From 37eb49eb3732e2a9bd82408301e93583f6990cfc Mon Sep 17 00:00:00 2001
From: Usman Baig <mubaig@pm.me>
Date: Wed, 11 Mar 2026 11:30:21 +0100
Subject: [PATCH] feat: action-scoped captcha tokens for share access and org
 settings

Captcha on shared dashboard and organization settings now passes
action-specific identifiers. Bumps @ciphera-net/ui to 0.2.1.
---
 CHANGELOG.md                                 | 1 +
 app/share/[id]/page.tsx                      | 1 +
 components/settings/OrganizationSettings.tsx | 1 +
 package-lock.json                            | 8 ++++----
 package.json                                 | 2 +-
 5 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ce3740e..3f3c659 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 
 ### Improved
 
+- **Smarter bot protection.** The security checks on shared dashboard access and organization settings now use action-specific tokens tied to each page. A token earned on one page can't be reused on another, making it harder for automated tools to bypass the captcha.
 - **More resilient under Redis outages.** If the caching layer goes down temporarily, Pulse now continues enforcing rate limits using an in-memory fallback instead of letting all traffic through unchecked. This prevents one infrastructure hiccup from snowballing into a bigger problem.
 - **Better handling of traffic bursts.** The system can now absorb 5x larger spikes of incoming events before applying backpressure. When events are dropped during extreme bursts, the system now tracks and logs exactly how many — so we can detect and respond to sustained overload before it affects your data.
 - **Faster map and globe loading.** The interactive 3D globe and dotted map in the Locations panel now only load when you scroll down to them, instead of rendering immediately on page load. This makes the initial dashboard load faster and saves battery on mobile devices.
diff --git a/app/share/[id]/page.tsx b/app/share/[id]/page.tsx
index cc28021..256f640 100644
--- a/app/share/[id]/page.tsx
+++ b/app/share/[id]/page.tsx
@@ -238,6 +238,7 @@ export default function PublicDashboardPage() {
                         setCaptchaToken(token || '')
                     }}
                     apiUrl={process.env.NEXT_PUBLIC_CAPTCHA_API_URL}
+                    action="share-access"
                 />
             </div>
             <Button
diff --git a/components/settings/OrganizationSettings.tsx b/components/settings/OrganizationSettings.tsx
index 20bf4f2..861a67b 100644
--- a/components/settings/OrganizationSettings.tsx
+++ b/components/settings/OrganizationSettings.tsx
@@ -733,6 +733,7 @@ export default function OrganizationSettings() {
                                 setCaptchaToken(token || '')
                             }}
                             apiUrl={process.env.NEXT_PUBLIC_CAPTCHA_API_URL}
+                            action="org-settings"
                         />
                     </div>
                   </div>
diff --git a/package-lock.json b/package-lock.json
index fc85d63..b190504 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8,7 +8,7 @@
       "name": "pulse-frontend",
       "version": "0.13.0-alpha",
       "dependencies": {
-        "@ciphera-net/ui": "^0.1.4",
+        "@ciphera-net/ui": "^0.2.1",
         "@ducanh2912/next-pwa": "^10.2.9",
         "@phosphor-icons/react": "^2.1.10",
         "@simplewebauthn/browser": "^13.2.2",
@@ -1667,9 +1667,9 @@
       }
     },
     "node_modules/@ciphera-net/ui": {
-      "version": "0.1.4",
-      "resolved": "https://npm.pkg.github.com/download/@ciphera-net/ui/0.1.4/c074856f306e6fe4bda315821882be2d8e17ffdc",
-      "integrity": "sha512-O9JXNx9VwF6EicNyFgZ6QT5y1HbofuFMBuDt0KOTD9CmRMWR/kuaI4Iqw1o1hMcY5WW+rFfjF2W/Jjdr4b0iWw==",
+      "version": "0.2.1",
+      "resolved": "https://npm.pkg.github.com/download/@ciphera-net/ui/0.2.1/c0e31eb55d837285e4c89f4a32228681f1282d7b",
+      "integrity": "sha512-ggIRrgwSS0TI/6ieU1esmV+6EIQ79Je5IM/pXqIzLUm1TJ68xGtx2Uumm36vMKSnQ3KqW+Li5HqfhzQJnH6fdw==",
       "dependencies": {
         "@phosphor-icons/react": "^2.1.10",
         "class-variance-authority": "^0.7.1",
diff --git a/package.json b/package.json
index 887f7e8..dc2c664 100644
--- a/package.json
+++ b/package.json
@@ -12,7 +12,7 @@
     "test:watch": "vitest"
   },
   "dependencies": {
-    "@ciphera-net/ui": "^0.1.4",
+    "@ciphera-net/ui": "^0.2.1",
     "@ducanh2912/next-pwa": "^10.2.9",
     "@phosphor-icons/react": "^2.1.10",
     "@simplewebauthn/browser": "^13.2.2",