security: login rate limiting, fix health endpoint, harden error handling

- Fix health endpoint returning null time (use time.Now() instead of context value)
- Add LoginRateLimiter: 5 attempts per 15min window, 5min block on brute-force
- Apply rate limiting to login/register endpoints
- Move reset-password to authenticated routes (was unauthenticated — critical vuln)
- Limit response body sizes on proxy/external API calls (prevent memory exhaustion)
- Sanitize error messages in agent chat endpoint (don't leak internal errors)
- Record login success/failure for rate limiting tracking
This commit is contained in:
shinchan-zhai
2026-03-23 09:43:20 +08:00
parent 84758e2942
commit f28f0e340c
6 changed files with 160 additions and 12 deletions

View File

@@ -136,6 +136,10 @@ func (s *Server) handleLogin(c *gin.Context) {
// Verify password
if !auth.CheckPassword(req.Password, user.PasswordHash) {
// Record failed attempt for rate limiting
if s.loginLimiter != nil {
s.loginLimiter.RecordFailure(c.ClientIP())
}
c.JSON(http.StatusUnauthorized, gin.H{"error": "Email or password incorrect"})
return
}
@@ -147,6 +151,11 @@ func (s *Server) handleLogin(c *gin.Context) {
return
}
// Clear rate limit on success
if s.loginLimiter != nil {
s.loginLimiter.RecordSuccess(c.ClientIP())
}
c.JSON(http.StatusOK, gin.H{
"token": token,
"user_id": user.ID,