DAW/furt
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 3 Packages 1 Wiki Activity Actions

feat(config): integrate rate limiting and CORS configuration from furt.conf

Browse source 
- Add RateLimiter:configure() function to accept config-based limits
- Integrate security section parameters (rate_limit_api_key_max, ip_max, window)
- Add CORS configuration from config file with environment fallback
- Replace hardcoded rate limiting defaults with configurable values
- Add test endpoint control via config.security.enable_test_endpoint
- Update startup logging to show actual configured rate limits
- Add configuration validation and detailed startup information

Rate limiting now uses values from [security] section instead of hardcoded
defaults. CORS origins prioritize config file over environment variables.

Related to DAW/furt#89
This commit is contained in:
michael 2025-08-29 20:01:47 +02:00
parent ecd4f68595
commit 5c17c86fd4
4 changed files with 128 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

14
config/furt.conf.example
View file

@ -4,8 +4,20 @@
# Server configuration
[server]
host = 127.0.0.1
port = 8080
port = 7811
log_level = info
log_requests = true
client_timeout = 10
# CORS configuration
cors_allowed_origins = http://localhost:1313,http://127.0.0.1:1313,https://dragons-at-work.de,https://www.dragons-at-work.de
# Security settings
[security]
rate_limit_api_key_max = 60
rate_limit_ip_max = 100
rate_limit_window = 3600
enable_test_endpoint = false
# Default SMTP settings (used when API keys don't have custom SMTP)
[smtp_default]