improved error logging

Co-authored-by: Copilot <copilot@github.com>

FrontendV2/package-lock.json

@@ -5224,9 +5224,9 @@
       }
     },
     "node_modules/postcss": {
-      "version": "8.5.6",
+      "version": "8.5.11",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.11.tgz",
-      "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==",
+      "integrity": "sha512-5dDj8+lmvA8XB78SmzGI8NlQoksv7IfutGWeVZxiixHbO+p4LDPT3wuG/D9sM/wrjZZ9I+Siy/e117vbFPxSZg==",
       "funding": [
         {
           "type": "opencollective",

FrontendV2/src/pages/ContactPage.tsx

@@ -42,6 +42,12 @@ export const ContactPage = () => {
         text: t("contactPage_successText"),
       });
       setMessage("");
+    } else if (result.status === 503) {
+      setAlert({
+        type: "error",
+        headline: t("serviceDeactivatedHeadline"),
+        text: t("contactPage_serviceDeactivatedText"),
+      });
     } else {
       setAlert({
         type: "error",

FrontendV2/src/pages/Landingpage.tsx

@@ -79,6 +79,16 @@ const Landingpage: React.FC = () => {
             Authorization: `Bearer ${Cookies.get("token")}`,
           },
         });
+        if (loanRes.status === 503) {
+          setError(
+            "error",
+            t("serviceDeactivatedHeadline"),
+            t("loan_page_serviceDeactivatedText"),
+          );
+          setIsLoading(false);
+          return;
+        }
+
         const loanData = await loanRes.json();
         if (Array.isArray(loanData)) {
           setLoans(loanData);

FrontendV2/src/pages/MyLoansPage.tsx

@@ -52,6 +52,13 @@ export const MyLoansPage = () => {
         });
 
         if (!res.ok) {
+          if (res.status === 503) {
+            setMsgStatus("error");
+            setMsgTitle(t("serviceDeactivatedHeadline"));
+            setMsgDescription(t("loan_page_serviceDeactivatedText"));
+            setIsMsg(true);
+            return;
+          }
           setMsgStatus("error");
           setMsgTitle(t("error"));
           setMsgDescription(t("error-fetching-loans"));

FrontendV2/src/utils/Fetcher.ts

@@ -17,6 +17,16 @@ export const getBorrowableItems = async (
     });
 
     if (!response.ok) {
+      if (response.status === 503) {
+        return {
+          data: null,
+          status: "error",
+          title: "Service deactivated",
+          description:
+            "The loan service is currently deactivated. Please try again later.",
+        };
+      }
+
       return {
         data: null,
         status: "error",
@@ -60,6 +70,16 @@ export const createLoan = async (
   });
 
   if (!response.ok) {
+    if (response.status === 503) {
+      return {
+        data: null,
+        status: "error",
+        title: "Service deactivated",
+        description:
+          "The loan service is currently deactivated. Please try again later.",
+      };
+    }
+
     return {
       data: null,
       status: "error",

FrontendV2/src/utils/i18n/locales/en/en.json

@@ -94,5 +94,8 @@
     "naas-error": "Error with no-as-a-service",
     "naas-error-desc": "An error occurred while communicating with no-as-a-service.",
     "naas-header": "A good way to say no...",
-    "error-deleting-loan-507": "The loan cannot be deleted because it has not been returned yet."
+    "error-deleting-loan-507": "The loan cannot be deleted because it has not been returned yet.",
+    "serviceDeactivatedHeadline": "Service deactivated",
+    "contactPage_serviceDeactivatedText": "The contact service is currently deactivated. Please try again later.",
+    "loan_page_serviceDeactivatedText": "The loan service is currently deactivated. Please try again later."
 }

backendV2/package-lock.json

@@ -1,18 +1,19 @@
 {
   "name": "backendv2",
-  "version": "1.0.0",
+  "version": "v2.1.1 (dev)",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "backendv2",
-      "version": "1.0.0",
+      "version": "v2.1.1 (dev)",
       "license": "ISC",
       "dependencies": {
         "cors": "^2.8.5",
         "dotenv": "^17.2.1",
         "ejs": "^3.1.10",
         "express": "^5.1.0",
+        "express-rate-limit": "^8.4.1",
         "jose": "^6.0.12",
         "mysql2": "^3.14.3",
         "nodemailer": "^7.0.6"
@@ -349,6 +350,24 @@
         "url": "https://opencollective.com/express"
       }
     },
+    "node_modules/express-rate-limit": {
+      "version": "8.4.1",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.4.1.tgz",
+      "integrity": "sha512-NGVYwQSAyEQgzxX1iCM978PP9AdO/hW93gMcF6ZwQCm+rFvLsBH6w4xcXWTcliS8La5EPRN3p9wzItqBwJrfNw==",
+      "license": "MIT",
+      "dependencies": {
+        "ip-address": "10.1.0"
+      },
+      "engines": {
+        "node": ">= 16"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/express-rate-limit"
+      },
+      "peerDependencies": {
+        "express": ">= 4.11"
+      }
+    },
     "node_modules/filelist": {
       "version": "1.0.4",
       "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
@@ -527,6 +546,15 @@
       "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
       "license": "ISC"
     },
+    "node_modules/ip-address": {
+      "version": "10.1.0",
+      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz",
+      "integrity": "sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 12"
+      }
+    },
     "node_modules/ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",

backendV2/package.json

@@ -15,6 +15,7 @@
     "dotenv": "^17.2.1",
     "ejs": "^3.1.10",
     "express": "^5.1.0",
+    "express-rate-limit": "^8.4.1",
     "jose": "^6.0.12",
     "mysql2": "^3.14.3",
     "nodemailer": "^7.0.6"

backendV2/server.js

@@ -3,6 +3,23 @@ import cors from "cors";
 import dotenv from "dotenv";
 import info from "./info.json" assert { type: "json" };
 import { authenticate } from "./services/authentication.js";
+import { rateLimit } from "express-rate-limit";
+
+dotenv.config();
+const app = express();
+const port = 8004;
+const naasURL = process.env.NAAS_URL;
+
+const limiter = rateLimit({
+  windowMs: 1 * 60 * 1000, // 1 minute
+  limit: 50, // Limit each IP to 50 requests per `window` (here, per 1 minute).
+  standardHeaders: "draft-8", // draft-6: `RateLimit-*` headers; draft-7 & draft-8: combined `RateLimit` header
+  legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
+  ipv6Subnet: 56, // Set to 60 or 64 to be less aggressive, or 52 or 48 to be more aggressive
+  // store: ... , // Redis, Memcached, etc. See below.
+});
+
+app.use(limiter);
 
 // frontend routes
 import loansMgmtRouter from "./routes/app/loanMgmt.route.js";
@@ -19,11 +36,6 @@ import serverConfMgmtRouter from "./routes/admin/serverConfMgmt.route.js";
 // API routes
 import apiRouter from "./routes/api/api.route.js";
 
-dotenv.config();
-const app = express();
-const port = 8004;
-const naasURL = process.env.NAAS_URL;
-
 app.use(cors());
 // Body-Parser VOR den Routen registrieren
 app.use(express.json({ limit: "10mb" }));