feat(api): implement rate limiting for abuse prevention

Add @fastify/rate-limit with granular policies for different routes Support TRUST_PROXY environment variable for reverse proxies
2026-05-03 15:04:07 +08:00
parent 8f55db9061
commit 0c76d6bfc8
7 changed files with 453 additions and 69 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -22,6 +22,7 @@ services:
    environment:
      DATABASE_URL: postgres://pokopia:pokopia@postgres:5432/pokopia
      BACKEND_PORT: 3001
+      TRUST_PROXY: ${TRUST_PROXY:-false}
      FRONTEND_ORIGIN: http://localhost:20015
      APP_ORIGIN: http://localhost:20015
      UPLOAD_DIR: /app/uploads