GitHub - ENVOYou/envoyou-dashboard-sec: dashboard envoyou

This is a Next.js project bootstrapped with create-next-app.

Getting Started

First, run the development server:

npm run dev
# or
yarn dev
# or
pnpm dev
# or
bun dev

Open http://localhost:3000 with your browser to see the result.

You can start editing the page by modifying app/page.tsx. The page auto-updates as you edit the file.

This project uses next/font to automatically optimize and load Geist, a new font family for Vercel.

Learn More

To learn more about Next.js, take a look at the following resources:

Next.js Documentation - learn about Next.js features and API.
Learn Next.js - an interactive Next.js tutorial.

You can check out the Next.js GitHub repository - your feedback and contributions are welcome!

Deploy on Vercel

The easiest way to deploy your Next.js app is to use the Vercel Platform from the creators of Next.js.

Check out our Next.js deployment documentation for more details.

Staging Environment Protection

This project includes middleware that protects staging environments from unauthorized access and prevents search engine indexing.

Features

Basic Authentication: Protects staging deployments with username/password authentication
Search Engine Protection: Adds noindex headers to prevent duplicate content issues
Security Headers: Includes security headers (X-Frame-Options, X-Content-Type-Options, etc.)
Environment Detection: Only activates in staging/preview environments

Configuration

Set the following environment variables in your staging deployment:

# Staging Environment Protection
STAGING_USERNAME=staging
STAGING_PASSWORD=your_secure_password

# Environment Detection
NEXT_PUBLIC_ENV=staging

Default Credentials

For development/testing, the default credentials are:

Username: staging
Password: envoyou2024!

How It Works

Environment Detection: The middleware checks if the app is running in a staging environment
Authentication Challenge: When accessing protected routes, users see a login prompt
No-Index Headers: All responses include headers that prevent search engine indexing
Asset Access: Static assets and API routes remain accessible without authentication

Protected Routes

All routes except static assets (/_next/, /api/, etc.) require authentication in staging environments.

Security Benefits

Prevents unauthorized access to staging deployments
Avoids duplicate content penalties from search engines
Provides clean staging environment isolation
Includes comprehensive security headers

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
public		public
src		src
.gitignore		.gitignore
README.md		README.md
eslint.config.mjs		eslint.config.mjs
middleware.ts		middleware.ts
next.config.ts		next.config.ts
package-lock.json		package-lock.json
package.json		package.json
postcss.config.mjs		postcss.config.mjs
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Getting Started

Learn More

Deploy on Vercel

Staging Environment Protection

Features

Configuration

Default Credentials

How It Works

Protected Routes

Security Benefits

About

Uh oh!

Releases

Packages

Languages

ENVOYou/envoyou-dashboard-sec

Folders and files

Latest commit

History

Repository files navigation

Getting Started

Learn More

Deploy on Vercel

Staging Environment Protection

Features

Configuration

Default Credentials

How It Works

Protected Routes

Security Benefits

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages