admin/samreshu_backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add rate limiting to auth endpoints

Browse Source 
Made-with: Cursor
This commit is contained in:
Anton
2026-03-04 14:11:29 +03:00
parent 78809a064e
commit 682885ce5a
2 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/routes/auth.ts
View File

@@ -70,10 +70,11 @@ const resetPasswordSchema = {
export async function authRoutes(app: FastifyInstance) {
const authService = new AuthService(app.db);
const { rateLimitOptions } = app;
app.post(
'/register',
{ schema: registerSchema },
{ schema: registerSchema, config: { rateLimit: rateLimitOptions.register } },
async (req, reply) => {
const body = req.body as { email: string; password: string; nickname: string };
const { userId, verificationCode } = await authService.register(body);
@@ -88,7 +89,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/login',
{ schema: loginSchema },
{ schema: loginSchema, config: { rateLimit: rateLimitOptions.login } },
async (req, reply) => {
const body = req.body as { email: string; password: string };
const userAgent = req.headers['user-agent'];
@@ -107,7 +108,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/logout',
{ schema: logoutSchema },
{ schema: logoutSchema, config: { rateLimit: rateLimitOptions.apiGuest } },
async (req, reply) => {
const body = req.body as { refreshToken: string };
await authService.logout(body.refreshToken);
@@ -117,7 +118,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/refresh',
{ schema: refreshTokenSchema },
{ schema: refreshTokenSchema, config: { rateLimit: rateLimitOptions.apiGuest } },
async (req, reply) => {
const body = req.body as { refreshToken: string };
const userAgent = req.headers['user-agent'];
@@ -135,7 +136,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/verify-email',
{ schema: verifyEmailSchema },
{ schema: verifyEmailSchema, config: { rateLimit: rateLimitOptions.verifyEmail } },
async (req, reply) => {
const body = req.body as { userId: string; code: string };
await authService.verifyEmail(body.userId, body.code);
@@ -145,7 +146,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/forgot-password',
{ schema: forgotPasswordSchema },
{ schema: forgotPasswordSchema, config: { rateLimit: rateLimitOptions.forgotPassword } },
async (req, reply) => {
const body = req.body as { email: string };
await authService.forgotPassword(body.email);
@@ -157,7 +158,7 @@ export async function authRoutes(app: FastifyInstance) {
app.post(
'/reset-password',
{ schema: resetPasswordSchema },
{ schema: resetPasswordSchema, config: { rateLimit: rateLimitOptions.forgotPassword } },
async (req, reply) => {
const body = req.body as { token: string; newPassword: string };
await authService.resetPassword(body.token, body.newPassword);