🛠 feat: Enhance Redis Integration, Rate Limiters & Log Headers (#6462)

* feat: Implement Redis-based rate limiting, initially import limits * feat: Enhance rate limiters with Redis support and custom prefixes * chore: import orders * chore: update JSDoc for next middleware parameter type in ban and limiter middleware * feat: add logHeaders middleware to log forwarded headers in requests * refactor: change log level from info to debug for Redis rate limiters * feat: increase Redis max listeners and refactor session storage to use Keyv
2025-12-17 08:50:15 +01:00 · 2025-03-21 14:14:45 -04:00 · 2025-03-21 14:14:45 -04:00 · cbba914290
commit cbba914290
parent e928a8eee4
20 changed files with 337 additions and 63 deletions
--- a/api/server/routes/oauth.js
+++ b/api/server/routes/oauth.js
@ -1,7 +1,7 @@
 // file deepcode ignore NoRateLimitingForLogin: Rate limiting is handled by the `loginLimiter` middleware
 const express = require('express');
 const passport = require('passport');
-const { loginLimiter, checkBan, checkDomainAllowed } = require('~/server/middleware');
+const { loginLimiter, logHeaders, checkBan, checkDomainAllowed } = require('~/server/middleware');
 const { setAuthTokens } = require('~/server/services/AuthService');
 const { logger } = require('~/config');

@ -12,6 +12,7 @@ const domains = {
  server: process.env.DOMAIN_SERVER,
 };

+router.use(logHeaders);
 router.use(loginLimiter);

 const oauthHandler = async (req, res) => {