chore: update security patch of codebase.

chore: Update TODO and instruction list
This commit is contained in:
2025-09-04 11:50:16 +05:30
parent 5c194a24d0
commit dc1d7c3157
9 changed files with 166 additions and 40 deletions

4
.gitignore vendored
View File

@@ -2,7 +2,6 @@
# dependencies
/node_modules
/package-lock.json
/.pnp
.pnp.js
.yarn/install-state.gz
@@ -30,6 +29,9 @@ yarn-error.log*
# local env files
.env*.local
#dependency
package-lock.json
# vercel
.vercel

20
TODO.md
View File

@@ -1 +1,21 @@
# Todo
### Security
- Back and front click on browser ( <- ->) logout.
- Cross from browser logout
- Taking Url and try to login -Logout
### Feature
- Password Expiry Logic
- login -> check password Expiry -> Change password -> login screen
- Logout popup :
- Are you sure want to logout?
- Home page password Expiry message
- Set userId and login with userID
- Limit of transaction daily
- Statement Download
- In Every OTP page "Resend button" & 5 min timing of expiry.
- OTP binding with actual mobile number.
- IN settings page NOTE position Fixing.

86
instruction.md Normal file
View File

@@ -0,0 +1,86 @@
# AWS CLI, Session Manager & Database Access Guide
## 1. Setup
- Download **AWS CLI**
- Download **AWS Session Manager Plugin**
- Generate **Key for KCCB**
---
## Machine
```bash
UAT (IB- frontend) : i-0b55435e15425f1c3
Linux : i-0c850dcf8b85b1447
```
## 2. Port Forwarding
### API (localhost → EC2:8080)
```bash
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8080"],"localPortNumber"=["8080"]
```
### PostgreSQL (localhost:5431 → EC2:5432)
```bash
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["5432"],"localPortNumber"=["5431"]
```
### CBS (localhost → EC2:8686)
```bash
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8686"],"localPortNumber"=["8686"]
```
## Database Access
```bash
aws ssm start-session --target i-0c850dcf8b85b1447 --profile kccb
```
## 4.PostgreSQL Commands
```bash
# Connect as postgres
psql -U postgres
# List all databases
\l
# Connect to kmobile
psql -U admin -d kmobile
# Password: kmobile
# Query data
SELECT * FROM users;
# Expanded display
\x
# See all tables
\d
# Table details
\d users;
# Switch database with specific user
\c kmobile_banking kmobile_app_rw
# Grant permissions
grant select, insert, update, delete on table admin to kmobile_app_rw;
```
## 4. Linux Machine Access
```bash
# Run the .bat file first
ssh username@localhost
# Enter your password
```
## Copy File from Local → Linux
```bash
scp -P 9022 Smsservice/smsserviceapplication.jar <username>@localhost:/home/<username>
# ssh nabanita@localhost -p 9022
```

View File

@@ -1,36 +0,0 @@
- download Aws cli and Aws session manager
- Key generate for KCCB
- port forwarding :
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8080"],"localPortNumber"=["8080"]
- run the api in localhost then port forward to Postgres
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["5432"],"localPortNumber"=["5431"]
- For CBS port forward
aws ssm start-session --target i-0c850dcf8b85b1447 --document-name --profile kccb AWS-StartPortForwardingSession --parameters "portNumber"=["8686"],"localPortNumber"=["8686"]
______________________________________________________________________
For database:
- aws ssm start-session --target i-0c850dcf8b85b1447 --profile kccb
- psql -U postgres
- \l
- psql -U admin -d kmobile
- password : kmobile
- SELECT * FROM users;
- \x
- \d -- all tables details
- \d users; -- see the data type of column
- \c kmobile_banking kmobile_app_rw -- alter the user
- grant select,insert,update,delete on table admin to kmobile_app_rw; -- give read write access to a table
______________________________________________________________________
How to connect through linux machine?
- run the bat file.
- shh username@localhost
- give your password
Copy local machine to linux machine :
- scp -P 9022 Smsservice/smsserviceapplication.jar <username>@localhost:/home/<username>
- ssh nabanita@localhost -p 9022

View File

@@ -27,6 +27,29 @@ export default function Home() {
const selectedLNData = loanAccounts.find(acc => acc.stAccountNo === selectedLN);
const [showBalance, setShowBalance] = useState(false);
// If back and forward button is clicked
useEffect(() => {
window.history.pushState(null, "", window.location.href);
const handlePopState = () => {
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token");
localStorage.removeItem("remitter_name");
router.push("/login");
};
const handleBeforeUnload = () => {
// logout on tab close / refresh
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token");
localStorage.removeItem("remitter_name");
};
window.addEventListener("popstate", handlePopState);
window.addEventListener("beforeunload", handleBeforeUnload);
return () => {
window.removeEventListener("popstate", handlePopState);
window.addEventListener("beforeunload", handleBeforeUnload);
};
}, []);
async function handleFetchUserDetails() {
try {
const token = localStorage.getItem("access_token");

View File

@@ -16,10 +16,16 @@ export default function RootLayout({ children }: { children: React.ReactNode })
const [userLastLoginDetails, setUserLastLoginDetails] = useState(null);
const [custname, setCustname] = useState<string | null>(null);
function doLogout() {
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token");
localStorage.removeItem("remitter_name");
router.push("/login");
}
async function handleLogout(e: React.FormEvent) {
e.preventDefault();
localStorage.removeItem("access_token");
localStorage.removeItem("remitter_name");
doLogout()
router.push("/login");
}
@@ -65,6 +71,25 @@ export default function RootLayout({ children }: { children: React.ReactNode })
});
}
}
useEffect(() => {
// Push fake history state to trap navigation
window.history.pushState(null, "", window.location.href);
const handlePopState = () => {
doLogout(); // logout when back/forward pressed
};
const handleBeforeUnload = (e: BeforeUnloadEvent) => {
// logout on tab close / refresh
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token");
localStorage.removeItem("remitter_name");
};
window.addEventListener("popstate", handlePopState);
window.addEventListener("beforeunload", handleBeforeUnload);
return () => {
window.removeEventListener("popstate", handlePopState);
window.addEventListener("beforeunload", handleBeforeUnload);
};
}, []);
useEffect(() => {
const token = localStorage.getItem("access_token");

View File

@@ -25,6 +25,8 @@ export default function ForgetLoginPwd() {
async function handleLogout(e: React.FormEvent) {
e.preventDefault();
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token")
localStorage.removeItem("remitter_name");
router.push("/login")
}
@@ -215,7 +217,7 @@ export default function ForgetLoginPwd() {
onChange={(e) => setCaptchaInput(e.currentTarget.value)}
required
/>
{captchaError && <p style={{ color: 'red',fontSize:'12px' }}>{captchaError}</p>}
{captchaError && <p style={{ color: 'red', fontSize: '12px' }}>{captchaError}</p>}
</div>
<Button

View File

@@ -36,6 +36,8 @@ export default function SetLoginPwd() {
async function handleLogout(e: React.FormEvent) {
e.preventDefault();
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token")
localStorage.removeItem("remitter_name");
router.push("/login")
}
const regenerateCaptcha = () => {

View File

@@ -35,6 +35,8 @@ export default function SetTransactionPwd() {
async function handleLogout(e: React.FormEvent) {
e.preventDefault();
localStorage.removeItem("access_token");
sessionStorage.removeItem("access_token")
localStorage.removeItem("remitter_name");
router.push("/login")
}
const regenerateCaptcha = () => {