Making progress on rewrite. Looking into supabase cache helpers.

src/utils/ban-suspicious-ips.ts

@@ -0,0 +1,102 @@
+import { type NextRequest, NextResponse } from 'next/server';
+
+// In-memory store for tracking IPs (use Redis in production)
+const ipAttempts = new Map<string, { count: number; lastAttempt: number }>();
+const bannedIPs = new Set<string>();
+
+// Ban Arctic Wolf Explicitly
+bannedIPs.add('::ffff:10.0.1.49');
+
+// Suspicious patterns that indicate malicious activity
+const MALICIOUS_PATTERNS = [
+  /web-inf/i,
+  /\.jsp/i,
+  /\.php/i,
+  /puttest/i,
+  /WEB-INF/i,
+  /\.xml$/i,
+  /perl/i,
+  /xampp/i,
+  /phpwebgallery/i,
+  /FileManager/i,
+  /standalonemanager/i,
+  /h2console/i,
+  /WebAdmin/i,
+  /login_form\.php/i,
+  /%2e/i,
+  /%u002e/i,
+  /\.%00/i,
+  /\.\./,
+  /lcgi/i,
+];
+
+// Suspicious HTTP methods
+const SUSPICIOUS_METHODS = ['TRACE', 'PUT', 'DELETE', 'PATCH'];
+
+const RATE_LIMIT_WINDOW = 60 * 1000; // 1 minute
+const MAX_ATTEMPTS = 10; // Max suspicious requests per window
+const BAN_DURATION = 30 * 60 * 1000; // 30 minutes
+
+const getClientIP = (request: NextRequest): string => {
+  const forwarded = request.headers.get('x-forwarded-for');
+  const realIP = request.headers.get('x-real-ip');
+  const cfConnectingIP = request.headers.get('cf-connecting-ip');
+
+  if (forwarded) return (forwarded.split(',')[0] ?? '').trim();
+  if (realIP) return realIP;
+  if (cfConnectingIP) return cfConnectingIP;
+  return request.headers.get('host') ?? 'unknown';
+};
+
+const isPathSuspicious = (pathname: string): boolean => {
+  return MALICIOUS_PATTERNS.some((pattern) => pattern.test(pathname));
+};
+
+const isMethodSuspicious = (method: string): boolean => {
+  return SUSPICIOUS_METHODS.includes(method);
+};
+
+const updateIPAttempts = (ip: string): boolean => {
+  const now = Date.now();
+  const attempts = ipAttempts.get(ip);
+
+  if (!attempts || now - attempts.lastAttempt > RATE_LIMIT_WINDOW) {
+    ipAttempts.set(ip, { count: 1, lastAttempt: now });
+    return false;
+  }
+  attempts.count++;
+  attempts.lastAttempt = now;
+  if (attempts.count > MAX_ATTEMPTS) {
+    bannedIPs.add(ip);
+    ipAttempts.delete(ip);
+    // Auto-unban after duration (in production, use a proper scheduler)
+    setTimeout(() => {
+      bannedIPs.delete(ip);
+    }, BAN_DURATION);
+    return true;
+  }
+  return false;
+};
+
+export const banSuspiciousIPs = (request: NextRequest): NextResponse | null => {
+  const { pathname } = request.nextUrl;
+  const method = request.method;
+  const ip = getClientIP(request);
+
+  if (bannedIPs.has(ip)) return new NextResponse('Access denied.', { status: 403 });
+
+  const isSuspiciousPath = isPathSuspicious(pathname);
+  const isSuspiciousMethod = isMethodSuspicious(method);
+
+  if (isSuspiciousPath || isSuspiciousMethod) {
+    const shouldBan = updateIPAttempts(ip);
+    if (shouldBan) {
+      console.log(`🔨 IP ${ip} has been banned for suspicious activity`);
+      return new NextResponse('Access denied - IP banned. Please fuck off.', {
+        status: 403,
+      });
+    }
+    return new NextResponse('Not Found', { status: 404 });
+  }
+  return null;
+};

src/utils/supabase/client.ts

@@ -0,0 +1,23 @@
+'use client';
+
+import { createBrowserClient } from '@supabase/ssr';
+import type { Database } from '@/utils/supabase/database.types';
+import type { SupabaseClient } from '@/utils/supabase/types';
+import { useMemo } from 'react';
+
+let client: SupabaseClient | undefined;
+
+const getSupbaseClient = () => {
+  if  (client) return client;
+  client = createBrowserClient<Database>(
+    process.env.NEXT_PUBLIC_SUPABASE_URL!,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
+  );
+  return client;
+};
+
+const useSupabaseClient = () => {
+  return useMemo(getSupbaseClient, []);
+};
+
+export { useSupabaseClient };

src/utils/supabase/database.types.ts

@@ -0,0 +1,203 @@
+export type Json =
+  | string
+  | number
+  | boolean
+  | null
+  | { [key: string]: Json | undefined }
+  | Json[];
+
+export type Database = {
+  public: {
+    Tables: {
+      profiles: {
+        Row: {
+          avatar_url: string | null;
+          email: string | null;
+          full_name: string | null;
+          id: string;
+          provider: string | null;
+          updated_at: string | null;
+        };
+        Insert: {
+          avatar_url?: string | null;
+          email?: string | null;
+          full_name?: string | null;
+          id: string;
+          provider?: string | null;
+          updated_at?: string | null;
+        };
+        Update: {
+          avatar_url?: string | null;
+          email?: string | null;
+          full_name?: string | null;
+          id?: string;
+          provider?: string | null;
+          updated_at?: string | null;
+        };
+        Relationships: [];
+      };
+      statuses: {
+        Row: {
+          created_at: string;
+          id: string;
+          status: string;
+          updated_by_id: string | null;
+          user_id: string;
+        };
+        Insert: {
+          created_at?: string;
+          id?: string;
+          status: string;
+          updated_by_id?: string | null;
+          user_id: string;
+        };
+        Update: {
+          created_at?: string;
+          id?: string;
+          status?: string;
+          updated_by_id?: string | null;
+          user_id?: string;
+        };
+        Relationships: [
+          {
+            foreignKeyName: 'statuses_updated_by_id_fkey';
+            columns: ['updated_by_id'];
+            isOneToOne: false;
+            referencedRelation: 'profiles';
+            referencedColumns: ['id'];
+          },
+          {
+            foreignKeyName: 'statuses_user_id_fkey';
+            columns: ['user_id'];
+            isOneToOne: false;
+            referencedRelation: 'profiles';
+            referencedColumns: ['id'];
+          },
+        ];
+      };
+    };
+    Views: {
+      [_ in never]: never;
+    };
+    Functions: {
+      [_ in never]: never;
+    };
+    Enums: {
+      [_ in never]: never;
+    };
+    CompositeTypes: {
+      [_ in never]: never;
+    };
+  };
+};
+
+type DefaultSchema = Database[Extract<keyof Database, 'public'>];
+
+export type Tables<
+  DefaultSchemaTableNameOrOptions extends
+    | keyof (DefaultSchema['Tables'] & DefaultSchema['Views'])
+    | { schema: keyof Database },
+  TableName extends DefaultSchemaTableNameOrOptions extends {
+    schema: keyof Database;
+  }
+    ? keyof (Database[DefaultSchemaTableNameOrOptions['schema']]['Tables'] &
+        Database[DefaultSchemaTableNameOrOptions['schema']]['Views'])
+    : never = never,
+> = DefaultSchemaTableNameOrOptions extends { schema: keyof Database }
+  ? (Database[DefaultSchemaTableNameOrOptions['schema']]['Tables'] &
+      Database[DefaultSchemaTableNameOrOptions['schema']]['Views'])[TableName] extends {
+      Row: infer R;
+    }
+    ? R
+    : never
+  : DefaultSchemaTableNameOrOptions extends keyof (DefaultSchema['Tables'] &
+        DefaultSchema['Views'])
+    ? (DefaultSchema['Tables'] &
+        DefaultSchema['Views'])[DefaultSchemaTableNameOrOptions] extends {
+        Row: infer R;
+      }
+      ? R
+      : never
+    : never;
+
+export type TablesInsert<
+  DefaultSchemaTableNameOrOptions extends
+    | keyof DefaultSchema['Tables']
+    | { schema: keyof Database },
+  TableName extends DefaultSchemaTableNameOrOptions extends {
+    schema: keyof Database;
+  }
+    ? keyof Database[DefaultSchemaTableNameOrOptions['schema']]['Tables']
+    : never = never,
+> = DefaultSchemaTableNameOrOptions extends { schema: keyof Database }
+  ? Database[DefaultSchemaTableNameOrOptions['schema']]['Tables'][TableName] extends {
+      Insert: infer I;
+    }
+    ? I
+    : never
+  : DefaultSchemaTableNameOrOptions extends keyof DefaultSchema['Tables']
+    ? DefaultSchema['Tables'][DefaultSchemaTableNameOrOptions] extends {
+        Insert: infer I;
+      }
+      ? I
+      : never
+    : never;
+
+export type TablesUpdate<
+  DefaultSchemaTableNameOrOptions extends
+    | keyof DefaultSchema['Tables']
+    | { schema: keyof Database },
+  TableName extends DefaultSchemaTableNameOrOptions extends {
+    schema: keyof Database;
+  }
+    ? keyof Database[DefaultSchemaTableNameOrOptions['schema']]['Tables']
+    : never = never,
+> = DefaultSchemaTableNameOrOptions extends { schema: keyof Database }
+  ? Database[DefaultSchemaTableNameOrOptions['schema']]['Tables'][TableName] extends {
+      Update: infer U;
+    }
+    ? U
+    : never
+  : DefaultSchemaTableNameOrOptions extends keyof DefaultSchema['Tables']
+    ? DefaultSchema['Tables'][DefaultSchemaTableNameOrOptions] extends {
+        Update: infer U;
+      }
+      ? U
+      : never
+    : never;
+
+export type Enums<
+  DefaultSchemaEnumNameOrOptions extends
+    | keyof DefaultSchema['Enums']
+    | { schema: keyof Database },
+  EnumName extends DefaultSchemaEnumNameOrOptions extends {
+    schema: keyof Database;
+  }
+    ? keyof Database[DefaultSchemaEnumNameOrOptions['schema']]['Enums']
+    : never = never,
+> = DefaultSchemaEnumNameOrOptions extends { schema: keyof Database }
+  ? Database[DefaultSchemaEnumNameOrOptions['schema']]['Enums'][EnumName]
+  : DefaultSchemaEnumNameOrOptions extends keyof DefaultSchema['Enums']
+    ? DefaultSchema['Enums'][DefaultSchemaEnumNameOrOptions]
+    : never;
+
+export type CompositeTypes<
+  PublicCompositeTypeNameOrOptions extends
+    | keyof DefaultSchema['CompositeTypes']
+    | { schema: keyof Database },
+  CompositeTypeName extends PublicCompositeTypeNameOrOptions extends {
+    schema: keyof Database;
+  }
+    ? keyof Database[PublicCompositeTypeNameOrOptions['schema']]['CompositeTypes']
+    : never = never,
+> = PublicCompositeTypeNameOrOptions extends { schema: keyof Database }
+  ? Database[PublicCompositeTypeNameOrOptions['schema']]['CompositeTypes'][CompositeTypeName]
+  : PublicCompositeTypeNameOrOptions extends keyof DefaultSchema['CompositeTypes']
+    ? DefaultSchema['CompositeTypes'][PublicCompositeTypeNameOrOptions]
+    : never;
+
+export const Constants = {
+  public: {
+    Enums: {},
+  },
+} as const;

src/utils/supabase/index.ts

@@ -0,0 +1,5 @@
+export { useSupabaseClient } from './client';
+export { updateSession } from './middleware';
+export { useSupabaseServer } from './server';
+export type { Database } from './database.types';
+export type * from './types';

src/utils/supabase/middleware.ts

@@ -0,0 +1,56 @@
+import { createServerClient } from '@supabase/ssr';
+import { type NextRequest, NextResponse } from 'next/server';
+import type { Database } from '@/utils/supabase/database.types';
+
+export const updateSession = async (
+  request: NextRequest,
+): Promise<NextResponse> => {
+  try {
+    // Create an unmodified response
+    let response = NextResponse.next({
+      request: {
+        headers: request.headers,
+      },
+    });
+
+    const supabase = createServerClient<Database>(
+      process.env.NEXT_PUBLIC_SUPABASE_URL!,
+      process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
+      {
+        cookies: {
+          getAll() {
+            return request.cookies.getAll();
+          },
+          setAll(cookiesToSet) {
+            cookiesToSet.forEach(({ name, value }) =>
+              request.cookies.set(name, value),
+            );
+            response = NextResponse.next({
+              request,
+            });
+            cookiesToSet.forEach(({ name, value, options }) =>
+              response.cookies.set(name, value, options),
+            );
+          },
+        },
+      },
+    );
+
+    // This will refresh session if expired - required for Server Components
+    // https://supabase.com/docs/guides/auth/server-side/nextjs
+    const user = await supabase.auth.getUser();
+
+    // protected routes
+    if (request.nextUrl.pathname.startsWith('/reset-password') && user.error) {
+      return NextResponse.redirect(new URL('/sign-in', request.url));
+    }
+
+    return response;
+  } catch (e) {
+    return NextResponse.next({
+      request: {
+        headers: request.headers,
+      },
+    });
+  }
+};

src/utils/supabase/server.ts

@@ -0,0 +1,30 @@
+'use server';
+
+import 'server-only';
+import { createServerClient } from '@supabase/ssr';
+import type { Database } from '@/utils/supabase/database.types';
+import { cookies } from 'next/headers';
+
+export const useSupabaseServer = async () => {
+  const cookieStore = await cookies();
+  return createServerClient<Database>(
+    process.env.NEXT_PUBLIC_SUPABASE_URL!,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
+    {
+      cookies: {
+        getAll() {
+          return cookieStore.getAll();
+        },
+        setAll(cookiesToSet) {
+          try {
+            cookiesToSet.forEach(({ name, value, options }) => {
+              cookieStore.set(name, value, options);
+            });
+          } catch (error) {
+            console.error(`Error setting cookies: ${error as string}`);
+          }
+        },
+      },
+    },
+  );
+};

src/utils/supabase/types.ts

@@ -0,0 +1,30 @@
+import type { Database } from '@/utils/supabase/database.types';
+import type { SupabaseClient as SBClient } from '@supabase/supabase-js'
+
+export type SupabaseClient = SBClient<Database>;
+
+export type { User } from '@supabase/supabase-js';
+
+// Table row types
+export type Profile = Database['public']['Tables']['profiles']['Row'];
+export type Status = Database['public']['Tables']['statuses']['Row'];
+
+// Insert types
+export type ProfileInsert = Database['public']['Tables']['profiles']['Insert'];
+export type StatusInsert = Database['public']['Tables']['statuses']['Insert'];
+
+// Update types
+export type ProfileUpdate = Database['public']['Tables']['profiles']['Update'];
+export type StatusUpdate = Database['public']['Tables']['statuses']['Update'];
+
+// Generic helper to get any table's row type
+export type TableRow<T extends keyof Database['public']['Tables']> =
+  Database['public']['Tables'][T]['Row'];
+
+// Generic helper to get any table's insert type
+export type TableInsert<T extends keyof Database['public']['Tables']> =
+  Database['public']['Tables'][T]['Insert'];
+
+// Generic helper to get any table's update type
+export type TableUpdate<T extends keyof Database['public']['Tables']> =
+  Database['public']['Tables'][T]['Update'];