till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-23 03:06:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
managarten/services/mana-core-auth/src/auth/auth.module.ts
Till JS f7df8e97aa feat(auth): add audit logging, account lockout, and API key rate limiting 
1. SecurityEventsService: Centralized audit logging for all auth events
   (login, register, logout, password changes, API key operations, SSO
   token exchange, etc.). Fire-and-forget pattern ensures auth flows
   are never blocked by logging failures.

2. AccountLockoutService: Locks accounts after 5 failed login attempts
   within 15 minutes. 30-minute lockout duration. Fails open on DB
   errors. Clears attempts on successful login. Email-not-verified
   does not count as a failed attempt.

3. API Key validation endpoint secured with rate limiting (10 req/min
   per IP via ThrottlerGuard) and audit logging. Key prefixes logged
   for forensics, never full keys.

New schema: auth.login_attempts table for tracking failed logins.
174 tests passing across all auth and security modules.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 22:09:58 +01:00

23 lines
873 B
TypeScript
Raw Blame History

import { Module } from '@nestjs/common';
import { AuthController } from './auth.controller';
import { BetterAuthPassthroughController } from './better-auth-passthrough.controller';
import { OidcController } from './oidc.controller';
import { OidcLoginController } from './oidc-login.controller';
import { MatrixSessionController } from './matrix-session.controller';
import { BetterAuthService } from './services/better-auth.service';
import { MatrixSessionService } from './services/matrix-session.service';
import { SecurityModule } from '../security';
@Module({
imports: [SecurityModule],
controllers: [
AuthController,
BetterAuthPassthroughController,
OidcController,
OidcLoginController,
MatrixSessionController,
],
providers: [BetterAuthService, MatrixSessionService],
exports: [BetterAuthService, MatrixSessionService],
})
export class AuthModule {}
Reference in a new issue View git blame Copy permalink