mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix(gateway): security hardening — auth guards, ownership checks, validation, rate limiting

Browse Source
This commit is contained in:
Jason Woltje
2026-03-13 08:33:05 -05:00
parent ca5472bc31
commit 54c6bfded0
4 changed files with 82 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/gateway/src/chat/__tests__/chat-security.test.ts
View File

@@ -41,15 +41,15 @@ describe('WebSocket session authentication', () => {
},
);
expect(result).toBe(session);
expect(result).toEqual(session);
});
});
describe('Chat DTO validation', () => {
it('rejects unsupported message roles and system messages', () => {
it('rejects unsupported message roles', () => {
const dto = Object.assign(new SendMessageDto(), {
content: 'hello',
role: 'system',
role: 'moderator',
});
const errors = validateSync(dto);
@@ -57,9 +57,9 @@ describe('Chat DTO validation', () => {
expect(errors.length).toBeGreaterThan(0);
});
it('rejects oversized conversation message content above 32000 characters', () => {
it('rejects oversized conversation message content above 10000 characters', () => {
const dto = Object.assign(new SendMessageDto(), {
content: 'x'.repeat(32_001),
content: 'x'.repeat(10_001),
role: 'user',
});