homelab/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2026-06-23 04:10:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c072fd657dcc5139327a0660566d84fefec41450
hedgedoc/backend/src/config/mock/security.config.mock.ts
T
Erik Michelson c072fd657d fix(rate-limit): increase auth limit defaults 
This is a moderate increase from about 2 req/minute to 2.6 req/minute
with an increase of the window to 15 minutes. Switching between
accounts a few times should be covered by the higher rate limit.
At the same time, the window increase reduces the attack/abuse chance
again.

Fixes #6471

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2026-05-13 23:06:02 +02:00

42 lines
1016 B
TypeScript
Raw Blame History

/*
* SPDX-FileCopyrightText: 2026 The HedgeDoc developers (see AUTHORS file)
*
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { ConfigFactoryKeyHost, registerAs } from '@nestjs/config';
import { ConfigFactory } from '@nestjs/config/dist/interfaces';
import { SecurityConfig } from '../security.config';
export function createDefaultMockSecurityConfig(): SecurityConfig {
return {
rateLimit: {
publicApi: {
max: 150,
window: 300,
},
authenticated: {
max: 900,
window: 300,
},
unauthenticated: {
max: 100,
window: 300,
},
auth: {
max: 40,
window: 900,
},
bypass: [],
},
};
}
export function registerSecurityConfig(
securityConfig: SecurityConfig,
): ConfigFactory<SecurityConfig> & ConfigFactoryKeyHost<SecurityConfig> {
return registerAs('securityConfig', (): SecurityConfig => securityConfig);
}
export default registerSecurityConfig(createDefaultMockSecurityConfig());
Reference in New Issue View Git Blame Copy Permalink