elpatron/hoerdle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security audit improvements: authentication, path traversal protection, file validation, rate limiting, security headers

Browse Source
This commit is contained in:
Hördle Bot
2025-11-24 09:34:54 +01:00
parent 0f7d66c619
commit 2d6481a42f
11 changed files with 287 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/api/admin/login/route.ts
View File

@@ -1,7 +1,12 @@
import { NextResponse } from 'next/server';
import { NextRequest, NextResponse } from 'next/server';
import bcrypt from 'bcryptjs';
import { rateLimit } from '@/lib/rateLimit';
export async function POST(request: NextRequest) {
// Rate limiting: 5 login attempts per minute
const rateLimitError = rateLimit(request, { windowMs: 60000, maxRequests: 5 });
if (rateLimitError) return rateLimitError;
export async function POST(request: Request) {
try {
const { password } = await request.json();
// Default is hash for 'admin123'