Forem: Suman Kshetri The latest articles on Forem by Suman Kshetri (@suman_kshetri). https://forem.com/suman_kshetri https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3689975%2F541a67ce-917e-4102-81a3-7ec80d0081a0.jpg Forem: Suman Kshetri https://forem.com/suman_kshetri en The 3-Layer Trick That Completely Killed My Spam Problem Suman Kshetri Thu, 05 Mar 2026 18:26:57 +0000 https://forem.com/suman_kshetri/when-my-contact-form-got-300-spam-messages-in-2-seconds-and-how-i-fixed-it-1pm7 https://forem.com/suman_kshetri/when-my-contact-form-got-300-spam-messages-in-2-seconds-and-how-i-fixed-it-1pm7 <p>A few days ago I learned an uncomfortable lesson about leaving public forms unprotected on the internet.</p> <p>My portfolio contact form got absolutely destroyed by bots.</p> <p>Not exaggerating — <strong>~400 spam emails in about 3 minutes.</strong></p> <p>My inbox looked like a denial-of-service attack, but for email. Every message was some variation of:</p> <blockquote> <p><em>"Johndoe..."</em><br> <em>"Hello..."</em></p> </blockquote> <p>You know the type.</p> <p>At first I thought: <em>"Okay… maybe just a few bots."</em></p> <p>Then the notifications kept coming.</p> <p>So I did what every developer eventually does — I built a fix.</p> <h2> Why Does This Happen? </h2> <p>Any public form on the internet will eventually be targeted. Bots continuously crawl the web looking for:</p> <ul> <li>Contact forms</li> <li>Email endpoints</li> <li>Comment sections</li> <li>Signup pages</li> </ul> <p>If your form has no protection between the user and your email server, you're essentially leaving the front door wide open.</p> <p>The fix? <strong>Layer multiple lightweight protections.</strong> No single check is bulletproof, but together they make your form extremely hard to abuse.</p> <h2> Layer 1 — Honeypot 🍯 </h2> <p>A honeypot is a hidden form field that real users never see or interact with. Bots, however, tend to fill out every field they find — so if it has a value, you know it's a bot.</p> <p><strong>Frontend (React/JSX):</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight jsx"><code><span class="p">&lt;</span><span class="nt">input</span> <span class="na">type</span><span class="p">=</span><span class="s">"text"</span> <span class="na">name</span><span class="p">=</span><span class="s">"honeypot"</span> <span class="na">style</span><span class="p">=</span><span class="si">{</span><span class="p">{</span> <span class="na">display</span><span class="p">:</span> <span class="dl">"</span><span class="s2">none</span><span class="dl">"</span> <span class="p">}</span><span class="si">}</span> <span class="na">tabIndex</span><span class="p">=</span><span class="si">{</span><span class="o">-</span><span class="mi">1</span><span class="si">}</span> <span class="na">autoComplete</span><span class="p">=</span><span class="s">"off"</span> <span class="p">/&gt;</span> </code></pre> </div> <p><strong>Backend check:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">function</span> <span class="nf">isBot</span><span class="p">(</span><span class="nx">honeypot</span><span class="p">:</span> <span class="nx">unknown</span><span class="p">):</span> <span class="nx">boolean</span> <span class="p">{</span> <span class="k">return</span> <span class="k">typeof</span> <span class="nx">honeypot</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">string</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">honeypot</span><span class="p">.</span><span class="nf">trim</span><span class="p">().</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p><strong>The trick:</strong> if a bot triggers it, return a fake success instead of an error. Bots retry on errors — silence keeps them away.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">if </span><span class="p">(</span><span class="nf">isBot</span><span class="p">(</span><span class="nx">honeypot</span><span class="p">))</span> <span class="p">{</span> <span class="c1">// Don't tell the bot it failed</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">200</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <h2> Layer 2 — Rate Limiting 🚦 </h2> <p>Even if a bot slips past the honeypot, it might hammer your endpoint with dozens of requests per second. Rate limiting caps how many requests a single IP can make in a given window.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">rateLimitMap</span> <span class="o">=</span> <span class="k">new</span> <span class="nb">Map</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="p">{</span> <span class="na">count</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="nl">resetAt</span><span class="p">:</span> <span class="kr">number</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">();</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">isRateLimited</span><span class="p">(</span> <span class="nx">ip</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">maxRequests</span> <span class="o">=</span> <span class="mi">3</span><span class="p">,</span> <span class="nx">windowMs</span> <span class="o">=</span> <span class="mi">60</span><span class="nx">_000</span><span class="p">,</span> <span class="c1">// 1 minute</span> <span class="p">):</span> <span class="nx">boolean</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">now</span> <span class="o">=</span> <span class="nb">Date</span><span class="p">.</span><span class="nf">now</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">entry</span> <span class="o">=</span> <span class="nx">rateLimitMap</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">ip</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">entry</span> <span class="o">||</span> <span class="nx">now</span> <span class="o">&gt;</span> <span class="nx">entry</span><span class="p">.</span><span class="nx">resetAt</span><span class="p">)</span> <span class="p">{</span> <span class="nx">rateLimitMap</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">ip</span><span class="p">,</span> <span class="p">{</span> <span class="na">count</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">resetAt</span><span class="p">:</span> <span class="nx">now</span> <span class="o">+</span> <span class="nx">windowMs</span> <span class="p">});</span> <span class="k">return</span> <span class="kc">false</span><span class="p">;</span> <span class="p">}</span> <span class="k">if </span><span class="p">(</span><span class="nx">entry</span><span class="p">.</span><span class="nx">count</span> <span class="o">&gt;=</span> <span class="nx">maxRequests</span><span class="p">)</span> <span class="k">return</span> <span class="kc">true</span><span class="p">;</span> <span class="nx">entry</span><span class="p">.</span><span class="nx">count</span><span class="o">++</span><span class="p">;</span> <span class="k">return</span> <span class="kc">false</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>This allows <strong>3 requests per IP per minute</strong>. If exceeded, return a <code>429</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">if </span><span class="p">(</span><span class="nf">isRateLimited</span><span class="p">(</span><span class="nx">ip</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Too many requests. Please wait a minute.</span><span class="dl">"</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">429</span> <span class="p">}</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>⚠️ <strong>Note:</strong> This in-memory approach resets on server restart. For production, use a distributed store like <strong>Redis</strong> or <strong>Upstash</strong>.</p> </blockquote> <h2> Layer 3 — Google reCAPTCHA 🤖 </h2> <p>The final gate. Even if a bot bypasses the honeypot and rotates IPs to beat rate limiting, it still needs to pass Google's reCAPTCHA verification.</p> <p><strong>Frontend — load the reCAPTCHA script and get a token on submit:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="c1">// Add to your &lt;head&gt;</span> <span class="p">&lt;</span><span class="nt">script</span> <span class="na">src</span><span class="p">=</span><span class="s">"https://www.google.com/recaptcha/api.js?render=YOUR_SITE_KEY"</span> <span class="p">/&gt;</span> <span class="c1">// In your submit handler</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">grecaptcha</span><span class="p">.</span><span class="nf">execute</span><span class="p">(</span><span class="dl">"</span><span class="s2">YOUR_SITE_KEY</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">action</span><span class="p">:</span> <span class="dl">"</span><span class="s2">contact</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// Send token with your form data</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/contact</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">message</span><span class="p">,</span> <span class="nx">honeypot</span><span class="p">,</span> <span class="na">recaptchaToken</span><span class="p">:</span> <span class="nx">token</span> <span class="p">}),</span> <span class="p">});</span> </code></pre> </div> <p><strong>Backend — verify the token with Google:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">verifyRecaptcha</span><span class="p">(</span><span class="nx">token</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">boolean</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">token</span><span class="p">)</span> <span class="k">return</span> <span class="kc">false</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span> <span class="s2">`https://www.google.com/recaptcha/api/siteverify?secret=</span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">RECAPTCHA_SECRET_KEY</span><span class="p">}</span><span class="s2">&amp;response=</span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span> <span class="p">}</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="k">return</span> <span class="nx">data</span><span class="p">.</span><span class="nx">success</span> <span class="o">===</span> <span class="kc">true</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">isHuman</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyRecaptcha</span><span class="p">(</span><span class="nx">recaptchaToken</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isHuman</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">reCAPTCHA verification failed.</span><span class="dl">"</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span> <span class="p">}</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> Putting It All Together (Next.js API Route) </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">POST</span><span class="p">(</span><span class="nx">req</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// 1. Get IP</span> <span class="kd">const</span> <span class="nx">ip</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">x-forwarded-for</span><span class="dl">"</span><span class="p">)?.</span><span class="nf">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">,</span><span class="dl">"</span><span class="p">)[</span><span class="mi">0</span><span class="p">]?.</span><span class="nf">trim</span><span class="p">()</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">unknown</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// 2. Rate limit check</span> <span class="k">if </span><span class="p">(</span><span class="nf">isRateLimited</span><span class="p">(</span><span class="nx">ip</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Too many requests.</span><span class="dl">"</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">429</span> <span class="p">}</span> <span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">message</span><span class="p">,</span> <span class="nx">honeypot</span><span class="p">,</span> <span class="nx">recaptchaToken</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">req</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="c1">// 3. Honeypot check</span> <span class="k">if </span><span class="p">(</span><span class="nf">isBot</span><span class="p">(</span><span class="nx">honeypot</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="c1">// Silent drop</span> <span class="p">}</span> <span class="c1">// 4. reCAPTCHA check</span> <span class="kd">const</span> <span class="nx">isHuman</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyRecaptcha</span><span class="p">(</span><span class="nx">recaptchaToken</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isHuman</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">Response</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">reCAPTCHA verification failed.</span><span class="dl">"</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span> <span class="p">}</span> <span class="p">);</span> <span class="p">}</span> <span class="c1">// ✅ Safe to send email</span> <span class="p">}</span> </code></pre> </div> <p>A request only reaches your email logic if it passes <strong>all three checks.</strong></p> <h2> The Result </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th></th> </tr> </thead> <tbody> <tr> <td><strong>Before</strong></td> <td>400 spam emails in ~3 minutes</td> </tr> <tr> <td><strong>After</strong></td> <td>0 spam emails</td> </tr> </tbody> </table></div> <p>Not one since.</p> <h2> Going Further in Production </h2> <p>This setup is lightweight and perfect for a portfolio. If you need more:</p> <ul> <li> <strong>Redis / Upstash</strong> — distributed rate limiting that survives server restarts</li> <li> <strong>Cloudflare Turnstile</strong> — a privacy-friendlier CAPTCHA alternative</li> <li> <strong>Arcjet</strong> — modern security layer with bot detection built in</li> <li> <strong>Vercel KV</strong> — great if you're already in the Vercel ecosystem</li> </ul> <h2> The Takeaway </h2> <p>Security doesn't need to be complicated.</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Layer</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td>Honeypot</td> <td>Catches dumb bots instantly</td> </tr> <tr> <td>Rate Limiting</td> <td>Stops flooding &amp; repeat attempts</td> </tr> <tr> <td>reCAPTCHA</td> <td>Verifies a real human is submitting</td> </tr> </tbody> </table></div> <p>Stack them together and your contact form becomes very hard to abuse — with zero impact on real users.</p> <p><em>Have you dealt with bot spam on your own projects? What approach did you take? Drop it in the comments.</em></p> webdev javascript security GSAP Animations: From “Cool Effects” to Intentional Motion Suman Kshetri Wed, 25 Feb 2026 18:35:45 +0000 https://forem.com/suman_kshetri/gsap-animations-from-cool-effects-to-intentional-motion-4l2d https://forem.com/suman_kshetri/gsap-animations-from-cool-effects-to-intentional-motion-4l2d <h1> 🎬 GSAP Animation Guide </h1> <blockquote> <p><em>Motion should guide, not distract.</em></p> </blockquote> <p>A practical guide to thinking about and building intentional animations with GSAP (GreenSock Animation Platform) — not just how to animate, but <strong>how to think about animation</strong>.</p> <h2> What is GSAP? </h2> <p><strong>GSAP</strong> stands for <strong>GreenSock Animation Platform</strong> — a powerful JavaScript motion engine for the web.</p> <p>You can animate:</p> <ul> <li>Position (<code>x</code>, <code>y</code>)</li> <li>Opacity</li> <li>Scale &amp; Rotation</li> <li>Colors</li> <li>SVG paths</li> <li>Scroll-based effects</li> <li>Entire sequenced timelines</li> </ul> <p>Unlike CSS animations, GSAP gives you full control over timing, sequencing, and logic.</p> <h2> Core Philosophy </h2> <blockquote> <p><strong>Animation is not decoration. It's communication.</strong></p> </blockquote> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Good Animation</th> <th>Bad Animation</th> </tr> </thead> <tbody> <tr> <td>Guides attention</td> <td>Distracts the user</td> </tr> <tr> <td>Creates hierarchy</td> <td>Feels random</td> </tr> <tr> <td>Improves perceived performance</td> <td>Slows everything down</td> </tr> <tr> <td>Makes transitions feel intentional</td> <td>Makes users dizzy</td> </tr> </tbody> </table></div> <p>The difference? <strong>Timing and intention.</strong></p> <h2> Core Concepts </h2> <h3> <code>from</code>, <code>to</code>, and <code>fromTo</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Animate from 50px below and invisible → natural position</span> <span class="nx">gsap</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="dl">"</span><span class="s2">.card</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">y</span><span class="p">:</span> <span class="mi">40</span><span class="p">,</span> <span class="na">opacity</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span> <span class="na">duration</span><span class="p">:</span> <span class="mf">0.5</span><span class="p">,</span> <span class="na">ease</span><span class="p">:</span> <span class="dl">"</span><span class="s2">power3.out</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h3> Timelines — Sequencing Animations </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">tl</span> <span class="o">=</span> <span class="nx">gsap</span><span class="p">.</span><span class="nf">timeline</span><span class="p">();</span> <span class="nx">tl</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="dl">"</span><span class="s2">.label</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">y</span><span class="p">:</span> <span class="mi">12</span><span class="p">,</span> <span class="na">opacity</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span> <span class="na">duration</span><span class="p">:</span> <span class="mf">0.4</span> <span class="p">})</span> <span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="dl">"</span><span class="s2">.heading</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">y</span><span class="p">:</span> <span class="mi">24</span><span class="p">,</span> <span class="na">opacity</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span> <span class="na">duration</span><span class="p">:</span> <span class="mf">0.6</span> <span class="p">},</span> <span class="dl">"</span><span class="s2">-=0.2</span><span class="dl">"</span><span class="p">);</span> </code></pre> </div> <p>The <code>"-=0.2"</code> offset means: <em>start this animation 0.2s before the previous one ends.</em></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Offset</th> <th>Effect</th> </tr> </thead> <tbody> <tr> <td><code>"-=0.1"</code></td> <td>Subtle overlap</td> </tr> <tr> <td><code>"-=0.4"</code></td> <td>Heavy overlap</td> </tr> <tr> <td><em>(none)</em></td> <td>Strict sequence</td> </tr> </tbody> </table></div> <h3> ScrollTrigger </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">scrollTrigger</span><span class="p">:</span> <span class="p">{</span> <span class="nl">trigger</span><span class="p">:</span> <span class="dl">"</span><span class="s2">.grid</span><span class="dl">"</span><span class="p">,</span> <span class="nx">start</span><span class="p">:</span> <span class="dl">"</span><span class="s2">top 82%</span><span class="dl">"</span><span class="p">,</span> <span class="p">}</span> </code></pre> </div> <p><code>"top 82%"</code> means: <em>start the animation when the top of the element reaches 82% down the viewport.</em></p> <p>This is <strong>precision</strong> — not "when it enters", but exactly when you define.</p> <h2> Timing Reference </h2> <blockquote> <p><strong>Duration + Stagger + Ease = Feel</strong></p> </blockquote> <h3> Headings </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">gsap</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="dl">"</span><span class="s2">.heading</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">y</span><span class="p">:</span> <span class="mi">24</span><span class="p">,</span> <span class="na">opacity</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span> <span class="na">duration</span><span class="p">:</span> <span class="mf">0.6</span><span class="p">,</span> <span class="c1">// 0.5 – 0.7</span> <span class="na">ease</span><span class="p">:</span> <span class="dl">"</span><span class="s2">power3.out</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h3> Cards (with stagger) </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">gsap</span><span class="p">.</span><span class="k">from</span><span class="p">(</span><span class="dl">"</span><span class="s2">.card</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">y</span><span class="p">:</span> <span class="mi">40</span><span class="p">,</span> <span class="na">opacity</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span> <span class="na">duration</span><span class="p">:</span> <span class="mf">0.5</span><span class="p">,</span> <span class="c1">// 0.45 – 0.6</span> <span class="na">stagger</span><span class="p">:</span> <span class="mf">0.08</span><span class="p">,</span> <span class="c1">// 0.06 – 0.1</span> <span class="na">ease</span><span class="p">:</span> <span class="dl">"</span><span class="s2">power3.out</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <blockquote> <p>Too small a stagger → robotic. Too big → slow and annoying. Sweet spot = <strong>0.06–0.1</strong>.</p> </blockquote> <h2> Animation Hierarchy (Mental Model) </h2> <p>Each UI layer deserves a different animation weight:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Labels → Subtle intro Headings → Strong presence Cards → Cascading reveal Buttons → Micro-interaction only </code></pre> </div> <h2> Common Mistakes to Avoid </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Mistake</th> <th>Why It's a Problem</th> </tr> </thead> <tbody> <tr> <td>Animating too much</td> <td>If everything moves, nothing feels important</td> </tr> <tr> <td>Long durations (1.2s+)</td> <td>Feels cool once, then just feels slow</td> </tr> <tr> <td>No easing</td> <td>Linear animations look robotic</td> </tr> <tr> <td>Animating layout props (<code>top</code>, <code>left</code>)</td> <td>Bad for performance — use <code>x</code>, <code>y</code>, <code>scale</code> instead</td> </tr> </tbody> </table></div> <h2> What's Next </h2> <p>Topics worth exploring deeper:</p> <ul> <li>Advanced timeline orchestration</li> <li>Page transitions in Next.js</li> <li>Parallax (done correctly)</li> <li>Scroll-based storytelling</li> <li>Performance optimization with heavy animation</li> <li>Combining GSAP with React state logic</li> </ul> <h2> The Real Advice </h2> <blockquote> <p>Don't just copy animations from tutorials. <strong>Break them.</strong></p> <p>Change durations. Change overlaps. Remove stagger. Add more.<br> Feel the difference. That's how you actually learn GSAP.</p> </blockquote> <h2> Resources </h2> <ul> <li><a href="https://gsap.com/docs/" rel="noopener noreferrer">GSAP Docs</a></li> <li><a href="https://gsap.com/docs/v3/Plugins/ScrollTrigger/" rel="noopener noreferrer">ScrollTrigger Plugin</a></li> <li><a href="https://gsap.com/docs/v3/Eases/" rel="noopener noreferrer">GSAP Easing Visualizer</a></li> </ul> <p>I’m Suman Kshetri — grinding through computer engineering, building real-world web projects, and sharing what I learn without the fluff.</p> <h2> Let's Connect: </h2> <p>LinkedIn: <a href="https://www.linkedin.com/in/suman-kshetri/" rel="noopener noreferrer">Suman-Kshetri</a><br> GitHub: <a href="https://github.com/Suman-Kshetri" rel="noopener noreferrer">Suman-Kshetri</a></p> webdev frontend animation gsap A Full-Stack Productivity Platform Suman Kshetri Thu, 19 Feb 2026 15:31:33 +0000 https://forem.com/suman_kshetri/a-full-stack-productivity-platform-3o35 https://forem.com/suman_kshetri/a-full-stack-productivity-platform-3o35 <p>I created Focus Portal to help people stay focused and organized in a world full of distractions. I wanted a simple platform where users could manage tasks, write notes, and track their progress without unnecessary complexity.</p> <p>The goal was to combine productivity tools with real-time updates and rich content features, so users can work efficiently in one place.</p> <h2> Key Features </h2> <ol> <li>Create, organize, and track tasks</li> <li>Real-time updates for questions and answers</li> <li>Rich text editing for notes and documents</li> <li>File uploads and download</li> <li>Secure account authentication with email verification</li> </ol> <p>I built this project as a full-stack application to improve my skills in frontend, backend, real-time communication, and deployment. Along the way, I learned how to structure a project cleanly, handle authentication securely, and implement interactive features that feel smooth for users.</p> <p>🔗 <a href="https://github.com/Suman-Kshetri/FocusPortal" rel="noopener noreferrer">Github</a><br> 🔗 <a href="https://focus-portal.sumankshetri.com.np" rel="noopener noreferrer">Live Demo</a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3ixfnx34sdrpr4wzhs8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3ixfnx34sdrpr4wzhs8.png" alt=" " width="800" height="442"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frm3ec2rbjtcuh1onkmwv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frm3ec2rbjtcuh1onkmwv.png" alt=" " width="800" height="449"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjb5iht4xv4scg3qgcufk.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjb5iht4xv4scg3qgcufk.png" alt=" " width="800" height="449"></a></p> webdev programming javascript fullstack