23 lines
915 B
Go
23 lines
915 B
Go
package ratelimit
|
|
|
|
import (
|
|
"github.com/redis/go-redis/v9"
|
|
"go.uber.org/zap"
|
|
|
|
"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/config"
|
|
)
|
|
|
|
// ProvideLoginRateLimiter creates a LoginRateLimiter for dependency injection
|
|
// CWE-307: Implements rate limiting and account lockout protection against brute force attacks
|
|
func ProvideLoginRateLimiter(client *redis.Client, cfg *config.Config, logger *zap.Logger) LoginRateLimiter {
|
|
// Use configuration from environment variables
|
|
loginConfig := LoginRateLimiterConfig{
|
|
MaxAttemptsPerIP: cfg.RateLimit.LoginMaxAttemptsPerIP,
|
|
IPWindow: cfg.RateLimit.LoginIPWindow,
|
|
MaxFailedAttemptsPerAccount: cfg.RateLimit.LoginMaxFailedAttemptsPerAccount,
|
|
AccountLockoutDuration: cfg.RateLimit.LoginAccountLockoutDuration,
|
|
KeyPrefix: "login_rl",
|
|
}
|
|
|
|
return NewLoginRateLimiter(client, loginConfig, logger)
|
|
}
|