start working on the frontend side

2025-12-24 19:53:45 +00:00
parent 3aa0169af0
commit c962a223c6
84 changed files with 14761 additions and 58 deletions
--- a/backend/internal/common/router/ratelimit.go
+++ b/backend/internal/common/router/ratelimit.go
@@ -0,0 +1,83 @@
+package router
+
+import (
+	"net/http"
+	"sync"
+
+	"github.com/atlasos/calypso/internal/common/config"
+	"github.com/atlasos/calypso/internal/common/logger"
+	"github.com/gin-gonic/gin"
+	"golang.org/x/time/rate"
+)
+
+// rateLimiter manages rate limiting per IP address
+type rateLimiter struct {
+	limiters map[string]*rate.Limiter
+	mu       sync.RWMutex
+	config   config.RateLimitConfig
+	logger   *logger.Logger
+}
+
+// newRateLimiter creates a new rate limiter
+func newRateLimiter(cfg config.RateLimitConfig, log *logger.Logger) *rateLimiter {
+	return &rateLimiter{
+		limiters: make(map[string]*rate.Limiter),
+		config:   cfg,
+		logger:   log,
+	}
+}
+
+// getLimiter returns a rate limiter for the given IP address
+func (rl *rateLimiter) getLimiter(ip string) *rate.Limiter {
+	rl.mu.RLock()
+	limiter, exists := rl.limiters[ip]
+	rl.mu.RUnlock()
+
+	if exists {
+		return limiter
+	}
+
+	// Create new limiter for this IP
+	rl.mu.Lock()
+	defer rl.mu.Unlock()
+
+	// Double-check after acquiring write lock
+	if limiter, exists := rl.limiters[ip]; exists {
+		return limiter
+	}
+
+	// Create limiter with configured rate
+	limiter = rate.NewLimiter(rate.Limit(rl.config.RequestsPerSecond), rl.config.BurstSize)
+	rl.limiters[ip] = limiter
+
+	return limiter
+}
+
+// rateLimitMiddleware creates rate limiting middleware
+func rateLimitMiddleware(cfg *config.Config, log *logger.Logger) gin.HandlerFunc {
+	if !cfg.Security.RateLimit.Enabled {
+		// Rate limiting disabled, return no-op middleware
+		return func(c *gin.Context) {
+			c.Next()
+		}
+	}
+
+	limiter := newRateLimiter(cfg.Security.RateLimit, log)
+
+	return func(c *gin.Context) {
+		ip := c.ClientIP()
+		limiter := limiter.getLimiter(ip)
+
+		if !limiter.Allow() {
+			log.Warn("Rate limit exceeded", "ip", ip, "path", c.Request.URL.Path)
+			c.JSON(http.StatusTooManyRequests, gin.H{
+				"error": "rate limit exceeded",
+			})
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+