feat: implementation of csrf, csp and secure cookies

[qamarq]

This pull request includes several changes to the backend and frontend configurations, primarily focusing on adding security features and updating dependencies. The most important changes include the addition of the AdonisJS Shield package for enhanced security, modifications to the CORS configuration, and updates to the package-lock.json file to reflect new dependencies.

Backend Configuration Changes:

• Added AdonisJS Shield package to enhance security by configuring CSP, CSRF, and other security policies. (backend/adonisrc.ts, backend/config/shield.ts, backend/package-lock.json, backend/package.json, backend/start/kernel.ts) [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]

• Updated CORS configuration to dynamically set the allowed origins based on environment variables. (backend/config/cors.ts) [1] [2]

Frontend Configuration Changes:

• Added sameSite: "strict" attribute to cookies for enhanced security. (frontend/src/app/api/callback/route.ts, frontend/src/app/api/login/route.ts) [1] [2]

• Modified the logout function to use a custom fetchToAdonis method and delete additional cookies. (frontend/src/actions/logout.ts) [1] [2]

• Included nonce in the analytics script tag for enhanced security. (frontend/src/app/layout.tsx) [1] [2] [3]

Other Changes:

• Updated robots.txt to disallow crawling of certain paths. (frontend/public/robots.txt)

• Minor syntax changes to remove semicolons in import statements. (backend/adonisrc.ts, backend/start/kernel.ts) [1] [2] [3] [4] [5]

[Rei-x]

todo: zdjęcia usosa

[Rei-x]

tutaj mogłeś dać dowolny obiekt i potem w środku robić JSON.stringify, fajnie by działało myślę @qamarq

[qamarq]

Wsm niegłupie