Meik/vereinskalender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Aktueller Stand

Browse Source
This commit is contained in:
Meik
2026-01-15 23:18:42 +01:00
parent 46eae2a2a9
commit dcf45bac3d
32 changed files with 2625 additions and 395 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/auth.ts
View File

@@ -3,6 +3,7 @@ import bcrypt from "bcryptjs";
import type { NextAuthOptions } from "next-auth";
import CredentialsProvider from "next-auth/providers/credentials";
import { prisma } from "./prisma";
import { checkRateLimit, getRateLimitConfig } from "./rate-limit";
const MAX_LOGIN_ATTEMPTS = 5;
const LOGIN_WINDOW_MINUTES = 15;
@@ -76,6 +77,15 @@ export const authOptions: NextAuthOptions = {
const email = normalizeEmail(credentials.email);
const ip = getClientIp(req);
const rateConfig = getRateLimitConfig("RATE_LIMIT_LOGIN", 10);
const rate = await checkRateLimit({
key: `login:${email}:${ip}`,
limit: rateConfig.limit,
windowMs: rateConfig.windowMs
});
if (!rate.ok) {
throw new Error("RATE_LIMIT");
}
let attempt: { id: string; attempts: number; lastAttempt: Date; lockedUntil: Date | null } | null = null;
try {
attempt = await prisma.loginAttempt.findUnique({