security: bound Zod inputs, add SSE per-user cap and tRPC body limit (#51, PR #59)
CI / Architecture Guardrails (push) Successful in 3m38s
CI / Assistant Split Regression (push) Successful in 4m40s
CI / Lint (push) Successful in 5m17s
CI / Typecheck (push) Successful in 5m46s
CI / Build (push) Successful in 7m1s
CI / Unit Tests (push) Failing after 9m41s
CI / Release Images (push) Has been cancelled
CI / Fresh-Linux Docker Deploy (push) Has been cancelled
CI / E2E Tests (push) Has started running
CI / Architecture Guardrails (push) Successful in 3m38s
CI / Assistant Split Regression (push) Successful in 4m40s
CI / Lint (push) Successful in 5m17s
CI / Typecheck (push) Successful in 5m46s
CI / Build (push) Successful in 7m1s
CI / Unit Tests (push) Failing after 9m41s
CI / Release Images (push) Has been cancelled
CI / Fresh-Linux Docker Deploy (push) Has been cancelled
CI / E2E Tests (push) Has started running
Closes #51 (ESLint rule + conventions doc remain as follow-up). Co-authored-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com> Co-committed-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com>
This commit was merged in pull request #59.
This commit is contained in:
@@ -9,6 +9,11 @@ import { auth } from "~/server/auth.js";
|
||||
export const dynamic = "force-dynamic";
|
||||
export const runtime = "nodejs";
|
||||
|
||||
// Bounded connection tracking: a single user opening 100 tabs should not be
|
||||
// able to pin 100 persistent subscriptions on this node.
|
||||
const MAX_SSE_CONNECTIONS_PER_USER = 8;
|
||||
const sseConnectionsByUser = new Map<string, number>();
|
||||
|
||||
export async function GET() {
|
||||
// Start lazily on the first real SSE request so builds/import-time evaluation
|
||||
// never attempt reminder processing against a live database.
|
||||
@@ -43,6 +48,24 @@ export async function GET() {
|
||||
return new Response("Unauthorized", { status: 401 });
|
||||
}
|
||||
|
||||
const currentCount = sseConnectionsByUser.get(dbUser.id) ?? 0;
|
||||
if (currentCount >= MAX_SSE_CONNECTIONS_PER_USER) {
|
||||
return new Response("Too many SSE connections", {
|
||||
status: 429,
|
||||
headers: { "Retry-After": "30" },
|
||||
});
|
||||
}
|
||||
sseConnectionsByUser.set(dbUser.id, currentCount + 1);
|
||||
|
||||
const releaseSlot = () => {
|
||||
const next = (sseConnectionsByUser.get(dbUser.id) ?? 1) - 1;
|
||||
if (next <= 0) {
|
||||
sseConnectionsByUser.delete(dbUser.id);
|
||||
} else {
|
||||
sseConnectionsByUser.set(dbUser.id, next);
|
||||
}
|
||||
};
|
||||
|
||||
const roleDefaults = await loadRoleDefaults();
|
||||
const subscription = deriveUserSseSubscription(
|
||||
{
|
||||
@@ -85,6 +108,7 @@ export async function GET() {
|
||||
} catch {
|
||||
clearInterval(heartbeat);
|
||||
unsubscribe();
|
||||
releaseSlot();
|
||||
}
|
||||
}, 30000);
|
||||
|
||||
@@ -92,8 +116,12 @@ export async function GET() {
|
||||
return () => {
|
||||
clearInterval(heartbeat);
|
||||
unsubscribe();
|
||||
releaseSlot();
|
||||
};
|
||||
},
|
||||
cancel() {
|
||||
releaseSlot();
|
||||
},
|
||||
});
|
||||
|
||||
return new Response(stream, {
|
||||
|
||||
Reference in New Issue
Block a user