Add rate limiting to auth/verify endpoint (CodeQL fix)

Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/3f62bf2e-92bd-44b5-b05e-b7bfe6772a4d
This commit is contained in:
copilot-swe-agent[bot] 2026-03-25 09:55:27 +00:00
parent cf362126cf
commit 5cee68fc9c
1 changed files with 5 additions and 0 deletions

View File

@ -177,6 +177,11 @@ router.post('/auth/team-login', function(req, res) {
* 验证当前会话是否有效
*/
router.get('/auth/verify', function(req, res) {
var clientIp = req.ip || req.connection.remoteAddress || 'unknown';
if (!checkRateLimit(clientIp)) {
return res.status(429).json({ valid: false, message: '请求过于频繁' });
}
var authHeader = req.headers['authorization'] || '';
var token = authHeader.replace(/^Bearer\s+/i, '');
var result = verifySessionToken(token);