yantr-js 0.1.0-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +2 -0
- package/dist/index.js +1023 -0
- package/dist/index.js.map +1 -0
- package/package.json +57 -0
- package/registry/registry.json +58 -0
- package/registry/templates/auth/auth.controller.ts +125 -0
- package/registry/templates/auth/auth.middleware.ts +116 -0
- package/registry/templates/auth/auth.routes.ts +34 -0
- package/registry/templates/auth/auth.service.ts +140 -0
- package/registry/templates/base/error-handler.ts +127 -0
- package/registry/templates/base/zod-middleware.ts +104 -0
- package/registry/templates/database/db.ts +83 -0
- package/registry/templates/database/prisma.ts +47 -0
- package/registry/templates/logger/http-logger.ts +61 -0
- package/registry/templates/logger/logger.ts +60 -0
- package/registry/templates/security/helmet.ts +88 -0
- package/registry/templates/security/rate-limiter.ts +79 -0
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
import rateLimit from 'express-rate-limit';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Default rate limiter configuration
|
|
5
|
+
*
|
|
6
|
+
* Limits requests per IP address to prevent abuse.
|
|
7
|
+
* Customize the values based on your application needs.
|
|
8
|
+
*/
|
|
9
|
+
export const rateLimiter = rateLimit({
|
|
10
|
+
// Time window in milliseconds
|
|
11
|
+
windowMs: 15 * 60 * 1000, // 15 minutes
|
|
12
|
+
|
|
13
|
+
// Maximum requests per window per IP
|
|
14
|
+
max: 100,
|
|
15
|
+
|
|
16
|
+
// Return rate limit info in headers
|
|
17
|
+
standardHeaders: true,
|
|
18
|
+
|
|
19
|
+
// Disable X-RateLimit-* headers
|
|
20
|
+
legacyHeaders: false,
|
|
21
|
+
|
|
22
|
+
// Custom error message
|
|
23
|
+
message: {
|
|
24
|
+
success: false,
|
|
25
|
+
error: {
|
|
26
|
+
message: 'Too many requests, please try again later.',
|
|
27
|
+
code: 'RATE_LIMIT_EXCEEDED',
|
|
28
|
+
},
|
|
29
|
+
},
|
|
30
|
+
|
|
31
|
+
// Skip rate limiting for certain requests
|
|
32
|
+
skip: (req) => {
|
|
33
|
+
// Skip rate limiting for health checks
|
|
34
|
+
return req.url === '/health' || req.url === '/ready';
|
|
35
|
+
},
|
|
36
|
+
|
|
37
|
+
// Custom key generator (default is IP)
|
|
38
|
+
keyGenerator: (req) => {
|
|
39
|
+
return req.headers['x-forwarded-for'] as string ||
|
|
40
|
+
req.socket.remoteAddress ||
|
|
41
|
+
'unknown';
|
|
42
|
+
},
|
|
43
|
+
});
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Strict rate limiter for sensitive endpoints (like auth)
|
|
47
|
+
*/
|
|
48
|
+
export const authRateLimiter = rateLimit({
|
|
49
|
+
windowMs: 15 * 60 * 1000, // 15 minutes
|
|
50
|
+
max: 5, // 5 attempts per window
|
|
51
|
+
message: {
|
|
52
|
+
success: false,
|
|
53
|
+
error: {
|
|
54
|
+
message: 'Too many login attempts, please try again later.',
|
|
55
|
+
code: 'AUTH_RATE_LIMIT_EXCEEDED',
|
|
56
|
+
},
|
|
57
|
+
},
|
|
58
|
+
standardHeaders: true,
|
|
59
|
+
legacyHeaders: false,
|
|
60
|
+
});
|
|
61
|
+
|
|
62
|
+
/**
|
|
63
|
+
* API rate limiter for general API endpoints
|
|
64
|
+
*/
|
|
65
|
+
export const apiRateLimiter = rateLimit({
|
|
66
|
+
windowMs: 60 * 1000, // 1 minute
|
|
67
|
+
max: 60, // 60 requests per minute
|
|
68
|
+
message: {
|
|
69
|
+
success: false,
|
|
70
|
+
error: {
|
|
71
|
+
message: 'API rate limit exceeded.',
|
|
72
|
+
code: 'API_RATE_LIMIT_EXCEEDED',
|
|
73
|
+
},
|
|
74
|
+
},
|
|
75
|
+
standardHeaders: true,
|
|
76
|
+
legacyHeaders: false,
|
|
77
|
+
});
|
|
78
|
+
|
|
79
|
+
export default rateLimiter;
|