fix login error
This commit is contained in:
Matthias Hochmeister
@@ -8,6 +8,9 @@ import { errorHandler, notFoundHandler } from './middleware/error.middleware';
|
|||||||
|
|
||||||
const app: Application = express();
|
const app: Application = express();
|
||||||
|
|
||||||
|
// Trust proxy (required for correct IP detection behind Traefik/Nginx)
|
||||||
|
app.set('trust proxy', 1);
|
||||||
|
|
||||||
// Security middleware
|
// Security middleware
|
||||||
app.use(helmet());
|
app.use(helmet());
|
||||||
|
|
||||||
@@ -17,7 +20,7 @@ app.use(cors({
|
|||||||
credentials: true,
|
credentials: true,
|
||||||
}));
|
}));
|
||||||
|
|
||||||
// Rate limiting
|
// Rate limiting - general API routes
|
||||||
const limiter = rateLimit({
|
const limiter = rateLimit({
|
||||||
windowMs: environment.rateLimit.windowMs,
|
windowMs: environment.rateLimit.windowMs,
|
||||||
max: environment.rateLimit.max,
|
max: environment.rateLimit.max,
|
||||||
@@ -26,6 +29,16 @@ const limiter = rateLimit({
|
|||||||
legacyHeaders: false,
|
legacyHeaders: false,
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Rate limiting - auth routes (more generous to avoid blocking logins)
|
||||||
|
const authLimiter = rateLimit({
|
||||||
|
windowMs: 15 * 60 * 1000, // 15 minutes
|
||||||
|
max: 30, // 30 auth attempts per window
|
||||||
|
message: 'Zu viele Anmeldeversuche. Bitte versuchen Sie es später erneut.',
|
||||||
|
standardHeaders: true,
|
||||||
|
legacyHeaders: false,
|
||||||
|
});
|
||||||
|
|
||||||
|
app.use('/api/auth', authLimiter);
|
||||||
app.use('/api', limiter);
|
app.use('/api', limiter);
|
||||||
|
|
||||||
// Body parsing middleware
|
// Body parsing middleware
|
||||||
|
|||||||
@@ -34,10 +34,13 @@ const LoginCallback: React.FC = () => {
|
|||||||
navigate('/dashboard', { replace: true });
|
navigate('/dashboard', { replace: true });
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
console.error('Login callback error:', err);
|
console.error('Login callback error:', err);
|
||||||
|
const is429 = err && typeof err === 'object' && 'status' in err && (err as any).status === 429;
|
||||||
setError(
|
setError(
|
||||||
err instanceof Error
|
is429
|
||||||
? err.message
|
? 'Zu viele Anmeldeversuche. Bitte warten Sie einige Minuten und versuchen Sie es erneut.'
|
||||||
: 'Anmeldung fehlgeschlagen. Bitte versuchen Sie es erneut.'
|
: err instanceof Error
|
||||||
|
? err.message
|
||||||
|
: 'Anmeldung fehlgeschlagen. Bitte versuchen Sie es erneut.'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -91,7 +91,12 @@ export const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
|
|||||||
});
|
});
|
||||||
|
|
||||||
// Show error notification
|
// Show error notification
|
||||||
notification.showError('Anmeldung fehlgeschlagen. Bitte versuchen Sie es erneut.');
|
const is429 = error && typeof error === 'object' && 'status' in error && (error as any).status === 429;
|
||||||
|
notification.showError(
|
||||||
|
is429
|
||||||
|
? 'Zu viele Anmeldeversuche. Bitte warten Sie einige Minuten und versuchen Sie es erneut.'
|
||||||
|
: 'Anmeldung fehlgeschlagen. Bitte versuchen Sie es erneut.'
|
||||||
|
);
|
||||||
throw error;
|
throw error;
|
||||||
}
|
}
|
||||||
}, [notification]);
|
}, [notification]);
|
||||||
|
|||||||
@@ -38,7 +38,7 @@ class ApiService {
|
|||||||
// Response interceptor: Handle errors
|
// Response interceptor: Handle errors
|
||||||
this.axiosInstance.interceptors.response.use(
|
this.axiosInstance.interceptors.response.use(
|
||||||
(response) => response,
|
(response) => response,
|
||||||
(error: AxiosError) => {
|
async (error: AxiosError) => {
|
||||||
if (error.response?.status === 401) {
|
if (error.response?.status === 401) {
|
||||||
// Clear tokens and redirect to login
|
// Clear tokens and redirect to login
|
||||||
console.warn('Unauthorized request, redirecting to login');
|
console.warn('Unauthorized request, redirecting to login');
|
||||||
@@ -46,6 +46,22 @@ class ApiService {
|
|||||||
removeUser();
|
removeUser();
|
||||||
window.location.href = '/login';
|
window.location.href = '/login';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Retry on 429 (Too Many Requests) with exponential backoff
|
||||||
|
if (error.response?.status === 429 && error.config) {
|
||||||
|
const config = error.config as AxiosRequestConfig & { _retryCount?: number };
|
||||||
|
const retryCount = config._retryCount || 0;
|
||||||
|
const maxRetries = 3;
|
||||||
|
|
||||||
|
if (retryCount < maxRetries) {
|
||||||
|
config._retryCount = retryCount + 1;
|
||||||
|
const delay = Math.pow(2, retryCount) * 1000; // 1s, 2s, 4s
|
||||||
|
console.warn(`Rate limited (429). Retrying in ${delay}ms (attempt ${retryCount + 1}/${maxRetries})...`);
|
||||||
|
await new Promise((resolve) => setTimeout(resolve, delay));
|
||||||
|
return this.axiosInstance.request(config);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return Promise.reject(this.handleError(error));
|
return Promise.reject(this.handleError(error));
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|||||||
Reference in New Issue
Block a user