feat(account): throttle confirm-code sends per recipient
Add an in-memory SendLimiter enforcing a one-per-minute cooldown and a five-per-rolling-hour cap per recipient address, checked before provisioning or sending in RequestCode, RequestLoginCode and RequestLinkCode. It guards against email bombing and protects the relay quota. The limiter is injected in main (nil in tests, so the domain suite is unaffected); ErrTooManyRequests maps to HTTP 429.
This commit is contained in:
@@ -175,6 +175,9 @@ func run(ctx context.Context, cfg config.Config, logger *zap.Logger) error {
|
||||
// so they are handed to the server (like the route groups) for the handlers.
|
||||
mailer := newMailer(cfg.SMTP, logger)
|
||||
emails := account.NewEmailService(accounts, mailer, cfg.PublicBaseURL)
|
||||
// Throttle confirm-code sends per recipient: at most one per minute and five per
|
||||
// rolling hour, guarding against email bombing and the relay's own quota.
|
||||
emails.SetSendLimiter(account.NewSendLimiter(time.Minute, 5))
|
||||
// Account linking & merge: the orchestrator over the account, merge and
|
||||
// session layers. Wired to the /api/v1/user/link REST surface below.
|
||||
links := link.NewService(emails, accounts, accountmerge.NewMerger(db), sessions)
|
||||
|
||||
Reference in New Issue
Block a user