aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/server/middleware/rate-limiter.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/middleware/rate-limiter.ts')
-rw-r--r--src/server/middleware/rate-limiter.ts18
1 files changed, 18 insertions, 0 deletions
diff --git a/src/server/middleware/rate-limiter.ts b/src/server/middleware/rate-limiter.ts
new file mode 100644
index 0000000..d2bf7d1
--- /dev/null
+++ b/src/server/middleware/rate-limiter.ts
@@ -0,0 +1,18 @@
+import { rateLimiter } from "hono-rate-limiter";
+
+/**
+ * Rate limiter for login endpoint to prevent brute force attacks.
+ * Limits to 5 login attempts per minute per IP address.
+ */
+export const loginRateLimiter = rateLimiter({
+ windowMs: 60 * 1000, // 1 minute
+ limit: 5, // 5 requests per window
+ keyGenerator: (c) =>
+ c.req.header("x-forwarded-for") ?? c.req.header("x-real-ip") ?? "unknown",
+ message: {
+ error: {
+ message: "Too many login attempts, please try again later",
+ code: "RATE_LIMIT_EXCEEDED",
+ },
+ },
+});
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2026-01-16 08:50:24 +0000