fix: increase rate limits to prevent lockouts (300 general, 50 auth)

This commit is contained in:
root 2026-03-20 23:36:55 +00:00
parent b0561ce714
commit acaec8e0c2

View File

@ -31,7 +31,7 @@ app.use(express.json({ limit: '10mb' }));
// Rate limiting
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100,
max: 300,
standardHeaders: true,
legacyHeaders: false,
message: { error: 'Too many requests', message: 'Please try again later' },
@ -41,7 +41,7 @@ app.use('/api/', limiter);
// Stricter rate limit for auth endpoints
const authLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 20,
max: 50,
standardHeaders: true,
legacyHeaders: false,
message: { error: 'Too many login attempts', message: 'Please try again later' },