WEB: Webinar and console changes

[nxtCoder19]

Summary by Sourcery

Implement a new webinar feature with registration and joining capabilities, integrate Google reCAPTCHA for form security, update dependencies, and enhance the build and deployment configurations. Additionally, update the documentation with a new onboarding section.

New Features:

• Introduce a new webinar feature with a registration and joining process, integrating with Dyte for meeting management.
• Add support for Google reCAPTCHA to enhance form security on the contact page.

Enhancements:

• Update various dependencies across multiple packages to their latest versions, improving security and performance.
• Refactor the event page to dynamically load event data from a JSON file, allowing for easier updates and management of event details.

Build:

• Update the Taskfile.yaml to include new build and run commands, supporting environment variable loading from a .env file.

Deployment:

• Modify the Firebase hosting configuration to streamline deployment by removing unnecessary functions configuration.

Documentation:

• Add a new onboarding section to the FAQ documentation, providing guidance for new users on how to start using Kloudlite.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request includes significant changes across multiple applications and components within the Kloudlite project. Key changes include updates to the webinar application, modifications to the documentation site, changes to the console application, and updates to various configuration files and dependencies.

File-Level Changes

Change	Details	Files
Major updates to the webinar application	Added new components for webinar UI and meeting functionality Implemented user registration and authentication flow Added environment variable handling and configuration Created new routes for event handling	src/apps/webinar/src/app/orgs/webinar-ui.tsx src/apps/webinar/src/app/[eventHash]/join/components/events-ui.tsx src/apps/webinar/src/app/[eventHash]/join/page.tsx src/apps/webinar/src/app/pages/meeting/components/meeting.tsx src/apps/webinar/src/app/components/header.tsx src/apps/webinar/src/app/components/container.tsx src/apps/webinar/src/app/components/wrapper.tsx src/apps/webinar/src/app/api/get-envs/route.tsx src/apps/webinar/src/app/utils/use-env.ts src/apps/webinar/src/app/components/toastify-container.tsx
Updates to the documentation site	Modified contact form functionality Updated event handling and display Changed privacy policy and legal content Added Google reCAPTCHA integration	src/apps/devdoc/web/components/page/contact-us.tsx src/apps/devdoc/web/components/website/home/events.tsx src/apps/devdoc/pages/legal/privacy-policy.mdx src/apps/devdoc/web/utils/g-recaptcha.tsx src/apps/devdoc/pages/_document.tsx
Modifications to the console application	Updated image selection and display in app creation Modified environment variable handling Changed wording from 'Integrated resources' to 'Managed resources'	src/apps/console/routes/_main+/$account+/env+/$environment+/new-app/app-detail.tsx src/apps/console/page-components/app/general.tsx src/apps/console/routes/_main+/$account+/env+/$environment+/new-app/app-config-mount.tsx src/apps/console/routes/_main+/$account+/env+/$environment+/new-app/app-environment-variables.tsx
Configuration and dependency updates	Updated various package versions in pnpm-lock.yaml files Modified Next.js and ESLint configurations Updated Firebase configuration Changed Taskfile configurations	src/apps/devdoc/pnpm-lock.yaml src/apps/webinar/pnpm-lock.yaml src/design-system/pnpm-lock.yaml src/apps/devdoc/next.config.mjs src/apps/webinar/next.config.mjs src/apps/devdoc/.eslintrc.yml src/apps/devdoc/firebase.json Taskfile.yaml src/apps/webinar/Taskfile.yaml

---

Tips

• Trigger a new Sourcery review by commenting @sourcery-ai review on the pull request.
• Continue your discussion with Sourcery by replying directly to review comments.
• You can change your review settings at any time by accessing your dashboard:
  • Enable or disable the Sourcery-generated pull request summary or reviewer's guide;
  • Change the review language;
• You can always contact us if you have any questions or feedback.

[sourcery-ai]

Hey @nxtCoder19 - I've reviewed your changes and found some issues that need to be addressed.

Blocking issues:

• Hard-coded reCAPTCHA site key found. (link)

Here's what I looked at during the review

• 🟡 General issues: 5 issues found
• 🔴 Security: 1 blocking issue, 3 other issues
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.}

[sourcery-ai]

suggestion: Implementation of Google reCAPTCHA

Verify that the reCAPTCHA implementation is correctly handling all possible scenarios, including network errors or invalid responses.

try {
  const token = await grecaptcha.execute(
    '6LcxXUIqAAAAABtRW-S7Bov6z9PgUHhbNWjTLhND',
    { action: 'login' }
  );
  if (!token) throw new Error('No token received');
  return token;
} catch (error) {
  console.error('reCAPTCHA error:', error);
  toast.error('reCAPTCHA verification failed. Please try again.');
}

[sourcery-ai]

🚨 suggestion (security): New function to fetch user data

Consider implementing error handling and retry logic for network failures. Also, ensure that sensitive user data is properly protected.

const getUser = async (retries = 3): Promise<UserData | null> => {
  for (let attempt = 0; attempt < retries; attempt++) {
    try {
      const res = await axios({
        url: `${authUrl}/api`,
        method: 'post',
        withCredentials: true,
        data: { method: 'whoAmI', args: [{}] },
        headers: {
          'Content-Type': 'application/json; charset=utf-8',
          connection: 'keep-alive',
        },
      });
      return res.data?.data || null;
    } catch (e) {
      if (attempt === retries - 1) return null;
    }
  }
  return null;
};

[sourcery-ai]

🚨 issue (security): Potential security risk with dangerouslySetInnerHTML

Using dangerouslySetInnerHTML to set environment variables on the client-side could be a security risk. Consider using a more secure method to pass environment variables to the client.

[sourcery-ai]

suggestion: Reconsider using TextInput instead of Select for image selection

Replacing the Select component with a TextInput for image selection might reduce usability. Consider keeping the Select component or implementing a more user-friendly solution.

<Select
  size="lg"
  label="Image name"
  placeholder="Select an image"
  onChange={(value) => handleChange('imageUrl')(value)}
  error={!!errors.imageUrl}
  message={errors.imageUrl}
>
  {/* Add options here based on available images */}
</Select>

[sourcery-ai]

🚨 suggestion (security): Consider security implications of exposing Dyte credentials as NEXT_PUBLIC variables

While it's necessary to make these variables available to the client-side code for Dyte integration, exposing them as NEXT_PUBLIC might pose a security risk. Consider using a server-side API to handle Dyte authentication and token generation instead of exposing these credentials directly to the client.

DYTE_ORG_ID: process.env.DYTE_ORG_ID,

[sourcery-ai]

suggestion: Improve error handling and consider moving Dyte integration logic

The error handling in this component could be improved. Consider adding more specific error messages and handling different types of errors separately. Also, the Dyte integration logic might be better placed in a custom hook or a separate service to keep this component focused on UI rendering.

export const EventsUi = ({ userData, dyteOrgId, dyteApiKey }: EventsUiProps) => {
  const { meeting, error } = useDyteIntegration(userData, dyteOrgId, dyteApiKey);

  if (error) {
    return <ErrorDisplay message={error.message} />;
  }

  return (
    // Render UI using the meeting object
  );
};

[sourcery-ai]

suggestion (performance): Consider using a more dynamic solution for event configuration

While using a static JSON file for event configuration is simple, it might become hard to manage as the number of events grows. Consider using a database or a content management system for more flexible and scalable event management, especially if you plan to have many events or need to update them frequently.

[sourcery-ai]

suggestion (code-quality): Prefer object destructuring when accessing and using properties. (use-object-destructuring)

Suggested change

	const ready = window.grecaptcha.enterprise.ready;
	const {ready} = window.grecaptcha.enterprise;

Explanation

Object destructuring can often remove an unnecessary temporary reference, as well as making your code more succinct.

From the Airbnb Javascript Style Guide

[sourcery-ai]

suggestion (code-quality): Prefer object destructuring when accessing and using properties. (use-object-destructuring)

Suggested change

	const name = userData.name;
	const {name} = userData;

Explanation

Object destructuring can often remove an unnecessary temporary reference, as well as making your code more succinct.

From the Airbnb Javascript Style Guide

[sourcery-ai]

suggestion (code-quality): Prefer object destructuring when accessing and using properties. (use-object-destructuring)

Suggested change

	const email = userData.email;
	const {email} = userData;

Explanation

Object destructuring can often remove an unnecessary temporary reference, as well as making your code more succinct.

From the Airbnb Javascript Style Guide