hwinkel
22 lines
565 B
TypeScript
22 lines
565 B
TypeScript
import { RateLimiterMemory } from "rate-limiter-flexible";
|
|
|
|
// Max. 5 Loginversuche pro IP innerhalb von 15 Minuten
|
|
const loginLimiter = new RateLimiterMemory({
|
|
points: 5,
|
|
duration: 60 * 15,
|
|
});
|
|
|
|
export async function checkLoginRateLimit(request: Request): Promise<string | null> {
|
|
const ip =
|
|
request.headers.get("x-forwarded-for")?.split(",")[0].trim() ??
|
|
request.headers.get("x-real-ip") ??
|
|
"unknown";
|
|
|
|
try {
|
|
await loginLimiter.consume(ip);
|
|
return null;
|
|
} catch {
|
|
return "Zu viele Loginversuche. Bitte 15 Minuten warten.";
|
|
}
|
|
}
|