feat: add admin backend foundation (login, session, health)#641
Open
Ferryx349 wants to merge 5 commits into
Open
feat: add admin backend foundation (login, session, health)#641Ferryx349 wants to merge 5 commits into
Ferryx349 wants to merge 5 commits into
Conversation
Signed-off-by: ABHAY PANDEY <pandeyabhay967@gmail.com>
🦋 Changeset detectedLatest commit: 92516e3 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Collaborator
|
coverage: 67.248% (+0.3%) from 66.977% — Ferryx349:ADMIN-CONSOLE-1 into cameri:main |
Ferryx349
force-pushed
the
ADMIN-CONSOLE-1
branch
from
4f7095a to
0e12902
Compare
Signed-off-by: ABHAY PANDEY <pandeyabhay967@gmail.com>
Signed-off-by: ABHAY PANDEY <pandeyabhay967@gmail.com>
Ferryx349
force-pushed
the
ADMIN-CONSOLE-1
branch
from
014b0c8 to
92516e3
Compare
| router.use(rateLimiterMiddleware) | ||
|
|
||
| router.post('/login', adminLoginRateLimitMiddleware, json(), withController(createPostAdminLoginController)) | ||
| router.get('/session', adminRateLimitMiddleware, requireAdminAuth, withController(createGetAdminSessionController)) |
Collaborator
Author
There was a problem hiding this comment.
Added rate limiting using the existing Redis-backed pattern (limits.admin & per-route middleware). CodeQL still warns because it doesn’t recognize our custom limiter, I believe it’s a false positive. @cameri wdyt?
|
|
||
| router.post('/login', adminLoginRateLimitMiddleware, json(), withController(createPostAdminLoginController)) | ||
| router.get('/session', adminRateLimitMiddleware, requireAdminAuth, withController(createGetAdminSessionController)) | ||
| router.get('/health', adminRateLimitMiddleware, requireAdminAuth, withController(createGetAdminHealthController)) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This is the groundwork for admin console backend with a disabled-by-default admin API. Currently with password login(will replace it with NIP-98 later). API also includes session management, and a protected health endpoint.
Related Issue
#631
Types of changes
Checklist: