Major refactor: security, performance, and code organization
Security: - DeepSeek API moved to server-side proxy with rate limiting (20 req/min) - Whitelist validation for all POST/PUT routes - Cookie security (secure, sameSite, httpOnly in production) - Input validation for messages, tokens, temperature - Sanitized hasOwnProperty to prevent prototype pollution Performance: - Lazy loading for chat messages (sliding window of 20) - Streaming response throttling (50ms batches) - Scroll optimization (only scroll on new messages) - AbortController fix for stop button Code organization: - GamePage refactored from ~1170 to ~750 lines - New hooks: useGameSession, useStreamingResponse, useCharacterDetection, useLazyMessages - New components: MessageList, ChatInput, SessionSelector, CharacterPanel - Fixed ESLint errors Features: - OOC mode button for direct AI instructions - Message versions (aiResponse) now persist to DB - playerId saved in sessions
This commit is contained in:
Alexej Wolff
@@ -37,8 +37,8 @@ cd resekai
|
||||
npm install
|
||||
cd server && npm install && cd ..
|
||||
|
||||
# Создать .env файл
|
||||
echo "VITE_DEEPSEEK_API_KEY=your_api_key" > .env
|
||||
# Настроить backend (скопировать .env.example и заполнить)
|
||||
# Обязательно указать DEEPSEEK_API_KEY в server/.env
|
||||
|
||||
# Запустить в режиме разработки
|
||||
npm run dev # Frontend (порт 5173)
|
||||
|
||||
Reference in New Issue
Block a user