Jason Woltje
4ac4219ce0
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Added query processing to route federation queries to domain services: - Created query parser to extract intent and parameters from query strings - Route queries to TasksService, EventsService, and ProjectsService - Return actual data instead of placeholder responses - Added workspace context validation Implemented query types: - Tasks: "get tasks", "show tasks", etc. - Events: "get events", "upcoming events", etc. - Projects: "get projects", "show projects", etc. Added 5 new tests for query processing (20 tests total, all passing): - Process tasks/events/projects queries - Handle unknown query types - Enforce workspace context requirements Updated FederationModule to import TasksModule, EventsModule, ProjectsModule. Fixes #297 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
87 lines
2.7 KiB
TypeScript
87 lines
2.7 KiB
TypeScript
/**
|
|
* Federation Module
|
|
*
|
|
* Provides instance identity and federation management with DoS protection via rate limiting.
|
|
* Issue #272: Rate limiting added to prevent DoS attacks on federation endpoints
|
|
*/
|
|
|
|
import { Module } from "@nestjs/common";
|
|
import { ConfigModule } from "@nestjs/config";
|
|
import { HttpModule } from "@nestjs/axios";
|
|
import { ThrottlerModule } from "@nestjs/throttler";
|
|
import { FederationController } from "./federation.controller";
|
|
import { FederationAuthController } from "./federation-auth.controller";
|
|
import { FederationService } from "./federation.service";
|
|
import { CryptoService } from "./crypto.service";
|
|
import { FederationAuditService } from "./audit.service";
|
|
import { SignatureService } from "./signature.service";
|
|
import { ConnectionService } from "./connection.service";
|
|
import { OIDCService } from "./oidc.service";
|
|
import { CommandService } from "./command.service";
|
|
import { QueryService } from "./query.service";
|
|
import { FederationAgentService } from "./federation-agent.service";
|
|
import { PrismaModule } from "../prisma/prisma.module";
|
|
import { TasksModule } from "../tasks/tasks.module";
|
|
import { EventsModule } from "../events/events.module";
|
|
import { ProjectsModule } from "../projects/projects.module";
|
|
import { RedisProvider } from "../common/providers/redis.provider";
|
|
|
|
@Module({
|
|
imports: [
|
|
ConfigModule,
|
|
PrismaModule,
|
|
TasksModule,
|
|
EventsModule,
|
|
ProjectsModule,
|
|
HttpModule.register({
|
|
timeout: 10000,
|
|
maxRedirects: 5,
|
|
}),
|
|
// Rate limiting for DoS protection (Issue #272)
|
|
// Uses in-memory storage by default (suitable for single-instance deployments)
|
|
// For multi-instance deployments, configure Redis storage via ThrottlerStorageRedisService
|
|
ThrottlerModule.forRoot([
|
|
{
|
|
name: "short",
|
|
ttl: 1000, // 1 second
|
|
limit: 3, // 3 requests per second (very strict for public endpoints)
|
|
},
|
|
{
|
|
name: "medium",
|
|
ttl: 60000, // 1 minute
|
|
limit: 20, // 20 requests per minute (for authenticated endpoints)
|
|
},
|
|
{
|
|
name: "long",
|
|
ttl: 3600000, // 1 hour
|
|
limit: 200, // 200 requests per hour (for read operations)
|
|
},
|
|
]),
|
|
],
|
|
controllers: [FederationController, FederationAuthController],
|
|
providers: [
|
|
RedisProvider,
|
|
FederationService,
|
|
CryptoService,
|
|
FederationAuditService,
|
|
SignatureService,
|
|
ConnectionService,
|
|
OIDCService,
|
|
CommandService,
|
|
QueryService,
|
|
FederationAgentService,
|
|
],
|
|
exports: [
|
|
FederationService,
|
|
CryptoService,
|
|
FederationAuditService,
|
|
SignatureService,
|
|
ConnectionService,
|
|
OIDCService,
|
|
CommandService,
|
|
QueryService,
|
|
FederationAgentService,
|
|
],
|
|
})
|
|
export class FederationModule {}
|