fix(netlify): resolve AI API crash and 404 locale/theme issues

[TiZorii]

AI fixes:

• Extract getClientIp to separate file (avoid db import crash)
• Add missing zod dependency to package.json

404 page fixes:

• Use NEXT_LOCALE cookie for locale detection on Netlify
• Add theme detection script in root layout
• Update styling with hero background and gradient text

Summary by CodeRabbit

• New Features

  • Theme preference now auto-initializes on page load based on your saved selection
  • Language selection persists across browser sessions

• UI/UX Improvements

  • Redesigned 404 error page with updated styling, typography, and visuals
  • Improved locale detection using persisted selection with sensible fallback

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[netlify]

✅ Deploy Preview for develop-devlovers ready!

Name	Link
🔨 Latest commit	a5b09bb
🔍 Latest deploy log	https://app.netlify.com/projects/develop-devlovers/deploys/697c319787bdae000897f9c4
😎 Deploy Preview	https://deploy-preview-226--develop-devlovers.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

Refactors client IP extraction into a new utility, sets NEXT_LOCALE via proxy, adds theme init script in RootLayout, redesigns the 404 page to read locale from a cookie, and adds Zod to frontend dependencies. Additional GROQ env debug logging added to the AI explain route.

Changes

Cohort / File(s)	Summary
Client IP & AI route frontend/lib/security/client-ip.ts, frontend/app/api/ai/explain/route.ts	Adds getClientIpFromHeaders / getClientIp with environment-driven trust flags; route.ts now imports the helper and logs GROQ-related env vars when API key is missing.
Locale persistence & 404 frontend/proxy.ts, frontend/app/not-found.tsx	proxy.ts sets NEXT_LOCALE cookie; not-found.tsx reads locale from NEXT_LOCALE cookie (fallback to en) and replaces prior header-based detection plus UI/layout updates.
App layout theme init frontend/app/layout.tsx	Inserts inline head script to initialize theme from localStorage (supports system) and apply dark class before render.
Dependencies frontend/package.json	Adds zod dependency (^3.24.0).

Sequence Diagram(s)

sequenceDiagram
    actor Client
    participant Proxy
    participant NextServer
    participant AI_Route
    participant ClientIP_Util

    Client->>Proxy: Request (with locale selection)
    Proxy->>Client: Set-Cookie: NEXT_LOCALE=...
    Client->>NextServer: Request /not-found (cookies sent)
    Note right of NextServer: NotFound reads NEXT_LOCALE cookie
    NextServer-->>Client: Rendered 404 page (localized)

    Client->>AI_Route: POST /api/ai/explain (headers)
    AI_Route->>ClientIP_Util: getClientIpFromHeaders(request.headers)
    ClientIP_Util-->>AI_Route: client IP or null
    AI_Route->>AI_Route: Validate GROQ env, log GROQ* vars if missing
    AI_Route-->>Client: API response

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• [Refactor] Code Quality Improvements: Accessibility, Mobile Support, … #213: Replaces local IP extraction with imported getClientIp in frontend/app/api/ai/explain/route.ts.
• (SP: 3) [AI] Add AI word helper with Groq integration #200: Related changes to the AI explain route and shared client-ip helper usage across the AI stack.
• (SP:1) fix: 404 page layout #219: Overlapping changes to frontend/app/not-found.tsx affecting locale detection and 404 UI.

Suggested reviewers

• AM1007
• ViktorSvertoka

Poem

🐰
I nibbled on cookies, soft and neat,
hid locales in crumbs for every fleet.
I sniffed the headers, hopped the IP track,
sprinkled dark-mode dust on the page’s back.
Hooray—a hoppity web, tidy and sweet! 🥕✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: fixing AI API crash (by extracting client IP logic and adding zod), 404 page issues, and locale/theme problems on Netlify.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/netlify-ai-and-i18n

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@frontend/app/not-found.tsx`:
- Around line 48-50: The Tailwind arbitrary font-size in the span inside
not-found.tsx is invalid due to the space in "text-[1 em]"; update the className
on that span (the JSX element with className="relative inline-block text-red-500
text-[1 em] leading-none") to use a valid Tailwind value such as "text-[1em]" or
a standard size like "text-base" so the font-size is applied correctly.

🧹 Nitpick comments (4)

frontend/app/layout.tsx (1)

37-55: Inline theme script is acceptable for FOUC prevention.

The static analysis warnings about dangerouslySetInnerHTML are false positives in this case. The script content is a static string literal with no dynamic/user input interpolation, making XSS impossible. This is a standard pattern for preventing flash of unstyled content (FOUC) during theme initialization.

The implementation correctly:

• Wraps localStorage access in try/catch for environments where it's unavailable
• Respects system preference when theme is 'system'
• Works with suppressHydrationWarning on the <html> tag

Consider using next-themes library which already handles this pattern if you want to reduce custom theme management code.

frontend/app/not-found.tsx (1)

7-9: Consider importing locales from the shared config.

The locales array duplicates the definition in frontend/i18n/config.ts. Importing from the shared config would ensure consistency if locales change.

♻️ Suggested refactor

+import { locales } from '@/i18n/config';
+
 import ukMessages from '@/messages/uk.json';
 import enMessages from '@/messages/en.json';
 import plMessages from '@/messages/pl.json';

 type Locale = 'uk' | 'en' | 'pl';

-const locales: Locale[] = ['uk', 'en', 'pl'];

You may need to adjust the type if the imported locales is readonly:

const locale: Locale = 
  localeCookie && (locales as readonly string[]).includes(localeCookie)
    ? (localeCookie as Locale)
    : 'en';

frontend/lib/security/client-ip.ts (1)

19-22: Consider documenting the production trust behavior.

TRUST_FORWARDED_HEADERS defaults to true in non-production but false in production. This is a sensible security default, but consider adding a comment explaining that in production deployments behind a trusted proxy (like Netlify), operators should explicitly set TRUST_FORWARDED_HEADERS=true.

frontend/app/api/ai/explain/route.ts (1)

97-99: Consider restricting debug logging to development.

Logging environment variable names (even without values) in production could leak infrastructure details. Consider wrapping this in a development check:

♻️ Suggested change

     console.error('GROQ_API_KEY is not configured');
-    console.error('Available env vars starting with GROQ:',
-      Object.keys(process.env).filter(k => k.startsWith('GROQ'))
-    );
+    if (process.env.NODE_ENV === 'development') {
+      console.error('Available env vars starting with GROQ:',
+        Object.keys(process.env).filter(k => k.startsWith('GROQ'))
+      );
+    }