Feat/implement bundle analyzer

[arxja]

Summary by CodeRabbit

• New Features

  • Added authentication system with sign-in, sign-up, and sign-out capabilities, including automatic user state management and session tracking.

• Documentation

  • Added comprehensive performance optimization guide covering key metrics, best practices, common issues, and actionable recommendations with code examples.

• Chores

  • Added build analysis script.

[coderabbitai]

Warning

Review limit reached

@arxja, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 40 minutes and 21 seconds. Learn how PR review limits work.

Your organization has reached its usage spending cap. Adjust your spending cap in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f1d16b16-ad51-44c3-9002-71cc2c90075e

📥 Commits

Reviewing files that changed from the base of the PR and between 6e9d1ba and 7fa153f.

📒 Files selected for processing (1)

• docs/guides/performance.md

📝 Walkthrough

Walkthrough

This PR adds three independent improvements to SaaSify: a client-side authentication hook for user sign-in/sign-up/sign-out, a comprehensive performance optimization guide covering Web Vitals with actionable fixes, and a build analysis npm script to support performance debugging.

Changes

Feature and Documentation Additions

Layer / File(s)	Summary
Authentication hook implementation hooks/useAuth.ts	useAuth() hook manages user state and isLoading flag, fetches current user from /api/auth/me on mount, and exposes signIn(), signUp(), and signOut() async methods that call API endpoints and update state.
Performance optimization guide docs/guides/performance.md	New guide documents Web Vitals metrics (TTFB, FCP, LCP, TTI, TBT) with target/good/fix thresholds, describes symptoms and fixes for each metric with code examples, and includes a performance checklist for best practices.
Build analysis tooling package.json	New analyze npm script runs Next.js experimental bundle analysis for identifying and visualizing optimization opportunities.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Hop skip and jump, auth now flows,
User state in React hooks it glows,
Performance metrics guide the way,
Bundle analysis saves the day!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'Feat/implement bundle analyzer' refers only to the package.json script addition, but the changeset includes two significant features: a new performance guide and a useAuth hook. The title is misleading about the main scope.	Revise the title to reflect all major changes, such as 'Add performance guide, useAuth hook, and bundle analyzer script' or split into focused PRs.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/implement-bundle-analyzer

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (3)

docs/guides/performance.md (2)

130-141: ⚡ Quick win

Use correct language identifier for CSS code block.

The code block is marked as typescript but contains CSS. This causes incorrect syntax highlighting and may confuse readers.

♻️ Proposed fix

-```typescript
+```css
 // ❌ Bad - Loading large fonts synchronously
 import 'some-heavy-font.css'

-// ✅ Good - Load fonts with display swap
-// In global.css
+```

+```css
+/* ✅ Good - Load fonts with display swap */
+/* In global.css */
 `@font-face` {
   font-family: 'CustomFont';
   src: url('/fonts/custom.woff2');
   font-display: swap;  /* Show fallback until font loads */
 }
 ```

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/guides/performance.md` around lines 130 - 141, The code fences use the
wrong language: change the first example that contains "import
'some-heavy-font.css'" to a JavaScript fence (```js) and change the CSS example
containing the `@font-face` rule to a CSS fence (```css) so syntax highlighting
matches the content; update the two fences surrounding the import line and the
`@font-face` block accordingly to use the correct language identifiers.

---

224-235: ⚡ Quick win

Add TypeScript types to Layout component.

The Layout component is missing TypeScript types for its props. In Next.js App Router, layout components should be properly typed.

♻️ Proposed fix

-export default function Layout({ children }) {
+export default function Layout({ children }: { children: React.ReactNode }) {
   return (
     <html>
       <head>

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/guides/performance.md` around lines 224 - 235, Layout is missing
TypeScript typings for its props; update the Layout component signature (the
Layout function and its { children } param) to include the proper type for
children (e.g., children: React.ReactNode or React.ReactElement) and add a
return type (e.g., JSX.Element) so the function is fully typed; ensure any
needed React types are imported or referenced from the global JSX namespace used
by your Next.js setup.

package.json (1)

9-9: Confirm next experimental-analyze is available in Next.js 16.2.6.

npx next experimental-analyze --help succeeds and shows the expected CLI (interactive UI for analyzing production bundle output). The command is only compatible with Turbopack, so make sure your Next setup uses Turbopack for this script to be meaningful.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 9, Verify that the package.json "analyze" script
invoking "next experimental-analyze" is compatible with the project's Next.js
version 16.2.6 by running `npx next experimental-analyze --help` locally or in
CI to ensure the CLI exists; also confirm the project is configured to use
Turbopack (since "next experimental-analyze" only works with Turbopack) and
update documentation or package.json to remove or gate the script if Turbopack
is not enabled for this repo.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/guides/performance.md`:
- Around line 368-376: The example imports useDebouncedCallback from the
external package use-debounce (used by the handleSearch example) but the
dependency isn’t documented; update the performance guide to either (a) add a
short install instruction (e.g., npm or yarn install use-debounce) and mention
the package name use-debounce alongside the example, or (b) replace the example
with a small built-in debounce helper and show handleSearch using that helper;
ensure you reference useDebouncedCallback and the handleSearch snippet so
readers know which example requires the dependency.
- Around line 40-47: The exported function is incorrectly named Proxy; rename
the exported function Proxy to middleware so Next.js will pick it up (keep the
same parameter type NextRequest and return NextResponse logic). Update the
export declaration for the function named Proxy to export function
middleware(request: NextRequest) { … } and preserve the auth-check logic (cookie
read, pathname startsWith("/dashboard"), redirect to "/sign-in" or
NextResponse.next()) so behavior remains identical but the function is
recognized as middleware.
- Around line 32-38: The function currently named Proxy uses await but is not
declared async and is misnamed for Next.js middleware; change the exported
function named Proxy to an async function named middleware, e.g., export async
function middleware(request: NextRequest) { ... }, and keep the awaited calls to
getServerSession, fetchUserFromDB, and checkPermissions inside it so the syntax
is valid and Next.js recognizes it as middleware. Ensure the export matches
Next.js expectations (export function middleware) and update any references to
Proxy accordingly.
- Around line 293-296: The example uses dynamic() but omits its import; add an
import for dynamic from 'next/dynamic' at the top of the example so the snippet
using dynamic(() => import('./HeavyChart'), { ssr: false }) works; specifically,
include an import statement for the dynamic symbol used with the HeavyChart
component.

---

Nitpick comments:
In `@docs/guides/performance.md`:
- Around line 130-141: The code fences use the wrong language: change the first
example that contains "import 'some-heavy-font.css'" to a JavaScript fence
(```js) and change the CSS example containing the `@font-face` rule to a CSS fence
(```css) so syntax highlighting matches the content; update the two fences
surrounding the import line and the `@font-face` block accordingly to use the
correct language identifiers.
- Around line 224-235: Layout is missing TypeScript typings for its props;
update the Layout component signature (the Layout function and its { children }
param) to include the proper type for children (e.g., children: React.ReactNode
or React.ReactElement) and add a return type (e.g., JSX.Element) so the function
is fully typed; ensure any needed React types are imported or referenced from
the global JSX namespace used by your Next.js setup.

In `@package.json`:
- Line 9: Verify that the package.json "analyze" script invoking "next
experimental-analyze" is compatible with the project's Next.js version 16.2.6 by
running `npx next experimental-analyze --help` locally or in CI to ensure the
CLI exists; also confirm the project is configured to use Turbopack (since "next
experimental-analyze" only works with Turbopack) and update documentation or
package.json to remove or gate the script if Turbopack is not enabled for this
repo.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d5df4e84-c43a-4f1b-9c8a-54c68704e875

📥 Commits

Reviewing files that changed from the base of the PR and between d7346d4 and 6e9d1ba.

📒 Files selected for processing (3)

• docs/guides/performance.md
• hooks/useAuth.ts
• package.json

💤 Files with no reviewable changes (1)

• hooks/useAuth.ts