Skip to content

Revert "Feat/oauth rate limiting" #461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Harxhit merged 1 commit into from
Jun 3, 2026
+4 −89
Merged

Revert "Feat/oauth rate limiting" #461

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 0 additions & 4 deletions apps/backend/src/app.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,12 @@
import jwt from '@fastify/jwt';
import multipart from '@fastify/multipart';
import rateLimit from '@fastify/rate-limit';
import fastifyStatic from '@fastify/static';

Check failure on line 10 in apps/backend/src/app.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

'fastifyStatic' is defined but never used. Allowed unused vars must match /^_/u
import Fastify, {type FastifyInstance} from 'fastify';

import { prismaPlugin } from './plugins/prisma.js';
import { redisPlugin } from './plugins/redis.js';
import { oauthRateLimitPlugin } from './plugins/oauthRateLimit.js';
import { analyticsRoutes } from './routes/analytics.js';

Check failure on line 15 in apps/backend/src/app.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

`./plugins/oauthRateLimit.js` import should occur before import of `./plugins/prisma.js`
import { authRoutes } from './routes/auth.js';
import { cardRoutes } from './routes/cards.js';
import { connectRoutes } from './routes/connect.js';
Expand All @@ -24,7 +23,7 @@
import { publicRoutes } from './routes/public.js';
import { validateEnv } from './utils/validateEnv.js';
import { teamRoutes } from './routes/team.js';

Check failure on line 26 in apps/backend/src/app.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

`./routes/team.js` import should occur before import of `./utils/validateEnv.js`
const __dirname = path.dirname(fileURLToPath(import.meta.url));

export async function buildApp():Promise<FastifyInstance> {
Expand Down Expand Up @@ -88,9 +87,6 @@
if (process.env.NODE_ENV !== 'test') {
await app.register(redisPlugin);
}

// ─── OAuth Rate Limiting ───
await app.register(oauthRateLimitPlugin);
// ─── Auth Decorator ───
app.decorate('authenticate', async function (request: any, reply: any) {
try {
Expand All @@ -100,8 +96,8 @@
} catch (error) {
reply.status(401).send({ error: 'Unauthorized' });
}
});

Check failure on line 99 in apps/backend/src/app.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

Expected { after 'if' condition

Check failure on line 100 in apps/backend/src/app.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

'error' is defined but never used. Allowed unused caught errors must match /^_/u
// ─── Routes ───
await app.register(authRoutes, { prefix: '/auth' });
await app.register(profileRoutes, { prefix: '/api/profiles' });
Expand Down
81 changes: 0 additions & 81 deletions apps/backend/src/plugins/oauthRateLimit.ts
View file
Open in desktop

This file was deleted.

8 changes: 4 additions & 4 deletions apps/backend/src/routes/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import type { FastifyInstance, FastifyRequest, FastifyReply } from 'fastify';

Check failure on line 1 in apps/backend/src/routes/auth.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

There should be at least one empty line between import groups
import { encrypt } from '../utils/encryption.js';

Check failure on line 2 in apps/backend/src/routes/auth.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

`../utils/encryption.js` import should occur before type import of `fastify`
import { buildOAuthState, getMobileRedirectUri } from '../services/authService.js';

Expand All @@ -14,7 +14,7 @@
state?: string;
}

export async function authRoutes(app: FastifyInstance) {

Check warning on line 17 in apps/backend/src/routes/auth.ts

View workflow job for this annotation

GitHub Actions / backend-ci 

Missing return type on function
// Developer login bypass (development only)
if (process.env.NODE_ENV !== 'production') {
app.post('/dev-login', async (request: FastifyRequest, reply: FastifyReply) => {
Expand All @@ -28,7 +28,7 @@
}

// GitHub OAuth start
app.get('/github', { preHandler: [app.oauthStartRateLimit] }, async (request: FastifyRequest, reply: FastifyReply) => {
app.get('/github', async (request: FastifyRequest, reply: FastifyReply) => {
const redirectUri = `${process.env.BACKEND_URL}/auth/github/callback`;
const clientState = (request.query as any).state || '';
const mobileRedirectUri = (request.query as any).mobile_redirect_uri || '';
Expand All @@ -55,7 +55,7 @@
});

// GitHub OAuth callback
app.get('/github/callback', { preHandler: [app.oauthCallbackRateLimit] }, async (request: FastifyRequest<{ Querystring: OAuthCallbackQuery }>, reply: FastifyReply) => {
app.get('/github/callback', async (request: FastifyRequest<{ Querystring: OAuthCallbackQuery }>, reply: FastifyReply) => {
const { code, state } = request.query;
const storedState = request.cookies?.oauth_state;
if (!state || !storedState || state !== storedState) {
Expand Down Expand Up @@ -151,7 +151,7 @@
});

// Google OAuth start
app.get('/google', { preHandler: [app.oauthStartRateLimit] }, async (request: FastifyRequest, reply: FastifyReply) => {
app.get('/google', async (request: FastifyRequest, reply: FastifyReply) => {
const redirectUri = `${process.env.BACKEND_URL}/auth/google/callback`;
const clientState = (request.query as any).state || '';
const mobileRedirectUri = (request.query as any).mobile_redirect_uri || '';
Expand Down Expand Up @@ -180,7 +180,7 @@
});

// Google callback
app.get('/google/callback', { preHandler: [app.oauthCallbackRateLimit] }, async (request: FastifyRequest<{ Querystring: OAuthCallbackQuery }>, reply: FastifyReply) => {
app.get('/google/callback', async (request: FastifyRequest<{ Querystring: OAuthCallbackQuery }>, reply: FastifyReply) => {
const { code, state } = request.query;

const storedState = request.cookies?.oauth_state;
Expand Down
Loading