Merge branch 'dev' into dev

2025-11-09 00:18:16 +00:00 · 2025-09-21 04:18:07 +01:00
parent 9135fa93b3 f3351d577d
commit d7460068d7
29 changed files with 331 additions and 265 deletions
--- a/backend/src/routes/versionRoutes.js
+++ b/backend/src/routes/versionRoutes.js
@@ -14,7 +14,7 @@ const router = express.Router();
 router.get('/current', authenticateToken, async (req, res) => {
  try {
    // Read version from package.json dynamically
-    let currentVersion = '1.2.5'; // fallback
+    let currentVersion = '1.2.6'; // fallback
    
    try {
      const packageJson = require('../../package.json');
@@ -158,7 +158,7 @@ router.get('/check-updates', authenticateToken, requireManageSettings, async (re
      return res.status(400).json({ error: 'Settings not found' });
    }

-    const currentVersion = '1.2.5';
+    const currentVersion = '1.2.6';
    const latestVersion = settings.latestVersion || currentVersion;
    const isUpdateAvailable = settings.updateAvailable || false;
    const lastUpdateCheck = settings.lastUpdateCheck;
--- a/backend/src/server.js
+++ b/backend/src/server.js
@@ -59,11 +59,18 @@ if (process.env.TRUST_PROXY) {
 }
 app.disable('x-powered-by');

-// Rate limiting
+// Rate limiting with monitoring
 const limiter = rateLimit({
  windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS) || 15 * 60 * 1000,
  max: parseInt(process.env.RATE_LIMIT_MAX) || 100,
-  message: 'Too many requests from this IP, please try again later.',
+  message: {
+    error: 'Too many requests from this IP, please try again later.',
+    retryAfter: Math.ceil((parseInt(process.env.RATE_LIMIT_WINDOW_MS) || 15 * 60 * 1000) / 1000)
+  },
+  standardHeaders: true,
+  legacyHeaders: false,
+  skipSuccessfulRequests: true, // Don't count successful requests
+  skipFailedRequests: false, // Count failed requests
 });

 // Middleware
@@ -118,16 +125,31 @@ app.get('/health', (req, res) => {
 // API routes
 const apiVersion = process.env.API_VERSION || 'v1';

-// Per-route rate limits
+// Per-route rate limits with monitoring
 const authLimiter = rateLimit({
  windowMs: parseInt(process.env.AUTH_RATE_LIMIT_WINDOW_MS) || 10 * 60 * 1000,
-  max: parseInt(process.env.AUTH_RATE_LIMIT_MAX) || 20
+  max: parseInt(process.env.AUTH_RATE_LIMIT_MAX) || 20,
+  message: {
+    error: 'Too many authentication requests, please try again later.',
+    retryAfter: Math.ceil((parseInt(process.env.AUTH_RATE_LIMIT_WINDOW_MS) || 10 * 60 * 1000) / 1000)
+  },
+  standardHeaders: true,
+  legacyHeaders: false,
+  skipSuccessfulRequests: true,
 });
 const agentLimiter = rateLimit({
  windowMs: parseInt(process.env.AGENT_RATE_LIMIT_WINDOW_MS) || 60 * 1000,
-  max: parseInt(process.env.AGENT_RATE_LIMIT_MAX) || 120
+  max: parseInt(process.env.AGENT_RATE_LIMIT_MAX) || 120,
+  message: {
+    error: 'Too many agent requests, please try again later.',
+    retryAfter: Math.ceil((parseInt(process.env.AGENT_RATE_LIMIT_WINDOW_MS) || 60 * 1000) / 1000)
+  },
+  standardHeaders: true,
+  legacyHeaders: false,
+  skipSuccessfulRequests: true,
 });

+
 app.use(`/api/${apiVersion}/auth`, authLimiter, authRoutes);
 app.use(`/api/${apiVersion}/hosts`, agentLimiter, hostRoutes);
 app.use(`/api/${apiVersion}/host-groups`, hostGroupRoutes);
--- a/backend/src/services/updateScheduler.js
+++ b/backend/src/services/updateScheduler.js
@@ -101,7 +101,7 @@ class UpdateScheduler {
      }

      // Read version from package.json dynamically
-      let currentVersion = '1.2.5'; // fallback
+      let currentVersion = '1.2.6'; // fallback
      try {
        const packageJson = require('../../package.json');
        if (packageJson && packageJson.version) {
@@ -203,7 +203,7 @@ class UpdateScheduler {
      const httpsRepoUrl = `https://api.github.com/repos/${owner}/${repo}/releases/latest`;
      
      // Get current version for User-Agent
-      let currentVersion = '1.2.5'; // fallback
+      let currentVersion = '1.2.6'; // fallback
      try {
        const packageJson = require('../../package.json');
        if (packageJson && packageJson.version) {