feat(ui): complete UI overhaul — mobile nav, search, compare, PWA#77
Open
roshanraj9136 wants to merge 4 commits into
Open
feat(ui): complete UI overhaul — mobile nav, search, compare, PWA#77roshanraj9136 wants to merge 4 commits into
roshanraj9136 wants to merge 4 commits into
Conversation
The root tsconfig include glob (**/*.ts, **/*.tsx) was pulling the nested protrade-stocks Vite app into root type-checks, surfacing errors that belong to that sub-project's own build. Add it to the exclude list along with .next.
Resolves the following advisories surfaced by npm audit: - next: middleware/proxy bypass on Pages Router with i18n, WebSocket-upgrade SSRF - uuid <11.1.1: missing buffer bounds check in v3/v5/v6 - ws 8.0.0-8.20.0: uninitialized memory disclosure - yaml: stack overflow on deeply nested collections - picomatch: ReDoS via extglob quantifiers, method injection in POSIX character classes next is bumped patch-level (13.5.1 -> 13.5.11) within the same minor; the rest move to clean ranges via npm audit fix. Build and type-check are unchanged.
Move the email-to-anonymous-id derivation off the browser and onto a
real route handler. Three problems with the previous setup:
1. The handler at src/pages/api/auth/anonymize/route.ts was dead
code. It used App Router syntax (export async function POST,
NextResponse) under the Pages Router tree, where Next.js expects
export default function handler(req, res). It was never invoked.
2. The actual anonymization ran in handleAuthCallback in the
browser, which forced two compromises documented in the source:
PBKDF2 iterations were lowered from 100000 to 10000 and from
50000 to 5000 'to prevent browser freeze'. That's a 10x weaker
brute-force resistance, on the wrong side of the trust boundary,
running synchronously and blocking the main thread.
3. The Node 'crypto' module was being shipped to the client bundle
via a polyfill. Unnecessary weight and a footgun if anyone reuses
the helpers elsewhere.
This change:
- Adds src/app/api/auth/anonymize/route.ts as the real handler.
Reads the session via @/utils/supabase/server, runs PBKDF2 with
the original iteration counts (100000 + 50000), uses the async
promisified pbkdf2 so the event loop is not blocked, and is
idempotent: if a users row already exists for this auth_id it
returns the existing anonymous_id instead of inserting a duplicate
(which the previous upsert-without-onConflict would have done).
- Deletes the broken pages-router file.
- Rewrites handleAuthCallback to POST to the new route. The public
signature ({ user, anonymousId, error }) is preserved so callers
in src/app/auth/callback/page.tsx, src/components/auth/
EmailVerification.tsx, and src/contexts/AuthContext.tsx work
unchanged.
- Drops the now-unused generateAnonymousIdentity,
verifyAnonymousIdentity, AnonymousUser, and AnonymizationResult
exports from anonymization.ts. The crypto and uuid imports go with
them, so client-bundled code no longer references node:crypto.
sanitizeContent, enhancedSanitizeContent, and createFuzzyTimestamp
remain since they are still used by review-rendering components.
Verified: tsc --noEmit clean, next build succeeds, /api/auth/
anonymize appears as a server route in the build output.
Phase 1 — Mobile UX: - Hamburger nav with animated slide-down menu (framer-motion) - Touch-friendly star ratings (32px targets on mobile) - Shimmer loading skeletons replacing text placeholders - Auto scroll-to-top on route navigation Phase 2 — Premium feel: - Live search bar on homepage (queries courses + professors) - Page transitions with fade/slide animation - SearchBar with instant dropdown results Phase 3 — Legacy features: - /compare page: side-by-side course comparison with animated bars - Professor radar chart (recharts) on professor detail pages - Trending 'Most Reviewed' section on homepage - PWA: manifest.json + service worker for offline + installable - Confetti celebration on first rating submission Stack: Node 20, React 18.2, Next 13.5.11 New deps: framer-motion@11.18.0, canvas-confetti@1.9.3 Verified: tsc clean, next build passes (15 routes), all routes 200
|
@roshanraj9136 is attempting to deploy a commit to the OpenLake_Website Team on Vercel. A member of the Team first needs to authorize it. |
|
Warning Review limit reached
More reviews will be available in 21 minutes and 35 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more credits in the billing tab to continue. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (24)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Ashish-Kumar-Dash
left a comment
Ashish-Kumar-Dash
left a comment
Contributor
There was a problem hiding this comment.
@roshanraj9136 for any UI edits please attach corresponding ss of your changes and the looks of the present site
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
UI Overhaul
A comprehensive upgrade to make RateMyCourse more usable, responsive, and memorable.
Phase 1 — Mobile-first UX
Phase 2 — Premium feel
Phase 3 — Legacy features
/comparepage — side-by-side course comparison with animated rating barsStack compatibility
New dependencies
framer-motion@11.18.0(pinned)canvas-confetti@1.9.3(pinned)Verified
tsc --noEmit✅next build✅ (15 routes compile)Files changed: 20 (+714 / −46)