yoinkkk/ExcaliDash
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(deploy): align /api routing, socket path, and proxy-aware auth limits

Browse Source
This commit is contained in:
tototomate123
2026-02-12 19:43:49 +01:00
parent e05edff84d
commit 6fe2ab3d28
7 changed files with 88 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/server/csrf.ts
+3 -2
View File
@@ -11,6 +11,7 @@ import {
getCsrfClientCookieValue,
getCsrfValidationClientIds,
} from "../security/csrfClient";
import { getClientIp } from "../utils/clientIp";
const CSRF_CLIENT_COOKIE_MAX_AGE_SECONDS = 60 * 60 * 24 * 30; // 30 days
const CSRF_RATE_LIMIT_WINDOW = 60 * 1000; // 1 minute
@@ -77,7 +78,7 @@ export const registerCsrfProtection = ({
if (enableDebugLogging) {
const validationCandidates = getCsrfValidationClientIds(req);
const ip = req.ip || req.connection.remoteAddress || "unknown";
const ip = getClientIp(req);
console.log("[CSRF DEBUG] getClientId", {
method: req.method,
path: req.path,
@@ -102,7 +103,7 @@ export const registerCsrfProtection = ({
let csrfCleanupCounter = 0;
app.get("/csrf-token", (req, res) => {
const ip = req.ip || req.connection.remoteAddress || "unknown";
const ip = getClientIp(req);
const now = Date.now();
const clientLimit = csrfRateLimit.get(ip);