Initial commit: Open sourcing all of the Maple Open Technologies code.
This commit is contained in:
commit
755d54a99d
2010 changed files with 448675 additions and 0 deletions
23
cloud/maplepress-backend/pkg/ratelimit/providers.go
Normal file
23
cloud/maplepress-backend/pkg/ratelimit/providers.go
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
package ratelimit
|
||||
|
||||
import (
|
||||
"github.com/redis/go-redis/v9"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/config"
|
||||
)
|
||||
|
||||
// ProvideLoginRateLimiter creates a LoginRateLimiter for dependency injection
|
||||
// CWE-307: Implements rate limiting and account lockout protection against brute force attacks
|
||||
func ProvideLoginRateLimiter(client *redis.Client, cfg *config.Config, logger *zap.Logger) LoginRateLimiter {
|
||||
// Use configuration from environment variables
|
||||
loginConfig := LoginRateLimiterConfig{
|
||||
MaxAttemptsPerIP: cfg.RateLimit.LoginMaxAttemptsPerIP,
|
||||
IPWindow: cfg.RateLimit.LoginIPWindow,
|
||||
MaxFailedAttemptsPerAccount: cfg.RateLimit.LoginMaxFailedAttemptsPerAccount,
|
||||
AccountLockoutDuration: cfg.RateLimit.LoginAccountLockoutDuration,
|
||||
KeyPrefix: "login_rl",
|
||||
}
|
||||
|
||||
return NewLoginRateLimiter(client, loginConfig, logger)
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue