pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-17 10:26:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'hybrid' into dev

Browse Source
This commit is contained in:
Owen
2025-08-18 15:29:23 -07:00
parent 378de19f41 ffe2512734
commit 4bcb4a1590
54 changed files with 3959 additions and 1319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server/routers/external.ts
View File

@@ -872,7 +872,7 @@ authRouter.post(
rateLimit({
windowMs: 15 * 60 * 1000,
max: 900,
keyGenerator: (req) => `newtGetToken:${req.body.newtId || req.ip}`,
keyGenerator: (req) => `olmGetToken:${req.body.newtId || req.ip}`,
handler: (req, res, next) => {
const message = `You can only request an Olm token ${900} times every ${15} minutes. Please try again later.`;
return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));
@@ -951,7 +951,8 @@ authRouter.post(
rateLimit({
windowMs: 15 * 60 * 1000,
max: 15,
keyGenerator: (req) => `requestEmailVerificationCode:${req.body.email || req.ip}`,
keyGenerator: (req) =>
`requestEmailVerificationCode:${req.body.email || req.ip}`,
handler: (req, res, next) => {
const message = `You can only request an email verification code ${15} times every ${15} minutes. Please try again later.`;
return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));
@@ -972,7 +973,8 @@ authRouter.post(
rateLimit({
windowMs: 15 * 60 * 1000,
max: 15,
keyGenerator: (req) => `requestPasswordReset:${req.body.email || req.ip}`,
keyGenerator: (req) =>
`requestPasswordReset:${req.body.email || req.ip}`,
handler: (req, res, next) => {
const message = `You can only request a password reset ${15} times every ${15} minutes. Please try again later.`;
return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));
@@ -1066,7 +1068,8 @@ authRouter.post(
rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 5, // Allow 5 security key registrations per 15 minutes
keyGenerator: (req) => `securityKeyRegister:${req.user?.userId || req.ip}`,
keyGenerator: (req) =>
`securityKeyRegister:${req.user?.userId || req.ip}`,
handler: (req, res, next) => {
const message = `You can only register a security key ${5} times every ${15} minutes. Please try again later.`;
return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));