34 lines
4.1 KiB
Plaintext
34 lines
4.1 KiB
Plaintext
# Rate Limiting Audit - 20251123-080450
|
|
== Rate Limiter Implementation ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:406: limitStr := r.URL.Query().Get("limit")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:409: limit := 20
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:411: if l, err := strconv.Atoi(limitStr); err == nil && l > 0 && l <= 100 {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:412: limit = l
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:447: args = append(args, limit, offset)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:50: TaxRate float64 `json:"taxRate"`
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:49:func TestGenerateJWT(t *testing.T) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main_test.go:59: token, err := generateJWT(user, roles)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:27: maxEmailLength = 254 // RFC 5321 limit
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:29: maxPasswordLength = 72 // bcrypt limit
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:408: passwordHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:623: token, err := generateToken(userID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:625: http.Error(w, "Failed to generate token", http.StatusInternalServerError)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:666: // Generate token
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:667: token, err := generateToken(userID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:669: http.Error(w, "Failed to generate token", http.StatusInternalServerError)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:714: passwordHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:996:func generateToken(userID int) (string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1089:func generateJWT(user User, roles []string) (string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1104: hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:97: // Generate a new identity for this node
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:98: priv, _, err := crypto.GenerateKeyPairWithReader(crypto.Ed25519, -1, rand.Reader)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:100: return fmt.Errorf("failed to generate key pair: %w", err)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:32: BlogTypeUser = "USER" // Community blogs (user authored, separate section)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:204: // Migrate old published boolean to new status
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:535: // Admin panel only shows SITE blogs - user community blogs have separate endpoints
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:958:// These endpoints are completely separate from SITE blogs (admin/staff content)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1619: // ============ COMMUNITY BLOG ROUTES (Separate from Site Blogs) ============
|
|
|
|
== Login Attempt Limiting ==
|
|
No brute force protection found
|