Advanced Features
Internationalization
Application messages live in src/i18n/locales/zh-CN.ts and en-US.ts. Use useI18n().t() inside components and i18n.global.t() outside components. Add every message to all supported locales.
Screen locking
Users can unlock with a login password verified by the backend or an optional local PIN hash. Frontend screen locking is a convenience feature, not strong authentication. High-security systems should suspend the server session while locked and reauthenticate on unlock.
WebSocket
The WebSocket utility connects, sends JSON, closes, and exposes open, close, and message callbacks. Production systems should add wss://, short-lived credentials, heartbeats, exponential reconnect, schema validation, message limits, and server-side subscription authorization.
Rich text and uploads
Sanitize rendered HTML with a trusted policy. Validate upload MIME types, signatures, extensions, sizes, and permissions on the backend. Never trust user-provided HTML, SVG, or URLs in a privileged admin application.