Skip to content

feat: implement rate limiting and security middleware (#819)#870

Open
karanjadavi wants to merge 1 commit into
Fracverse:masterfrom
karanjadavi:feat/rate-limiting-security-middleware
Open

feat: implement rate limiting and security middleware (#819)#870
karanjadavi wants to merge 1 commit into
Fracverse:masterfrom
karanjadavi:feat/rate-limiting-security-middleware

Conversation

@karanjadavi

Copy link
Copy Markdown

close #819

- Add RateLimitStore and RateLimitConfig with per-IP tracking via DashMap
- Implement rate_limit_middleware returning 429 on limit exceeded
- Add security header layers: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy
- Replace loose CORS (Any) with strict origin/method/header config
- Wire all middleware layers into create_router in api.rs
- Add 5 tests covering: within-limit, 429 trigger, window reset, heavy traffic, per-IP independence
@drips-wave

drips-wave Bot commented Jun 26, 2026

Copy link
Copy Markdown

@karanjadavi Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@ONEONUORA

Copy link
Copy Markdown
Contributor

@karanjadavi
Pls fix conflict

@ONEONUORA

Copy link
Copy Markdown
Contributor

@karanjadavi
Update on this Pr
you will be unassign in 6hrs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Backend] Middleware: Implement Rate Limiting and Security Guards

2 participants