Implement rate limiting

2025-11-06 07:54:22 +00:00 · 2024-11-10 18:12:25 +01:00
parent 8cf850a62c
commit 77d9abb691
4 changed files with 41 additions and 14 deletions
--- a/backend/internal/config/config.go
+++ b/backend/internal/config/config.go
@@ -4,27 +4,33 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"strconv"
+	"time"

 	"novamd/internal/crypto"
 )

 type Config struct {
-	DBPath        string
-	WorkDir       string
-	StaticPath    string
-	Port          string
-	AdminEmail    string
-	AdminPassword string
-	EncryptionKey string
-	JWTSigningKey string
+	DBPath            string
+	WorkDir           string
+	StaticPath        string
+	Port              string
+	AdminEmail        string
+	AdminPassword     string
+	EncryptionKey     string
+	JWTSigningKey     string
+	RateLimitRequests int
+	RateLimitWindow   time.Duration
 }

 func DefaultConfig() *Config {
 	return &Config{
-		DBPath:     "./novamd.db",
-		WorkDir:    "./data",
-		StaticPath: "../frontend/dist",
-		Port:       "8080",
+		DBPath:            "./novamd.db",
+		WorkDir:           "./data",
+		StaticPath:        "../frontend/dist",
+		Port:              "8080",
+		RateLimitRequests: int(10),
+		RateLimitWindow:   time.Minute,
 	}
 }

@@ -72,6 +78,19 @@ func Load() (*Config, error) {
 	config.EncryptionKey = os.Getenv("NOVAMD_ENCRYPTION_KEY")
 	config.JWTSigningKey = os.Getenv("NOVAMD_JWT_SIGNING_KEY")

+	// Configure rate limiting
+	if reqStr := os.Getenv("NOVAMD_RATE_LIMIT_REQUESTS"); reqStr != "" {
+		if parsed, err := strconv.Atoi(reqStr); err == nil {
+			config.RateLimitRequests = parsed
+		}
+	}
+
+	if windowStr := os.Getenv("NOVAMD_RATE_LIMIT_WINDOW"); windowStr != "" {
+		if parsed, err := time.ParseDuration(windowStr); err == nil {
+			config.RateLimitWindow = parsed
+		}
+	}
+
 	// Validate all settings
 	if err := config.Validate(); err != nil {
 		return nil, err