ADD: fixed e rechnung

app/lib/rate-limiter.server.ts

@@ -0,0 +1,21 @@
+import { RateLimiterMemory } from "rate-limiter-flexible";
+
+// Max. 5 Loginversuche pro IP innerhalb von 15 Minuten
+const loginLimiter = new RateLimiterMemory({
+  points: 5,
+  duration: 60 * 15,
+});
+
+export async function checkLoginRateLimit(request: Request): Promise<string | null> {
+  const ip =
+    request.headers.get("x-forwarded-for")?.split(",")[0].trim() ??
+    request.headers.get("x-real-ip") ??
+    "unknown";
+
+  try {
+    await loginLimiter.consume(ip);
+    return null;
+  } catch {
+    return "Zu viele Loginversuche. Bitte 15 Minuten warten.";
+  }
+}