From 5f2672021e49482799876f944e16b152922823a4 Mon Sep 17 00:00:00 2001
From: Mathis HERRIOT <197931332+0x485254@users.noreply.github.com>
Date: Wed, 14 Jan 2026 20:41:25 +0100
Subject: [PATCH 1/5] feat(middleware): add crawler detection middleware for
suspicious requests
Introduce `CrawlerDetectionMiddleware` to identify and log potential crawlers or bots accessing suspicious paths or using bot-like user agents. Middleware applied globally to all routes in `AppModule`.
---
backend/src/app.module.ts | 9 ++-
.../crawler-detection.middleware.ts | 67 +++++++++++++++++++
2 files changed, 74 insertions(+), 2 deletions(-)
create mode 100644 backend/src/common/middlewares/crawler-detection.middleware.ts
diff --git a/backend/src/app.module.ts b/backend/src/app.module.ts
index e5085d4..41608f7 100644
--- a/backend/src/app.module.ts
+++ b/backend/src/app.module.ts
@@ -1,5 +1,5 @@
import { CacheModule } from "@nestjs/cache-manager";
-import { Module } from "@nestjs/common";
+import { MiddlewareConsumer, Module, NestModule } from "@nestjs/common";
import { ConfigModule, ConfigService } from "@nestjs/config";
import { ScheduleModule } from "@nestjs/schedule";
import { ThrottlerModule } from "@nestjs/throttler";
@@ -10,6 +10,7 @@ import { AppService } from "./app.service";
import { AuthModule } from "./auth/auth.module";
import { CategoriesModule } from "./categories/categories.module";
import { CommonModule } from "./common/common.module";
+import { CrawlerDetectionMiddleware } from "./common/middlewares/crawler-detection.middleware";
import { validateEnv } from "./config/env.schema";
import { ContentsModule } from "./contents/contents.module";
import { CryptoModule } from "./crypto/crypto.module";
@@ -71,4 +72,8 @@ import { UsersModule } from "./users/users.module";
controllers: [AppController, HealthController],
providers: [AppService],
})
-export class AppModule {}
+export class AppModule implements NestModule {
+ configure(consumer: MiddlewareConsumer) {
+ consumer.apply(CrawlerDetectionMiddleware).forRoutes("*");
+ }
+}
diff --git a/backend/src/common/middlewares/crawler-detection.middleware.ts b/backend/src/common/middlewares/crawler-detection.middleware.ts
new file mode 100644
index 0000000..01149d1
--- /dev/null
+++ b/backend/src/common/middlewares/crawler-detection.middleware.ts
@@ -0,0 +1,67 @@
+import { Injectable, Logger, NestMiddleware } from "@nestjs/common";
+import type { NextFunction, Request, Response } from "express";
+
+@Injectable()
+export class CrawlerDetectionMiddleware implements NestMiddleware {
+ private readonly logger = new Logger("CrawlerDetection");
+
+ private readonly SUSPICIOUS_PATTERNS = [
+ /\.env/,
+ /wp-admin/,
+ /wp-login/,
+ /\.git/,
+ /\.php$/,
+ /xmlrpc/,
+ /config/,
+ /setup/,
+ /wp-config/,
+ /_next/,
+ /install/,
+ /admin/,
+ /phpmyadmin/,
+ /sql/,
+ /backup/,
+ /db\./,
+ /backup\./,
+ /cgi-bin/,
+ /\.well-known\/security\.txt/, // Bien que légitime, souvent scanné
+ ];
+
+ private readonly BOT_USER_AGENTS = [
+ /bot/i,
+ /crawler/i,
+ /spider/i,
+ /python/i,
+ /curl/i,
+ /wget/i,
+ /nmap/i,
+ /nikto/i,
+ /zgrab/i,
+ /masscan/i,
+ ];
+
+ use(req: Request, res: Response, next: NextFunction) {
+ const { method, url, ip } = req;
+ const userAgent = req.get("user-agent") || "unknown";
+
+ res.on("finish", () => {
+ if (res.statusCode === 404) {
+ const isSuspiciousPath = this.SUSPICIOUS_PATTERNS.some((pattern) =>
+ pattern.test(url),
+ );
+ const isBotUserAgent = this.BOT_USER_AGENTS.some((pattern) =>
+ pattern.test(userAgent),
+ );
+
+ if (isSuspiciousPath || isBotUserAgent) {
+ this.logger.warn(
+ `Potential crawler detected: [${ip}] ${method} ${url} - User-Agent: ${userAgent}`,
+ );
+ // Ici, on pourrait ajouter une logique pour bannir l'IP temporairement via Redis
+ }
+ }
+ });
+
+ next();
+ }
+}
--
2.49.1
From 5671ba60a61399239ad125852f38d3b70d873875 Mon Sep 17 00:00:00 2001
From: Mathis HERRIOT <197931332+0x485254@users.noreply.github.com>
Date: Wed, 14 Jan 2026 20:41:45 +0100
Subject: [PATCH 2/5] feat(dto): enforce field length constraints across DTOs
Add `@MaxLength` validations to limit string field lengths in multiple DTOs, ensuring consistent data validation and integrity. Integrate `CreateApiKeyDto` in the API keys controller for improved type safety.
---
backend/src/api-keys/api-keys.controller.ts | 8 ++++----
backend/src/api-keys/dto/create-api-key.dto.ts | 12 ++++++++++++
backend/src/categories/dto/create-category.dto.ts | 5 ++++-
backend/src/contents/dto/create-content.dto.ts | 5 +++++
backend/src/contents/dto/upload-content.dto.ts | 4 ++++
backend/src/reports/dto/create-report.dto.ts | 3 ++-
backend/src/users/dto/update-consent.dto.ts | 4 +++-
7 files changed, 34 insertions(+), 7 deletions(-)
create mode 100644 backend/src/api-keys/dto/create-api-key.dto.ts
diff --git a/backend/src/api-keys/api-keys.controller.ts b/backend/src/api-keys/api-keys.controller.ts
index 2d65beb..0c75958 100644
--- a/backend/src/api-keys/api-keys.controller.ts
+++ b/backend/src/api-keys/api-keys.controller.ts
@@ -11,6 +11,7 @@ import {
import { AuthGuard } from "../auth/guards/auth.guard";
import type { AuthenticatedRequest } from "../common/interfaces/request.interface";
import { ApiKeysService } from "./api-keys.service";
+import { CreateApiKeyDto } from "./dto/create-api-key.dto";
@Controller("api-keys")
@UseGuards(AuthGuard)
@@ -20,13 +21,12 @@ export class ApiKeysController {
@Post()
create(
@Req() req: AuthenticatedRequest,
- @Body("name") name: string,
- @Body("expiresAt") expiresAt?: string,
+ @Body() createApiKeyDto: CreateApiKeyDto,
) {
return this.apiKeysService.create(
req.user.sub,
- name,
- expiresAt ? new Date(expiresAt) : undefined,
+ createApiKeyDto.name,
+ createApiKeyDto.expiresAt ? new Date(createApiKeyDto.expiresAt) : undefined,
);
}
diff --git a/backend/src/api-keys/dto/create-api-key.dto.ts b/backend/src/api-keys/dto/create-api-key.dto.ts
new file mode 100644
index 0000000..91601a6
--- /dev/null
+++ b/backend/src/api-keys/dto/create-api-key.dto.ts
@@ -0,0 +1,12 @@
+import { IsDateString, IsNotEmpty, IsOptional, IsString, MaxLength } from "class-validator";
+
+export class CreateApiKeyDto {
+ @IsString()
+ @IsNotEmpty()
+ @MaxLength(128)
+ name!: string;
+
+ @IsOptional()
+ @IsDateString()
+ expiresAt?: string;
+}
diff --git a/backend/src/categories/dto/create-category.dto.ts b/backend/src/categories/dto/create-category.dto.ts
index 52e0884..1459f00 100644
--- a/backend/src/categories/dto/create-category.dto.ts
+++ b/backend/src/categories/dto/create-category.dto.ts
@@ -1,15 +1,18 @@
-import { IsNotEmpty, IsOptional, IsString } from "class-validator";
+import { IsNotEmpty, IsOptional, IsString, MaxLength } from "class-validator";
export class CreateCategoryDto {
@IsString()
@IsNotEmpty()
+ @MaxLength(64)
name!: string;
@IsOptional()
@IsString()
+ @MaxLength(255)
description?: string;
@IsOptional()
@IsString()
+ @MaxLength(512)
iconUrl?: string;
}
diff --git a/backend/src/contents/dto/create-content.dto.ts b/backend/src/contents/dto/create-content.dto.ts
index 096601e..7c0aa92 100644
--- a/backend/src/contents/dto/create-content.dto.ts
+++ b/backend/src/contents/dto/create-content.dto.ts
@@ -6,6 +6,7 @@ import {
IsOptional,
IsString,
IsUUID,
+ MaxLength,
} from "class-validator";
export enum ContentType {
@@ -19,14 +20,17 @@ export class CreateContentDto {
@IsString()
@IsNotEmpty()
+ @MaxLength(255)
title!: string;
@IsString()
@IsNotEmpty()
+ @MaxLength(512)
storageKey!: string;
@IsString()
@IsNotEmpty()
+ @MaxLength(128)
mimeType!: string;
@IsInt()
@@ -39,5 +43,6 @@ export class CreateContentDto {
@IsOptional()
@IsArray()
@IsString({ each: true })
+ @MaxLength(64, { each: true })
tags?: string[];
}
diff --git a/backend/src/contents/dto/upload-content.dto.ts b/backend/src/contents/dto/upload-content.dto.ts
index ca4b284..a67c3d7 100644
--- a/backend/src/contents/dto/upload-content.dto.ts
+++ b/backend/src/contents/dto/upload-content.dto.ts
@@ -4,6 +4,7 @@ import {
IsOptional,
IsString,
IsUUID,
+ MaxLength,
} from "class-validator";
import { ContentType } from "./create-content.dto";
@@ -13,6 +14,7 @@ export class UploadContentDto {
@IsString()
@IsNotEmpty()
+ @MaxLength(255)
title!: string;
@IsOptional()
@@ -20,6 +22,8 @@ export class UploadContentDto {
categoryId?: string;
@IsOptional()
+ @IsArray()
@IsString({ each: true })
+ @MaxLength(64, { each: true })
tags?: string[];
}
diff --git a/backend/src/reports/dto/create-report.dto.ts b/backend/src/reports/dto/create-report.dto.ts
index 4a5284d..53a9bae 100644
--- a/backend/src/reports/dto/create-report.dto.ts
+++ b/backend/src/reports/dto/create-report.dto.ts
@@ -1,4 +1,4 @@
-import { IsEnum, IsOptional, IsString, IsUUID } from "class-validator";
+import { IsEnum, IsOptional, IsString, IsUUID, MaxLength } from "class-validator";
export enum ReportReason {
INAPPROPRIATE = "inappropriate",
@@ -21,5 +21,6 @@ export class CreateReportDto {
@IsOptional()
@IsString()
+ @MaxLength(1000)
description?: string;
}
diff --git a/backend/src/users/dto/update-consent.dto.ts b/backend/src/users/dto/update-consent.dto.ts
index 3456a81..aa97e7e 100644
--- a/backend/src/users/dto/update-consent.dto.ts
+++ b/backend/src/users/dto/update-consent.dto.ts
@@ -1,11 +1,13 @@
-import { IsNotEmpty, IsString } from "class-validator";
+import { IsNotEmpty, IsString, MaxLength } from "class-validator";
export class UpdateConsentDto {
@IsString()
@IsNotEmpty()
+ @MaxLength(16)
termsVersion!: string;
@IsString()
@IsNotEmpty()
+ @MaxLength(16)
privacyVersion!: string;
}
--
2.49.1
From ff6fc1c6b3b36cc6dd965add0213154a1408e7ae Mon Sep 17 00:00:00 2001
From: Mathis HERRIOT <197931332+0x485254@users.noreply.github.com>
Date: Wed, 14 Jan 2026 20:50:38 +0100
Subject: [PATCH 3/5] feat(ui): enhance mobile user experience and
authentication handling
Add `UserNavMobile` component for improved mobile navigation. Update dashboard and profile pages to include authentication checks with loading states and login prompts. Introduce category-specific content tabs on the profile page. Apply sidebar enhancements, including new sections for user favorites and memes.
---
frontend/src/app/(dashboard)/layout.tsx | 44 ++++++++++-------
frontend/src/app/(dashboard)/profile/page.tsx | 49 ++++++++++++++++---
frontend/src/app/(dashboard)/upload/page.tsx | 46 +++++++++++++++--
frontend/src/components/app-sidebar.tsx | 35 ++++++++++++-
frontend/src/components/user-nav-mobile.tsx | 39 +++++++++++++++
5 files changed, 182 insertions(+), 31 deletions(-)
create mode 100644 frontend/src/components/user-nav-mobile.tsx
diff --git a/frontend/src/app/(dashboard)/layout.tsx b/frontend/src/app/(dashboard)/layout.tsx
index 181c20b..89e2f02 100644
--- a/frontend/src/app/(dashboard)/layout.tsx
+++ b/frontend/src/app/(dashboard)/layout.tsx
@@ -2,6 +2,7 @@ import * as React from "react";
import { AppSidebar } from "@/components/app-sidebar";
import { MobileFilters } from "@/components/mobile-filters";
import { SearchSidebar } from "@/components/search-sidebar";
+import { UserNavMobile } from "@/components/user-nav-mobile";
import {
SidebarInset,
SidebarProvider,
@@ -16,26 +17,31 @@ export default function DashboardLayout({
modal: React.ReactNode;
}) {
return (
-
-
-
-
-
-
- {children}
- {modal}
-
+
+
+
+
+
+
+
+ {children}
+ {modal}
+
+
+
+
+
+
+
+ );
+ }
+
if (!isAuthenticated || !user) {
- redirect("/login");
+ return (
+
+
+
+
+
+
+ Profil inaccessible
+
+ Vous devez être connecté pour voir votre profil, vos mèmes et vos
+ favoris.
+
+
+
+
+
+
+
+
+
+ );
+ }
+
+ if (!isAuthenticated) {
+ return (
+
+
+
+
+
+
+ Connexion requise
+
+ Vous devez être connecté pour partager vos meilleurs mèmes avec la
+ communauté.
+
+
+
+
+
+
+