its to load environment variables
+import dotenv from 'dotenv';
+dotenv.config();
+
+
 // Your Firebase configuration
 const firebaseConfig = {
-  apiKey:
-    "AIzaSyCf3OuJ3LfQIOrY_ytB-VMwPTm2jaKIBJ4",
-  authDomain: "ubercoders.firebaseapp.com",
-  projectId: "ubercoders",
-  storageBucket: "ubercoders.firebasestorage.app",
-  messagingSenderId: "648246074997",
-  appId:
-    "1:648246074997:web:d8724fc2c7aed70c6ee23c",
-  measurementId: "G-02D2QNJ8P7",
+  apiKey: process.env.REACT_APP_FIREBASE_API_KEY,
+  authDomain: process.env.REACT_APP_FIREBASE_AUTH_DOMAIN,
+  projectId: process.env.REACT_APP_FIREBASE_PROJECT_ID,
+  storageBucket: process.env.REACT_APP_FIREBASE_STORAGE_BUCKET,
+  messagingSenderId: process.env.REACT_APP_FIREBASE_MESSAGING_SENDER_ID,
+  appId: process.env.REACT_APP_FIREBASE_APP_ID,
+  measurementId: process.env.REACT_APP_FIREBASE_MEASUREMENT_ID,
 };
 
 // Initialize Firebase
@@ -45,8 +49,17 @@ signupForm.addEventListener(
     ).value;
 
     function validatePassword(password) {
-      // At least 6 characters long
-      return password.length >= 6;
+      const minLength = 6;
+      const hasNumber = /\d/;
+      const hasSpecialChar = /[!@#$%^&*(),.?":{}|<>]/;
+      const hasUpperCase = /[A-Z]/;
+
+      return (
+        password.length >= minLength &&
+        hasNumber.test(password) &&
+        hasSpecialChar.test(password) &&
+        hasUpperCase.test(password)
+  );
     }
 
     if (!validatePassword(password)) {
diff --git a/script/server.js b/script/server.js
@@ -0,0 +1,17 @@
+// Adding server code to limit the number of requests from a single IP address
+
+const express = require('express');
+const rateLimit = require('express-rate-limit');
+
+const app = express();
+
+const limiter = rateLimit({
+  windowMs: 15 * 60 * 1000, 
+  // Limit is 15 minutes
+  max: 100,
+   // limit each IP to 100 requests per windowMs
+  message: "Too many requests from this IP, please try again later."
+});
+
+app.use('/api/', limiter);
+
diff --git a/script/signout.js b/script/signout.js
@@ -5,16 +5,20 @@ import {
   signOut,
 } from "https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js";
 
+
+// Its to load environment variables
+import dotenv from 'dotenv';
+dotenv.config();
+
+
 const firebaseConfig = {
-  apiKey:
-    "AIzaSyCf3OuJ3LfQIOrY_ytB-VMwPTm2jaKIBJ4",
-  authDomain: "ubercoders.firebaseapp.com",
-  projectId: "ubercoders",
-  storageBucket: "ubercoders.firebasestorage.app",
-  messagingSenderId: "648246074997",
-  appId:
-    "1:648246074997:web:d8724fc2c7aed70c6ee23c",
-  measurementId: "G-02D2QNJ8P7",
+  apiKey: process.env.REACT_APP_FIREBASE_API_KEY,
+  authDomain: process.env.REACT_APP_FIREBASE_AUTH_DOMAIN,
+  projectId: process.env.REACT_APP_FIREBASE_PROJECT_ID,
+  storageBucket: process.env.REACT_APP_FIREBASE_STORAGE_BUCKET,
+  messagingSenderId: process.env.REACT_APP_FIREBASE_MESSAGING_SENDER_ID,
+  appId: process.env.REACT_APP_FIREBASE_APP_ID,
+  measurementId: process.env.REACT_APP_FIREBASE_MEASUREMENT_ID, 
 };
 
 const app = initializeApp(firebaseConfig);
