- Add banner/cover generation for stories with character reference support
- Improve summary system: generate every 8 msgs or when context large
- Enhance summary prompt to preserve critical story info (promises, relationships)
- Add typewriter text animation during AI streaming
- Increase context to 20 messages, lower summary temperature to 0.1
- Server: auto-truncate long messages instead of rejecting
- Added WorldState types for character location tracking
- Increased RECENT_MESSAGES_COUNT from 6 to 15
- Increased server limits (50k/200k chars)
- Added language reminders to system prompts
- Better error logging for 400 errors
Security:
- DeepSeek API moved to server-side proxy with rate limiting (20 req/min)
- Whitelist validation for all POST/PUT routes
- Cookie security (secure, sameSite, httpOnly in production)
- Input validation for messages, tokens, temperature
- Sanitized hasOwnProperty to prevent prototype pollution
Performance:
- Lazy loading for chat messages (sliding window of 20)
- Streaming response throttling (50ms batches)
- Scroll optimization (only scroll on new messages)
- AbortController fix for stop button
Code organization:
- GamePage refactored from ~1170 to ~750 lines
- New hooks: useGameSession, useStreamingResponse, useCharacterDetection, useLazyMessages
- New components: MessageList, ChatInput, SessionSelector, CharacterPanel
- Fixed ESLint errors
Features:
- OOC mode button for direct AI instructions
- Message versions (aiResponse) now persist to DB
- playerId saved in sessions
- Add rule reminders after 10+ messages to prevent AI drift
- Add auto-save every 5 seconds during streaming
- Add beforeunload warning for unsaved changes
- Save user message immediately before generating AI response
- Use refs for latest session data in async operations
- Reduce summary threshold from 20 to 15 messages
Alexej Wolff