Back to Projects
ReactPythonLitestarSupabaseAIFull-Stack
Nexus Archive
Nexus Archive is a cyberpunk-styled personal media vault combining a React frontend, a Litestar API, and Supabase-backed identity and persistence. Manage books, movies, anime, ratings, takeaways, chat sessions, and AI-assisted recommendations from a single dashboard.
01. Problem
Existing media trackers are fragmented across platforms with weak security postures. Users need a unified catalog that treats their entertainment library as a curated identity system, not just a checklist — with real security built in.
02. Solution Overview
- Built a full-stack vault with React 19 + Litestar API backed by Supabase PostgreSQL with Row Level Security
- Implemented backend-managed HttpOnly auth cookies replacing frontend-readable Supabase tokens
- Integrated Gemini AI for media recommendations with shared per-user rate limiting and local fallback
- Added encrypted takeaway persistence and AI prompt isolation with PII masking
Build
Tech Stack
React 19ViteTailwind CSS 4TanStack QueryPython 3.12LitestarSupabase PostgreSQLDockerTerraform
- • AI-assisted media recommendations via Gemini with graceful degradation
- • Real-time chat transcripts with user-scoped sanitization
- • Status tracking, ratings, and reviews for anime, movies, and books
- • Smart filtering and search across entire media library
Secure
- HttpOnly SameSite=Strict auth cookies (no frontend-readable tokens)
- Short-lived access tokens with silent rotation via /auth/refresh
- AI prompt isolation with XML delimiters, string scrubbing, and PII masking
- Encrypted takeaway persistence (AES via TAKEAWAY_ENCRYPTION_KEY)
- Bandit, pip-audit, npm audit, and secret scanning in CI
03. Proof & Verification
Verified Claims
- >Hardened auth: HttpOnly + SameSite=Strict cookies with silent token rotation
- >CI security gates: Bandit, pip-audit, npm audit, secret scanning
- >Locust load testing for performance verification
- >Terraform IaC scaffold for reproducible Supabase + Vercel deployments