diff options
author | Biswakalyan Bhuyan <biswa@surgot.in> | 2024-07-27 21:47:07 +0530 |
---|---|---|
committer | Biswakalyan Bhuyan <biswa@surgot.in> | 2024-07-27 21:47:07 +0530 |
commit | ffb65bdfa58ac862e417a8271c2ec3552c9c4135 (patch) | |
tree | 2592f6cc32637bb3f676eabd64550880b502f248 /backend | |
parent | ef9fc3325f10a7e44d62b85d709efd24afc76051 (diff) | |
download | admin-panel-ffb65bdfa58ac862e417a8271c2ec3552c9c4135.tar.gz admin-panel-ffb65bdfa58ac862e417a8271c2ec3552c9c4135.tar.bz2 admin-panel-ffb65bdfa58ac862e417a8271c2ec3552c9c4135.zip |
added rate limiting to the api
Diffstat (limited to 'backend')
-rw-r--r-- | backend/index.js | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/backend/index.js b/backend/index.js index 7b548ad..9693dcd 100644 --- a/backend/index.js +++ b/backend/index.js @@ -36,6 +36,16 @@ const db = admin.firestore(); // Secret key for JWT const JWT_SECRET = process.env.JWT_SECRET_KEY; +// Rate Limiting middleware +const limiter = rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 100, // limit each IP to 100 requests per windowMs + message: 'Too many requests from this IP, please try again after 15 minutes', +}); + +// Apply rate limiter to all requests +app.use(limiter); + // Register route app.post('/register', async (req, res) => { const { username, password } = req.body; |