mirror of
https://github.com/kjanat/livedash-node.git
synced 2026-01-16 10:52:08 +01:00
Kaj Kowalski
7cc5cad14f
- Add rate limiting middleware for NextAuth login endpoints - Implement authRateLimitMiddleware for /api/auth/* routes - Add comprehensive security tests covering: - Rate limiter functionality (5 tests) - IP extraction from headers (5 tests) - Input validation and sanitization (10 tests) - Password strength requirements - XSS and SQL injection prevention - All 21 security tests passing - Rate limits configured: 5 login attempts per 15 minutes
23 lines
669 B
TypeScript
23 lines
669 B
TypeScript
import type { NextRequest } from "next/server";
|
|
import { NextResponse } from "next/server";
|
|
import { authRateLimitMiddleware } from "./middleware/authRateLimit";
|
|
|
|
export function middleware(request: NextRequest) {
|
|
// Apply auth rate limiting
|
|
const authRateLimitResponse = authRateLimitMiddleware(request);
|
|
if (authRateLimitResponse.status === 429) {
|
|
return authRateLimitResponse;
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Configure which routes the middleware runs on
|
|
export const config = {
|
|
matcher: [
|
|
// Apply to auth API routes
|
|
"/api/auth/:path*",
|
|
// Exclude static files and images
|
|
"/((?!_next/static|_next/image|favicon.ico).*)",
|
|
],
|
|
}; |