fix(api): security hardening — helmet + auth rate limiting #641

Merged

jason.woltje merged 2 commits from fix/security-hardening into main 2026-03-01 22:43:10 +00:00

Conversation 0 Commits 2 Files Changed 4 +20 -1

jason.woltje commented 2026-03-01 22:39:35 +00:00

Owner

Copy Link

Adds helmet middleware for HSTS/X-Frame/etc security headers. Adds 5 req/min throttle on auth login/register endpoints.

Adds helmet middleware for HSTS/X-Frame/etc security headers. Adds 5 req/min throttle on auth login/register endpoints.

jason.woltje added 2 commits 2026-03-01 22:39:36 +00:00

fix(api): helmet security headers + auth endpoint rate limiting 45ce76061b

chore(api): add helmet dependency c25b77ae39

jason.woltje merged commit 6eb91c9eba into main 2026-03-01 22:43:10 +00:00

jason.woltje referenced this issue from a commit 2026-03-01 22:43:12 +00:00

fix(api): security hardening — helmet + auth rate limiting (#641)

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

ai

AI/LLM integration

api

Backend/API work

api

auth

Authentication

database

database

Database/schema work

devops

Docker/deployment

docs

Documentation

frontend

graph

knowledge-module

migration

Data migration

orchestrator

Orchestrator service (apps/orchestrator/)

p0

Critical priority

p1

High priority

p2

Medium priority

p3

Low priority

performance

Performance work

phase-1

phase-2

phase-3

phase-4

phase-5

plugin

MoltBot plugin work

search

security

Security-related

setup

Initial setup

testing

Testing/QA

web

Frontend work

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

jason.woltje

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mosaic/stack#641