feat(security): add rate limiting and CORS middleware

- Add rate limiting to login endpoint (5 requests/minute per IP) - Configure CORS middleware with environment-based origin control - Expose rate limit headers in CORS for client visibility - Update hono to 4.11.3 for rate limiter peer dependency 🤖 Generated with [Claude Code](https://claude.ai/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
author: nsfisis <nsfisis@gmail.com> 2025-12-30 22:08:47 +0900
committer: nsfisis <nsfisis@gmail.com> 2025-12-30 22:08:47 +0900
commit: c2eb7513834eeb5adfa53fff897f585de87e4821 (patch)
tree: 9e914051ca67e2f9e1fa301119bdec398ec9e55f /src/server/middleware/index.ts
parent: b839cae49efd4b9d35c2868a4137101a4d71bd7f (diff)
download: kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.tar.gz
kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.tar.zst
kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/server/middleware/index.ts b/src/server/middleware/index.ts
index e894a42..449e484 100644
--- a/src/server/middleware/index.ts
+++ b/src/server/middleware/index.ts
@@ -1,2 +1,4 @@
 export { type AuthUser, authMiddleware, getAuthUser } from "./auth.js";
+export { createCorsMiddleware } from "./cors.js";
 export { AppError, Errors, errorHandler } from "./error-handler.js";
+export { loginRateLimiter } from "./rate-limiter.js";
author	nsfisis <nsfisis@gmail.com>	2025-12-30 22:08:47 +0900
committer	nsfisis <nsfisis@gmail.com>	2025-12-30 22:08:47 +0900
commit	c2eb7513834eeb5adfa53fff897f585de87e4821 (patch)
tree	9e914051ca67e2f9e1fa301119bdec398ec9e55f /src/server/middleware/index.ts
parent	b839cae49efd4b9d35c2868a4137101a4d71bd7f (diff)
download	kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.tar.gz kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.tar.zst kioku-c2eb7513834eeb5adfa53fff897f585de87e4821.zip