Files
Nexus.Reader/src/NexusReader.UI.Shared/wwwroot/js/viewport.js
T
Antigravity 711480f8f6 feat(infra): Docker-compose configuration and environment-specific security guards for Beta deployment to Test environment (#56)
This pull request introduces the dedicated containerized infrastructure and configuration for deploying NexusReader's beta version in the Test environment.

### Summary of Changes

1. **Docker Infrastructure & Secrets**:
   - **`docker-compose.test.yml`**: Configured dedicated database and auxiliary services (PostgreSQL 17, Qdrant, Neo4j) on isolated, non-standard ports to ensure zero conflict with the existing server configurations.
   - **`.env.test.template`**: Provided an environment variable template showing required setups, including mandatory database passwords, API keys, and admin custom passwords.
   - **`.gitignore`**: Excluded local `.env` files to prevent accidental commits of production or staging secrets.

2. **Database Hardening**:
   - Configured Neo4j with basic authentication (`IDriver` instantiation uses basic auth when credentials are provided in configuration).
   - Configured PostgreSQL to use mandatory authentication.
   - Configured the admin seeder (`DbInitializer.cs`) to dynamically use `NEXUS_ADMIN_PASSWORD` from environment variables, falling back to a default password in local Development only.

3. **Feature-Flagged Restrictions**:
   - **`appsettings.Test.json`**: Implemented `Features:AllowRegistration` and `Features:AllowPasswordReset` flags set to `false`.
   - **Middleware Enforcement (`Program.cs`)**: Intercepts requests to `/identity/register` and `/identity/forgotPassword` (and their MVC/form variations) and rejects them with a `403 Forbidden` response in restricted environments.
   - **OAuth Provisioning Guard (`Program.cs`)**: Blocks new account provisioning via Google OAuth callback by checking the `Features:AllowRegistration` configuration, redirecting users to the login page with a descriptive error.
   - **UI Protection (`Login.razor`, `Register.razor`)**: Conditionally hides registration/password reset links and intercepts manual navigation attempts to `/account/register` by redirecting to login with a warning.

---------

Co-authored-by: Marek Jasiński <jasins.marek@gmail.com>
Reviewed-on: #56
Co-authored-by: Antigravity <antigravity@google.com>
Co-committed-by: Antigravity <antigravity@google.com>
2026-06-01 17:17:45 +00:00

54 lines
1.6 KiB
JavaScript

/**
* Viewport and scrolling utilities for NexusReader.
* Avoids eval() usage, supports CSP, AOT-safety, and prevents memory leaks.
*/
export function isMobileViewport() {
return window.innerWidth < 768;
}
export function registerViewportObserver(dotNetHelper) {
let currentIsMobile = window.innerWidth < 768;
const listener = () => {
const isMobile = window.innerWidth < 768;
if (isMobile !== currentIsMobile) {
currentIsMobile = isMobile;
dotNetHelper.invokeMethodAsync('OnViewportChanged', isMobile);
}
};
// Store listener directly on the JS object wrapper of the DotNetObjectReference for elegant cleanup
dotNetHelper._viewportListener = listener;
window.addEventListener('resize', listener);
}
export function unregisterViewportObserver(dotNetHelper) {
if (dotNetHelper && dotNetHelper._viewportListener) {
window.removeEventListener('resize', dotNetHelper._viewportListener);
delete dotNetHelper._viewportListener;
}
}
export function scrollIntoView(id) {
const el = document.getElementById(id);
if (el) {
el.scrollIntoView({ behavior: 'smooth', block: 'center' });
return true;
}
return false;
}
// NOTE: Assumes the selector matches the active scroll container (default '.reader-canvas').
// Scoping is flexible to avoid issues if SSR pre-render or animated layouts render multiple wrappers.
export function scrollToTop(selector = '.reader-canvas') {
const el = document.querySelector(selector);
if (el) {
el.scrollTop = 0;
return true;
}
return false;
}