Refine portfolio UX and add access gate

Author: felmonon

app/access/page.tsx

@@ -0,0 +1,150 @@
+interface AccessPageProps {
+  searchParams?: {
+    error?: string
+    next?: string
+  }
+}
+
+export default function AccessPage({ searchParams }: AccessPageProps) {
+  const hasError = searchParams?.error === 'invalid'
+  const nextPath =
+    searchParams?.next && searchParams.next.startsWith('/') && !searchParams.next.startsWith('//')
+      ? searchParams.next
+      : '/'
+
+  return (
+    <main className="min-h-screen bg-[#0A0A0A] text-[#F5F5F0]">
+      <div className="absolute inset-0 opacity-[0.04]">
+        <div
+          className="absolute inset-0"
+          style={{
+            backgroundImage:
+              'linear-gradient(#F5F5F0 1px, transparent 1px), linear-gradient(90deg, #F5F5F0 1px, transparent 1px)',
+            backgroundSize: '72px 72px',
+          }}
+        />
+      </div>
+
+      <div className="relative z-10 mx-auto flex min-h-screen w-full max-w-[1440px] items-center px-4 py-12 md:px-8 md:py-16">
+        <div className="grid w-full gap-6 xl:grid-cols-12 xl:gap-8">
+          <section className="flex flex-col justify-between rounded-[32px] border border-[#232326] bg-[#111111]/90 p-8 shadow-[0_32px_120px_rgba(0,0,0,0.35)] backdrop-blur md:p-10 xl:col-span-7">
+            <div>
+              <div className="mb-6 inline-flex items-center rounded-full border border-[#3B3020] bg-[#171717] px-3 py-1 text-[11px] font-medium uppercase tracking-[0.24em] text-[#C9A86A]">
+                Private portfolio access
+              </div>
+
+              <h1 className="font-serif text-4xl leading-[1.02] text-[#F5F5F0] md:text-6xl">
+                Review the work behind the gate.
+              </h1>
+
+              <p className="mt-6 max-w-2xl text-lg leading-relaxed text-[#A1A1AA]">
+                This portfolio is shared privately. Enter your access credentials to review live
+                products, open-source contributions, and engineering case studies.
+              </p>
+            </div>
+
+            <div className="mt-12 grid gap-4 md:grid-cols-3">
+              <div className="rounded-2xl border border-[#232326] bg-[#0D0D0D] p-5">
+                <div className="text-[11px] uppercase tracking-[0.2em] text-[#71717A]">
+                  Included
+                </div>
+                <div className="mt-2 text-lg font-medium text-[#F5F5F0]">Flagship products</div>
+                <p className="mt-2 text-sm leading-relaxed text-[#8F8F96]">
+                  Live product walkthroughs, architecture notes, and inspectable source links.
+                </p>
+              </div>
+
+              <div className="rounded-2xl border border-[#232326] bg-[#0D0D0D] p-5">
+                <div className="text-[11px] uppercase tracking-[0.2em] text-[#71717A]">
+                  Included
+                </div>
+                <div className="mt-2 text-lg font-medium text-[#F5F5F0]">OSS proof</div>
+                <p className="mt-2 text-sm leading-relaxed text-[#8F8F96]">
+                  Maintainer-reviewed upstream work and public repositories grouped by depth.
+                </p>
+              </div>
+
+              <div className="rounded-2xl border border-[#232326] bg-[#0D0D0D] p-5">
+                <div className="text-[11px] uppercase tracking-[0.2em] text-[#71717A]">
+                  Included
+                </div>
+                <div className="mt-2 text-lg font-medium text-[#F5F5F0]">Resume + contact</div>
+                <p className="mt-2 text-sm leading-relaxed text-[#8F8F96]">
+                  Current resume, contact paths, and the full engineering narrative.
+                </p>
+              </div>
+            </div>
+          </section>
+
+          <section className="rounded-[32px] border border-[#232326] bg-[#111111]/95 p-8 shadow-[0_32px_120px_rgba(0,0,0,0.4)] backdrop-blur md:p-10 xl:col-span-5">
+            <div className="mb-8">
+              <div className="text-xs font-medium uppercase tracking-[0.24em] text-[#C9A86A]">
+                Sign in
+              </div>
+              <h2 className="mt-4 font-serif text-4xl leading-tight text-[#F5F5F0]">
+                Enter credentials to continue
+              </h2>
+              <p className="mt-3 text-sm leading-relaxed text-[#8F8F96]">
+                Access is limited to approved reviewers. The session stays active on this browser
+                after a successful sign-in.
+              </p>
+            </div>
+
+            <form action="/api/access" method="post" className="space-y-5">
+              <input type="hidden" name="next" value={nextPath} />
+
+              <label className="block">
+                <span className="mb-2 block text-sm font-medium text-[#F5F5F0]">Username</span>
+                <input
+                  type="text"
+                  name="username"
+                  autoComplete="username"
+                  required
+                  className="w-full rounded-2xl border border-[#2B2B31] bg-[#0D0D0D] px-4 py-3 text-base text-[#F5F5F0] outline-none transition-all placeholder:text-[#5C5C63] focus:border-[#C9A86A] focus:ring-2 focus:ring-[#C9A86A]/20"
+                  placeholder="Enter username"
+                />
+              </label>
+
+              <label className="block">
+                <span className="mb-2 block text-sm font-medium text-[#F5F5F0]">Password</span>
+                <input
+                  type="password"
+                  name="password"
+                  autoComplete="current-password"
+                  required
+                  aria-invalid={hasError}
+                  className="w-full rounded-2xl border border-[#2B2B31] bg-[#0D0D0D] px-4 py-3 text-base text-[#F5F5F0] outline-none transition-all placeholder:text-[#5C5C63] focus:border-[#C9A86A] focus:ring-2 focus:ring-[#C9A86A]/20 aria-[invalid=true]:border-[#A84B4B] aria-[invalid=true]:focus:ring-[#A84B4B]/20"
+                  placeholder="Enter password"
+                />
+              </label>
+
+              {hasError ? (
+                <div className="rounded-2xl border border-[#5A2E2E] bg-[#281717] px-4 py-3 text-sm text-[#F2C1C1]">
+                  The username or password was incorrect. Try again with the shared access
+                  credentials.
+                </div>
+              ) : null}
+
+              <button
+                type="submit"
+                className="inline-flex w-full items-center justify-center gap-2 rounded-2xl bg-[#C9A86A] px-5 py-3 font-medium text-[#0A0A0A] transition-all duration-300 hover:bg-[#D4B57A] hover:shadow-[0_0_24px_rgba(201,168,106,0.25)] focus:outline-none focus:ring-2 focus:ring-[#C9A86A] focus:ring-offset-2 focus:ring-offset-[#111111]"
+              >
+                Open portfolio
+              </button>
+            </form>
+
+            <div className="mt-8 border-t border-[#232326] pt-6">
+              <div className="text-[11px] uppercase tracking-[0.24em] text-[#71717A]">
+                Access note
+              </div>
+              <p className="mt-3 text-sm leading-relaxed text-[#8F8F96]">
+                If you need credentials, request them directly from Felmon. Portfolio content,
+                resume assets, and project links remain protected until access is granted.
+              </p>
+            </div>
+          </section>
+        </div>
+      </div>
+    </main>
+  )
+}

app/api/access/route.ts

@@ -0,0 +1,70 @@
+import type { NextRequest } from 'next/server'
+import { NextResponse } from 'next/server'
+
+const ACCESS_COOKIE_NAME = 'portfolio_access'
+const ACCESS_COOKIE_MAX_AGE = 60 * 60 * 24 * 7
+
+function normalizeCredential(value: string | undefined) {
+  return value?.trim() ?? ''
+}
+
+function getSafeRedirectPath(value: FormDataEntryValue | null) {
+  if (typeof value !== 'string' || !value.startsWith('/') || value.startsWith('//')) {
+    return '/'
+  }
+
+  return value
+}
+
+async function createAccessToken(username: string, password: string) {
+  const payload = new TextEncoder().encode(`portfolio:${username}:${password}`)
+  const digest = await crypto.subtle.digest('SHA-256', payload)
+
+  return Array.from(new Uint8Array(digest), (value) => value.toString(16).padStart(2, '0')).join(
+    ''
+  )
+}
+
+export async function POST(request: NextRequest) {
+  const configuredUsername = normalizeCredential(process.env.BASIC_AUTH_USERNAME)
+  const configuredPassword = normalizeCredential(process.env.BASIC_AUTH_PASSWORD)
+
+  if (!configuredUsername || !configuredPassword) {
+    return new NextResponse('Site access is not configured.', {
+      status: 503,
+      headers: {
+        'Cache-Control': 'private, no-store',
+      },
+    })
+  }
+
+  const formData = await request.formData()
+  const submittedUsername = normalizeCredential(formData.get('username')?.toString())
+  const submittedPassword = normalizeCredential(formData.get('password')?.toString())
+  const nextPath = getSafeRedirectPath(formData.get('next'))
+
+  if (submittedUsername !== configuredUsername || submittedPassword !== configuredPassword) {
+    const loginUrl = new URL('/access', request.url)
+    loginUrl.searchParams.set('error', 'invalid')
+
+    if (nextPath !== '/') {
+      loginUrl.searchParams.set('next', nextPath)
+    }
+
+    return NextResponse.redirect(loginUrl, { status: 303 })
+  }
+
+  const response = NextResponse.redirect(new URL(nextPath, request.url), { status: 303 })
+
+  response.cookies.set({
+    name: ACCESS_COOKIE_NAME,
+    value: await createAccessToken(configuredUsername, configuredPassword),
+    httpOnly: true,
+    sameSite: 'lax',
+    secure: request.nextUrl.protocol === 'https:' || process.env.NODE_ENV === 'production',
+    path: '/',
+    maxAge: ACCESS_COOKIE_MAX_AGE,
+  })
+
+  return response
+}