Initial commit: StreamFlow IPTV platform

2025-12-17 00:42:43 +00:00 · 2025-12-17 00:42:43 +00:00 · 73a8ae9ffd
commit 73a8ae9ffd
1240 changed files with 278451 additions and 0 deletions
--- a/backend/middleware/rateLimiter.js
+++ b/backend/middleware/rateLimiter.js
@ -0,0 +1,84 @@
+const rateLimit = require('express-rate-limit');
+
+/**
+ * Strict rate limiter for authentication endpoints
+ * 5 requests per 15 minutes
+ */
+const authLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 5,
+  message: { error: 'Too many authentication attempts, please try again later' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+/**
+ * Moderate rate limiter for data modification endpoints
+ * (Create, Update, Delete operations)
+ * 30 requests per 15 minutes
+ */
+const modifyLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 30,
+  message: { error: 'Too many modification requests, please slow down' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+/**
+ * Lenient rate limiter for read operations
+ * 100 requests per 15 minutes
+ */
+const readLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 100,
+  message: { error: 'Too many requests, please slow down' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+/**
+ * Moderate rate limiter for resource-intensive operations
+ * (Streaming, backup, file uploads)
+ * Increased to 1000/min to support HLS streaming which makes many segment requests
+ */
+const heavyLimiter = rateLimit({
+  windowMs: 60 * 1000, // 1 minute
+  max: 1000,
+  message: { error: 'Too many resource-intensive requests, please wait' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+/**
+ * Very strict limiter for backup/restore operations
+ * 3 requests per hour
+ */
+const backupLimiter = rateLimit({
+  windowMs: 60 * 60 * 1000, // 1 hour
+  max: 3,
+  message: { error: 'Too many backup operations, please wait before trying again' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+/**
+ * General API rate limiter
+ * 200 requests per 15 minutes
+ */
+const apiLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 200,
+  message: { error: 'Too many API requests, please try again later' },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+module.exports = {
+  authLimiter,
+  modifyLimiter,
+  readLimiter,
+  heavyLimiter,
+  backupLimiter,
+  apiLimiter
+};