Add admin config page and runtime-tunable upload/rate-limit settings

2026-03-24 13:56:56 +01:00
parent d9de02f08d
commit ba06fb0c7c
14 changed files with 588 additions and 20 deletions
--- a/internal/auth/routes.go
+++ b/internal/auth/routes.go
@@ -2,17 +2,30 @@ package auth

 import (
 	"ResendIt/internal/api/middleware"
+	"ResendIt/internal/config"
 	"time"

 	"github.com/gin-gonic/gin"
 )

-func RegisterRoutes(r *gin.RouterGroup, h *Handler) {
+type ConfigService interface {
+	GetIntDefault(key string, def int) int
+}
+
+func RegisterRoutes(r *gin.RouterGroup, h *Handler, cfg ConfigService) {
 	auth := r.Group("/auth")

 	// Stricter rate limit on login to reduce brute-force / log spam.
-	// 5 attempts per minute per IP, burst 10.
-	auth.POST("/login", middleware.RateLimitByIP(5, time.Minute, 10, 15*time.Minute), h.Login)
+	auth.POST("/login", middleware.RateLimitByIPDynamic(
+		func() int {
+			return cfg.GetIntDefault(config.KeyRateLimitLoginPerMinute, config.DefaultRateLimitLoginPerMinute)
+		},
+		time.Minute,
+		func() int {
+			return cfg.GetIntDefault(config.KeyRateLimitLoginBurst, config.DefaultRateLimitLoginBurst)
+		},
+		15*time.Minute,
+	), h.Login)

 	protected := auth.Group("/")
 	protected.Use(middleware.AuthMiddleware())