Ajout de la gestion des erreurs HTTP, implémentation de la validation des comptes, et mise à jour des dépendances. Création de tests pour les entités et services de compte, ainsi que l'ajout d'un système de limitation de taux.
This commit is contained in:
@@ -1,15 +1,40 @@
|
||||
import { Hono } from "hono";
|
||||
import { validator } from "hono/validator";
|
||||
import { AccountServiceInterface } from "../service/AccountServiceInterface";
|
||||
import { loginSchema, registerSchema } from "../validation/AccountValidation";
|
||||
import { BadSchemaError } from "../../../errors";
|
||||
import { createRateLimit } from "../../../middleware/rateLimiter";
|
||||
|
||||
const loginRateLimit = createRateLimit({
|
||||
windowMs: 15 * 60 * 1000,
|
||||
maxAttempts: 5,
|
||||
keyGenerator: (c) => {
|
||||
const ip =
|
||||
c.req.header("x-forwarded-for") ||
|
||||
c.req.header("x-real-ip") ||
|
||||
"127.0.0.1";
|
||||
return `login:${ip}`;
|
||||
},
|
||||
});
|
||||
|
||||
export default function toRoutes(
|
||||
accountService: AccountServiceInterface,
|
||||
): Hono {
|
||||
const app = new Hono();
|
||||
|
||||
app.post("/login", async (ctx) => {
|
||||
try {
|
||||
const { email, password } = await ctx.req.json();
|
||||
app.post(
|
||||
"/login",
|
||||
loginRateLimit,
|
||||
validator("json", (value) => {
|
||||
const parsed = loginSchema.safeParse(value);
|
||||
if (!parsed.success) {
|
||||
throw new BadSchemaError(parsed.error.message);
|
||||
}
|
||||
|
||||
return parsed.data;
|
||||
}),
|
||||
async (ctx) => {
|
||||
const { email, password } = ctx.req.valid("json");
|
||||
const account = await accountService.login(email, password);
|
||||
|
||||
return ctx.json({
|
||||
@@ -17,38 +42,30 @@ export default function toRoutes(
|
||||
accountId: account.id,
|
||||
email: account.email,
|
||||
});
|
||||
} catch (error) {
|
||||
return ctx.json(
|
||||
{
|
||||
success: false,
|
||||
error: error instanceof Error ? error.message : "Erreur inconnue",
|
||||
},
|
||||
400,
|
||||
);
|
||||
}
|
||||
});
|
||||
},
|
||||
);
|
||||
|
||||
app.post("/register", async (ctx) => {
|
||||
try {
|
||||
const { email, password } = await ctx.req.json();
|
||||
app.post(
|
||||
"/register",
|
||||
validator("json", (value) => {
|
||||
const parsed = registerSchema.safeParse(value);
|
||||
if (!parsed.success) {
|
||||
throw new BadSchemaError(parsed.error.message);
|
||||
}
|
||||
|
||||
const account = await accountService.createAccount(email, password);
|
||||
return parsed.data;
|
||||
}),
|
||||
async (ctx) => {
|
||||
const { email, password } = ctx.req.valid("json");
|
||||
const account = await accountService.register(email, password);
|
||||
|
||||
return ctx.json({
|
||||
success: true,
|
||||
accountId: account.id,
|
||||
email: account.email,
|
||||
});
|
||||
} catch (error) {
|
||||
return ctx.json(
|
||||
{
|
||||
success: false,
|
||||
error: error instanceof Error ? error.message : "Erreur inconnue",
|
||||
},
|
||||
400,
|
||||
);
|
||||
}
|
||||
});
|
||||
},
|
||||
);
|
||||
|
||||
return app;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user