31 lines
924 B
JavaScript
31 lines
924 B
JavaScript
const router = require("express").Router();
|
|
const controller = require("../controllers/auth.controller");
|
|
const User = require("../models/user.model");
|
|
const { createRateLimit } = require("../middleware/rate-limit");
|
|
|
|
const loginRateLimit = createRateLimit({
|
|
keyPrefix: "auth:login",
|
|
windowMs: 15 * 60 * 1000,
|
|
max: 25,
|
|
message: "Too many login attempts. Please try again later.",
|
|
});
|
|
|
|
const registerRateLimit = createRateLimit({
|
|
keyPrefix: "auth:register",
|
|
windowMs: 15 * 60 * 1000,
|
|
max: 10,
|
|
message: "Too many registration attempts. Please try again later.",
|
|
});
|
|
|
|
router.post("/register", registerRateLimit, controller.register);
|
|
router.post("/login", loginRateLimit, controller.login);
|
|
router.post("/logout", controller.logout);
|
|
router.post("/", async (req, res) => {
|
|
res.status(200).json({
|
|
message: "Auth API is running.",
|
|
roles: Object.values(User.ROLES),
|
|
});
|
|
});
|
|
|
|
module.exports = router;
|