more lenient api rate limit

2025-11-30 22:45:46 +01:00 · 2025-11-02 20:40:59 +01:00
parent da2b3b0126
commit 2e81ed48c4
1 changed files with 4 additions and 4 deletions
--- a/backend/src/middleware/rateLimit.ts
+++ b/backend/src/middleware/rateLimit.ts
@@ -72,8 +72,8 @@ const getRateLimitConfig = () => {
  return {
    windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '900000'), // 15 minutes default
    max: isProduction 
-      ? parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '100')  // Stricter in production
+      ? parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '1000')  // Stricter in production
-      : parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '1000'), // More lenient in development
+      : parseInt(process.env.RATE_LIMIT_MAX_REQUESTS || '5000'), // More lenient in development
    // Development-specific relaxations
    skip: (req: Request) => {
@@ -112,7 +112,7 @@ export const apiLimiter = rateLimit({
 // Strict limiter for auth endpoints
 export const authLimiter = rateLimit({
  windowMs: 15 * 60 * 1000,
-  max: parseInt(process.env.AUTH_RATE_LIMIT_MAX_REQUESTS || '5'),
+  max: parseInt(process.env.AUTH_RATE_LIMIT_MAX_REQUESTS || '100'),
  message: { 
    error: 'Zu viele Login-Versuche, bitte versuchen Sie es später erneut' 
  },
@@ -135,7 +135,7 @@ export const authLimiter = rateLimit({
 // Separate limiter for expensive endpoints
 export const expensiveEndpointLimiter = rateLimit({
  windowMs: 15 * 60 * 1000,
-  max: parseInt(process.env.EXPENSIVE_ENDPOINT_LIMIT || '10'),
+  max: parseInt(process.env.EXPENSIVE_ENDPOINT_LIMIT || '100'),
  message: {
    error: 'Zu viele Anfragen für diese Ressource'
  },