Matthias-Claudius-Schule/borrow-system
4
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

added request limiter to backend

Browse Source
This commit is contained in:
Theis Gaedigk
2026-04-26 16:10:34 +02:00
parent 40d784ab36
commit d2c36e71be
3 changed files with 49 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backendV2/server.js
+17 -5
View File
@@ -3,6 +3,23 @@ import cors from "cors";
import dotenv from "dotenv";
import info from "./info.json" assert { type: "json" };
import { authenticate } from "./services/authentication.js";
import { rateLimit } from "express-rate-limit";
dotenv.config();
const app = express();
const port = 8004;
const naasURL = process.env.NAAS_URL;
const limiter = rateLimit({
windowMs: 1 * 60 * 1000, // 1 minute
limit: 50, // Limit each IP to 50 requests per `window` (here, per 1 minute).
standardHeaders: "draft-8", // draft-6: `RateLimit-*` headers; draft-7 & draft-8: combined `RateLimit` header
legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
ipv6Subnet: 56, // Set to 60 or 64 to be less aggressive, or 52 or 48 to be more aggressive
// store: ... , // Redis, Memcached, etc. See below.
});
app.use(limiter);
// frontend routes
import loansMgmtRouter from "./routes/app/loanMgmt.route.js";
@@ -19,11 +36,6 @@ import serverConfMgmtRouter from "./routes/admin/serverConfMgmt.route.js";
// API routes
import apiRouter from "./routes/api/api.route.js";
dotenv.config();
const app = express();
const port = 8004;
const naasURL = process.env.NAAS_URL;
app.use(cors());
// Body-Parser VOR den Routen registrieren
app.use(express.json({ limit: "10mb" }));