This repository contains the full-stack codebase for THELANGUAGENETWORK.CO, including both the frontend (React) and backend (Node.js/Express + Firebase Functions) components.
website/— React frontend (main user-facing website)Backend/— Node.js/Express backend and Firebase Cloud Functions
- Navigate to the website folder:
cd website - Install dependencies:
npm install
- Start the development server:
The app will run at http://localhost:3000.
npm start
- Navigate to the Backend folder:
cd Backend - Install dependencies:
npm install
- Start the backend server:
The backend will run at http://localhost:8080.
npm start
- Navigate to
Backend/functions/and follow Firebase CLI instructions to deploy or emulate functions.
- Sensitive Data: MongoDB credentials and tokens are hardcoded in source files. Move all secrets to environment variables (e.g., using
.envfiles anddotenv). - Frontend: No ESLint/Prettier config detected. Add these for consistent code style.
- Backend: ESLint is present but with relaxed rules. Consider enforcing stricter linting.
- Potential XSS: Usage of
dangerouslySetInnerHTMLand.innerHTMLin frontend. Always sanitize user content (DOMPurify is used, but review all usages). - Dependencies: Large number of dependencies; some may be unused. Run
depcheckor similar tools to prune unused packages. - Error Handling: Some API calls lack robust error handling.
- Environment Variables: Store all secrets (DB URIs, API keys, tokens) in environment variables.
- Add Linting: Add ESLint and Prettier to the frontend. Enforce code style in both frontend and backend.
- Audit Dependencies: Regularly run
npm auditanddepcheckto find vulnerabilities and unused packages. - Sanitize HTML: Continue using DOMPurify and review all dynamic HTML rendering for security.
- Remove Dead Code: Clean up commented-out and duplicate code.
npm start— Start development servernpm test— Run testsnpm run build— Build for productionnpm run eject— Eject configuration (irreversible)
npm start— Start backend server (with nodemon)
npm run lint— Lint functions codenpm run serve— Emulate functions locallynpm run deploy— Deploy functions to Firebase
- Never commit secrets or credentials.
- Use environment variables for all sensitive data.
- Add and enforce ESLint/Prettier for code consistency.
- Write robust error handling for all API calls.
- Regularly audit dependencies and code for security and quality.
The following is the default Create React App documentation for the frontend:
This project was bootstrapped with Create React App.
In the project directory, you can run:
Runs the app in the development mode.
Open http://localhost:3000 to view it in your browser.
The page will reload when you make changes.
You may also see any lint errors in the console.
Launches the test runner in the interactive watch mode.
See the section about running tests for more information.
Builds the app for production to the build folder.
It correctly bundles React in production mode and optimizes the build for the best performance.
The build is minified and the filenames include the hashes.
Your app is ready to be deployed!
See the section about deployment for more information.
Note: this is a one-way operation. Once you eject, you can't go back!
If you aren't satisfied with the build tool and configuration choices, you can eject at any time. This command will remove the single build dependency from your project.
Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except eject will still work, but they will point to the copied scripts so you can tweak them. At this point you're on your own.
You don't have to ever use eject. The curated feature set is suitable for small and middle deployments, and you shouldn't feel obligated to use this feature. However we understand that this tool wouldn't be useful if you couldn't customize it when you are ready for it.