Refactor settings usage across components for improved configuration management

DefinetlyNotAI · DefinetlyNotAI · commit 74126b39a008 · 2025-12-22T14:27:51.000+04:00
Signed-off-by: Shahm Najeeb &lt;Shahm_Najeeb@outlook.com&gt;
diff --git a/app/api/accounts/[accountId]/emails/[uid]/attachments/[partId]/route.ts b/app/api/accounts/[accountId]/emails/[uid]/attachments/[partId]/route.ts
@@ -10,6 +10,7 @@ import {type NextRequest, NextResponse} from "next/server"
 import {requireAuth} from "@/lib/auth"
 import {getAttachment} from "@/lib/imap-service"
 import {checkRateLimit} from "@/lib/rate-limit"
+import {RateLimitSettings} from "@/lib/settings"
 
 // Force Node.js runtime
 export const runtime = 'nodejs'
@@ -34,7 +35,7 @@ export async function GET(
 
         // Rate limiting
         const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown"
-        const rateLimit = checkRateLimit(`attachment:${ip}`, 10, 60 * 1000) // 10 per minute
+        const rateLimit = checkRateLimit(`attachment:${ip}`, RateLimitSettings.attachmentsLimit, RateLimitSettings.windowMs)
 
         if (!rateLimit.allowed) {
             return NextResponse.json(
diff --git a/app/api/accounts/[accountId]/emails/[uid]/route.ts b/app/api/accounts/[accountId]/emails/[uid]/route.ts
@@ -11,7 +11,7 @@ import {type NextRequest, NextResponse} from "next/server"
 import {requireAuth} from "@/lib/auth"
 import {getEmail} from "@/lib/imap-service"
 import {checkRateLimit} from "@/lib/rate-limit"
-import {CacheSettings} from "@/lib/settings"
+import {CacheSettings, RateLimitSettings} from "@/lib/settings"
 
 // Force Node.js runtime (required for cookies())
 export const runtime = 'nodejs'
@@ -42,7 +42,7 @@ export async function GET(request: NextRequest, {params}: { params: Promise<{ ac
 
         // Rate limiting
         const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown"
-        const rateLimit = checkRateLimit(`email:${ip}`, 30, 60 * 1000) // 30 per minute
+        const rateLimit = checkRateLimit(`email:${ip}`, RateLimitSettings.emailLimit, RateLimitSettings.windowMs)
 
         if (!rateLimit.allowed) {
             return NextResponse.json(
diff --git a/app/api/accounts/[accountId]/emails/route.ts b/app/api/accounts/[accountId]/emails/route.ts
@@ -11,7 +11,7 @@ import {type NextRequest, NextResponse} from "next/server"
 import {requireAuth} from "@/lib/auth"
 import {listEmails} from "@/lib/imap-service"
 import {checkRateLimit} from "@/lib/rate-limit"
-import {CacheSettings} from "@/lib/settings"
+import {CacheSettings, PaginationSettings, RateLimitSettings} from "@/lib/settings"
 
 // Force Node.js runtime (required for cookies())
 export const runtime = 'nodejs'
@@ -42,7 +42,7 @@ export async function GET(request: NextRequest, {params}: { params: Promise<{ ac
 
         // Rate limiting
         const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown"
-        const rateLimit = checkRateLimit(`emails:${ip}`, 20, 60 * 1000) // 20 per minute
+        const rateLimit = checkRateLimit(`emails:${ip}`, RateLimitSettings.emailsLimit, RateLimitSettings.windowMs)
 
         if (!rateLimit.allowed) {
             return NextResponse.json(
@@ -59,7 +59,10 @@ export async function GET(request: NextRequest, {params}: { params: Promise<{ ac
         // Parse query params
         const searchParams = request.nextUrl.searchParams
         const folder = searchParams.get("folder")
-        const limit = Math.min(Number.parseInt(searchParams.get("limit") || "50", 10), 100) // Max 100
+        const limit = Math.min(
+            Number.parseInt(searchParams.get("limit") || String(PaginationSettings.defaultLimit), 10),
+            PaginationSettings.maxLimit
+        )
         const offset = Number.parseInt(searchParams.get("offset") || "0", 10)
 
         if (!folder) {
diff --git a/app/api/accounts/[accountId]/folders/route.ts b/app/api/accounts/[accountId]/folders/route.ts
@@ -11,7 +11,7 @@ import {type NextRequest, NextResponse} from "next/server"
 import {requireAuth} from "@/lib/auth"
 import {listFolders} from "@/lib/imap-service"
 import {checkRateLimit} from "@/lib/rate-limit"
-import {CacheSettings} from "@/lib/settings"
+import {CacheSettings, RateLimitSettings} from "@/lib/settings"
 
 export async function GET(request: NextRequest, {params}: { params: Promise<{ accountId: string }> }) {
     try {
@@ -29,7 +29,7 @@ export async function GET(request: NextRequest, {params}: { params: Promise<{ ac
 
         // Rate limiting
         const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown"
-        const rateLimit = checkRateLimit(`folders:${ip}`, 30, 60 * 1000) // 30 per minute
+        const rateLimit = checkRateLimit(`folders:${ip}`, RateLimitSettings.foldersLimit, RateLimitSettings.windowMs)
 
         if (!rateLimit.allowed) {
             console.log("[API] /api/accounts/[accountId]/folders - Rate limit exceeded")
diff --git a/app/api/accounts/route.ts b/app/api/accounts/route.ts
@@ -11,6 +11,7 @@ import {type NextRequest, NextResponse} from "next/server"
 import {requireAuth} from "@/lib/auth"
 import {getAccountList} from "@/lib/imap-config"
 import {checkRateLimit} from "@/lib/rate-limit"
+import {RateLimitSettings} from "@/lib/settings"
 
 // Force Node.js runtime (required for cookies())
 export const runtime = 'nodejs'
@@ -44,7 +45,7 @@ export async function GET(request: NextRequest) {
 
         // Rate limiting
         const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown"
-        const rateLimit = checkRateLimit(`accounts:${ip}`, 30, 60 * 1000) // 30 per minute
+        const rateLimit = checkRateLimit(`accounts:${ip}`, RateLimitSettings.accountsLimit, RateLimitSettings.windowMs)
 
         if (!rateLimit.allowed) {
             console.log("[API] /api/accounts - Rate limit exceeded for IP:", ip)
diff --git a/components/dashboard-client.tsx b/components/dashboard-client.tsx
@@ -14,6 +14,7 @@ import {Alert, AlertDescription} from "@/components/ui/alert"
 import {AlertCircle} from "lucide-react"
 import {Account} from "@/types";
 import {Cache} from "@/lib/cache"
+import {UISettings} from "@/lib/settings"
 
 export function DashboardClient() {
     const [accounts, setAccounts] = useState<Account[]>([])
@@ -153,7 +154,7 @@ export function DashboardClient() {
 
             <div className="flex h-[calc(100vh-4rem)]">
                 {/* Folder sidebar */}
-                <div className="w-64 border-r bg-muted/30 overflow-y-auto">
+                <div className="border-r bg-muted/30 overflow-y-auto" style={{width: `${UISettings.sidebarWidth}px`}}>
                     {selectedAccount && (
                         <FolderList
                             accountId={selectedAccount}
@@ -172,7 +173,8 @@ export function DashboardClient() {
                 </div>
 
                 {/* Email list */}
-                <div className="w-96 border-r bg-background overflow-y-auto">
+                <div className="border-r bg-background overflow-y-auto"
+                     style={{width: `${UISettings.emailListWidth}px`}}>
                     {selectedAccount && selectedFolder && (
                         <EmailList
                             accountId={selectedAccount}
diff --git a/components/email-viewer.tsx b/components/email-viewer.tsx
@@ -15,6 +15,7 @@ import {Download, Paperclip} from "lucide-react"
 import {EmailAddress, EmailAttachment, EmailDetail, EmailViewerProps} from "@/types";
 import {Cache} from "@/lib/cache"
 import {formatPlainText} from "@/lib/text-formatter"
+import {CacheSettings, EmailDisplaySettings} from "@/lib/settings"
 
 export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
     const [email, setEmail] = useState<EmailDetail | null>(null)
@@ -57,7 +58,7 @@ export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
                 }
 
                 // Cache for 10 minutes (emails don't change often)
-                Cache.set(cacheKey, data.email, 10 * 60 * 1000)
+                Cache.set(cacheKey, data.email, CacheSettings.client.email)
 
                 setEmail(data.email)
                 setLoading(false)
@@ -73,7 +74,7 @@ export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
 
     // Auto-detect best view mode
     const defaultTab = useMemo(() => {
-        if (!email) return "text"
+        if (!email) return EmailDisplaySettings.defaultView
 
         // If only text exists, use text
         if (email.text && !email.html) return "text"
@@ -101,7 +102,7 @@ export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
             return hasFormatting ? "html" : "text"
         }
 
-        return "text"
+        return EmailDisplaySettings.defaultView
     }, [email])
 
     async function downloadAttachment(att: EmailAttachment) {
@@ -162,7 +163,12 @@ export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
 
     function formatAddress(addr?: EmailAddress[]): string {
         if (!addr || addr.length === 0) return "Unknown"
-        return addr.map((a) => a.name || a.address).join(", ")
+        return addr.map((a) => {
+            if (EmailDisplaySettings.showEmailAddresses && a.name && a.address) {
+                return `${a.name} <${a.address}>`
+            }
+            return a.name || a.address || "Unknown"
+        }).join(", ")
     }
 
     return (
@@ -187,7 +193,7 @@ export function EmailViewer({accountId, folder, uid}: EmailViewerProps) {
                     )}
                     <div className="flex gap-2">
                         <span className="text-muted-foreground w-16">Date:</span>
-                        <span>{email.date ? format(new Date(email.date), "PPpp") : "Unknown"}</span>
+                        <span>{email.date ? format(new Date(email.date), EmailDisplaySettings.dateFormat) : "Unknown"}</span>
                     </div>
                 </div>
 
diff --git a/lib/auth.ts b/lib/auth.ts
@@ -13,6 +13,7 @@ import bcrypt from "bcryptjs"
 import {jwtVerify, SignJWT} from "jose"
 import {cookies} from "next/headers"
 import {SessionData} from "@/types/server";
+import {SecuritySettings} from "@/lib/settings";
 
 // Master password hash stored in environment variable
 // Generate with: bcrypt.hash('your-password', 10)
@@ -40,27 +41,25 @@ const SESSION_SECRET = process.env.SESSION_SECRET
  * Never logs the password or hash
  */
 export async function verifyMasterPassword(password: string): Promise<boolean> {
-    /*
     console.log("[AUTH DEBUG] verifyMasterPassword called")
     console.log("[AUTH DEBUG] Password received:", {
         type: typeof password,
         length: password?.length,
         trimmedLength: password?.trim().length,
     })
-    */
+
 
     if (!validateEnvironment() || !MASTER_PASSWORD_BCRYPT_HASH) {
         console.error("[AUTH] Environment validation failed")
         throw new Error("Environment not properly configured")
     }
 
-    /*
     console.log("[AUTH DEBUG] Environment hash exists:", !!MASTER_PASSWORD_BCRYPT_HASH)
     console.log("[AUTH DEBUG] Hash starts with $2:", MASTER_PASSWORD_BCRYPT_HASH?.startsWith('$2'))
     console.log("[AUTH DEBUG] Hash length:", MASTER_PASSWORD_BCRYPT_HASH?.length)
     console.log("[AUTH DEBUG] Hash first 10 chars:", MASTER_PASSWORD_BCRYPT_HASH?.substring(0, 10))
     console.log("[AUTH DEBUG] Hash last 10 chars:", MASTER_PASSWORD_BCRYPT_HASH?.substring(MASTER_PASSWORD_BCRYPT_HASH.length - 10))
-    */
+
     const result = await bcrypt.compare(password, MASTER_PASSWORD_BCRYPT_HASH)
     console.log("[AUTH] bcrypt.compare result:", result)
 
@@ -69,15 +68,15 @@ export async function verifyMasterPassword(password: string): Promise<boolean> {
 
 /**
  * Create a new session token with JWT
- * Tokens expire after 8 hours
+ * Tokens expire after set timeout
  */
 export async function createSessionToken(): Promise<string> {
     if (!validateEnvironment() || !SESSION_SECRET) {
         throw new Error("Environment not properly configured")
     }
 
     const issuedAt = Date.now()
-    const expiresAt = issuedAt + 8 * 60 * 60 * 1000 // 8 hours
+    const expiresAt = issuedAt + SecuritySettings.sessionTimeout
 
     return await new SignJWT({
         authenticated: true,
@@ -119,7 +118,7 @@ export async function setSessionCookie(token: string): Promise<void> {
         httpOnly: true,
         secure: process.env.NODE_ENV === "production",
         sameSite: "strict",
-        maxAge: 8 * 60 * 60, // 8 hours
+        maxAge: SecuritySettings.sessionTimeout, // 8 hours
         path: "/",
     })
 }
diff --git a/lib/imap-service.ts b/lib/imap-service.ts
@@ -15,7 +15,7 @@ import {simpleParser} from "mailparser"
 import {getAccountById} from "./imap-config"
 import DOMPurify from "isomorphic-dompurify"
 import {EmailCount, EmailDetail, EmailFolder, GetAttachmentParams, GetEmailParams, ListEmailsParams} from "@/types";
-import {FolderSettings} from "./settings"
+import {FolderSettings, ImapSettings} from "./settings"
 
 /**
  * Create IMAP connection
@@ -58,9 +58,8 @@ function createImapConnection(accountId: string): Promise<Imap> {
             port: account.imap.port,
             tls: account.imap.secure,
             tlsOptions: {rejectUnauthorized: true},
-            // Connection timeout
-            connTimeout: 30000,
-            authTimeout: 10000,
+            connTimeout: ImapSettings.connectionTimeout,
+            authTimeout: ImapSettings.authTimeout,
         })
 
         imap.once("ready", () => {
diff --git a/lib/rate-limit.ts b/lib/rate-limit.ts
@@ -7,6 +7,7 @@
  * - Exponential backoff on repeated failures
  */
 import {RateLimitEntry, RateLimitResult} from "@/types/server";
+import {RateLimitSettings, SecuritySettings} from "./settings";
 
 
 // In-memory store (use Redis in production for multi-instance deployments)
@@ -37,9 +38,9 @@ setInterval(
  */
 export function checkRateLimit(
     identifier: string,
-    maxAttempts: number = 10,
-    windowMs: number = 15 * 60 * 1000, // 15 minutes
-    blockDurationMs: number = 30 * 60 * 1000, // 30 minutes
+    maxAttempts: number = SecuritySettings.maxLoginAttempts,
+    windowMs: number = RateLimitSettings.windowMs,
+    blockDurationMs: number = SecuritySettings.lockoutDuration,
 ): RateLimitResult {
     const now = Date.now()
     const entry = store.get(identifier)
diff --git a/lib/settings.ts b/lib/settings.ts
@@ -198,12 +198,12 @@ export const ImapSettings = {
     /** IMAP connection timeout (in milliseconds) */
     connectionTimeout: 30 * 1000, // 30 seconds
 
+    /** IMAP authentication timeout (in milliseconds) */
+    authTimeout: 10 * 1000, // 10 seconds,
+
     /** Keep IMAP connection alive */
     keepAlive: false, // Serverless-compatible
 
-    /** Enable IMAP debug logging */
-    debug: false,
-
     /** Auto-close IMAP connections after use */
     autoClose: true,
 }
@@ -232,45 +232,6 @@ export const UISettings = {
     compactMode: false,
 }
 
-// ============================================================================
-// PERFORMANCE SETTINGS
-// ============================================================================
-
-export const PerformanceSettings = {
-    /** Enable virtual scrolling for large lists */
-    virtualScrolling: false,
-
-    /** Debounce delay for search (in milliseconds) */
-    searchDebounce: 300,
-
-    /** Throttle delay for scroll events (in milliseconds) */
-    scrollThrottle: 100,
-
-    /** Enable request batching */
-    requestBatching: false,
-
-    /** Maximum concurrent IMAP connections */
-    maxConcurrentConnections: 3,
-}
-
-// ============================================================================
-// ATTACHMENT SETTINGS
-// ============================================================================
-
-export const AttachmentSettings = {
-    /** Maximum attachment size to display inline (in bytes) */
-    maxInlineSize: 10 * 1024 * 1024, // 10 MB
-
-    /** Supported image types for inline display */
-    inlineImageTypes: ['image/jpeg', 'image/png', 'image/gif', 'image/webp'],
-
-    /** Enable attachment preview */
-    enablePreview: true,
-
-    /** Download attachments in chunks */
-    chunkedDownload: true,
-}
-
 // ============================================================================
 // TEXT FORMATTING SETTINGS
 // ============================================================================
@@ -328,23 +289,6 @@ export const LoggingSettings = {
     logCache: true,
 }
 
-// ============================================================================
-// EXPERIMENTAL FEATURES
-// ============================================================================
-
-export const ExperimentalSettings = {
-    /** Enable service worker for offline support */
-    serviceWorker: false,
-
-    /** Enable WebSocket for real-time updates */
-    webSocket: false,
-
-    /** Enable push notifications */
-    pushNotifications: false,
-
-    /** Enable PWA installation */
-    pwa: false,
-}
 
 // ============================================================================
 // HELPER FUNCTIONS
diff --git a/todo b/todo
@@ -1,3 +1,2 @@
-Many settings.ts are unused, please make them properly used
 Change the bcrypt to be base64(bcrypt), where the env file contains a base64 encoded string, and the runtime decodes the base64 to get the bcrypt hash
 Change setup-password to setup-env where it also runs 'openssl rand -base64 32' and also asks if you want to update/change imap config, which if yes allows a notepad to open with a temp.json file, which the user can edit, once it is complete it is then closed by user where the program transforms it into 1 line and puts in env var (the temp json must be the already existing env variable but formatted)
