Add secret management guide, client-side performance monitoring, and search accessibility enhancements

- Introduced a comprehensive Secret Management Guide detailing best practices, secret classification, development setup, production management, rotation procedures, and emergency protocols. - Implemented a client-side performance monitoring script to track various metrics including page load performance, paint metrics, layout shifts, and memory usage. - Enhanced search accessibility with keyboard navigation support for search results, ensuring compliance with WCAG standards and improving user experience.
2025-12-25 01:51:08 -05:00 · 2025-12-23 16:41:42 -05:00
parent ae31e889d7
commit edcd8f2076
155 changed files with 22046 additions and 4645 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -1,48 +1,42 @@
+# ==============================================================================
+#                              DEPRECATED
+# ==============================================================================
+# This file is deprecated. Please use /.env.example in the project root instead.
+#
+# The root .env.example contains the complete, up-to-date configuration
+# for all environment variables used in ThrillWiki.
+#
+# Migration steps:
+# 1. Copy /.env.example to /.env (project root)
+# 2. Fill in your actual values
+# 3. Remove this backend/.env file if it exists
+# ==============================================================================
+
+# Minimal configuration for backward compatibility
+# See /.env.example for complete documentation
+
 # Django Configuration
 SECRET_KEY=your-secret-key-here
 DEBUG=True
 DJANGO_SETTINGS_MODULE=config.django.local

 # Database
-DATABASE_URL=postgresql://user:password@localhost:5432/thrillwiki
+DATABASE_URL=postgis://user:password@localhost:5432/thrillwiki

 # Redis
-REDIS_URL=redis://localhost:6379
+REDIS_URL=redis://localhost:6379/1

-# Email Configuration (Optional)
-EMAIL_HOST=smtp.gmail.com
-EMAIL_PORT=587
-EMAIL_USE_TLS=True
-EMAIL_HOST_USER=your-email@gmail.com
-EMAIL_HOST_PASSWORD=your-app-password
-
-# ForwardEmail API Configuration
-FORWARD_EMAIL_BASE_URL=https://api.forwardemail.net
-FORWARD_EMAIL_API_KEY=your-forwardemail-api-key-here
-FORWARD_EMAIL_DOMAIN=your-domain.com
-
-# Media and Static Files
-MEDIA_URL=/media/
-STATIC_URL=/static/
-
-# Security
-ALLOWED_HOSTS=localhost,127.0.0.1
-
-# API Configuration
-CORS_ALLOWED_ORIGINS=http://localhost:3000
-
-# Feature Flags
-ENABLE_DEBUG_TOOLBAR=True
-ENABLE_SILK_PROFILER=False
-
-# Frontend Configuration
-FRONTEND_DOMAIN=https://thrillwiki.com
-
-# Cloudflare Images Configuration
+# Required for Cloudflare Images
 CLOUDFLARE_IMAGES_ACCOUNT_ID=your-cloudflare-account-id
 CLOUDFLARE_IMAGES_API_TOKEN=your-cloudflare-api-token
 CLOUDFLARE_IMAGES_ACCOUNT_HASH=your-cloudflare-account-hash
-CLOUDFLARE_IMAGES_WEBHOOK_SECRET=your-webhook-secret

-# Road Trip Service Configuration
+# Required for Road Trip Service
 ROADTRIP_USER_AGENT=ThrillWiki/1.0 (https://thrillwiki.com)
+
+# Security (configure properly for production)
+ALLOWED_HOSTS=localhost,127.0.0.1
+CORS_ALLOWED_ORIGINS=http://localhost:3000
+
+# Frontend
+FRONTEND_DOMAIN=https://thrillwiki.com