diff --git a/backend/app.js b/backend/app.js index 7a0e6c7..c64485a 100644 --- a/backend/app.js +++ b/backend/app.js @@ -24,6 +24,7 @@ import travelAccommodationRoutes from "./routes/travelAccommodationRoutes.js"; import settingsParticipantRoutes from "./routes/settingsParticipantRoutes.js"; import weatherRoutes from "./routes/weatherRoutes.js"; import { profanity } from "./middleware/profanity.js"; +import rateLimit from "express-rate-limit"; const app = express(); @@ -43,6 +44,24 @@ app.use( }) ); +// short-term limit +const perMinuteLimiter = rateLimit({ + windowMs: 60 * 1000, // 1 minute + max: 10000, // 10000 requests/minute + message: "Too many requests, please slow down.", +}); + +// long-term limit (daily) +const perDayLimiter = rateLimit({ + windowMs: 24 * 60 * 60 * 1000, // 24h + max: 50000, // 50k requests/day + message: "Daily rate limit reached.", +}); + +// Apply globally +app.use(perMinuteLimiter); +app.use(perDayLimiter); + app.use(passport.initialize()); app.use(passport.session()); diff --git a/frontend/README.md b/frontend/README.md deleted file mode 100644 index 7059a96..0000000 --- a/frontend/README.md +++ /dev/null @@ -1,12 +0,0 @@ -# React + Vite - -This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules. - -Currently, two official plugins are available: - -- [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react) uses [Babel](https://babeljs.io/) for Fast Refresh -- [@vitejs/plugin-react-swc](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react-swc) uses [SWC](https://swc.rs/) for Fast Refresh - -## Expanding the ESLint configuration - -If you are developing a production application, we recommend using TypeScript with type-aware lint rules enabled. Check out the [TS template](https://github.com/vitejs/vite/tree/main/packages/create-vite/template-react-ts) for information on how to integrate TypeScript and [`typescript-eslint`](https://typescript-eslint.io) in your project.