gpt-engineer-app[bot]
6da29e95a4
Add rate limiting to high-risk
...
Introduce centralized rate limiting by applying defined tiers (STRICT, STANDARD, LENIENT, MODERATE) to high-risk edge functions:
- export-user-data (STRICT, 5 req/min)
- send-contact-message (STANDARD, 20 req/min)
- validate-email-backend (LENIENT, 30 req/min)
- admin-delete-user, resend-deletion-code (MODERATE)
- additional standard targets identified (request-account-deletion, cancel-account-deletion) as per guidance
Implements:
- Wrapped handlers with withRateLimit using centralized rateLimiters
- Imported from shared rate limiter module
- Annotated with comments explaining tier rationale
- Updated three initial functions and extended coverage to admin/account management functions
- Added documentation guide for rate limiting usage
This aligns with the Rate Limiting Guide and centralizes rate limit configuration for consistency.
2025-11-10 21:39:37 +00:00
gpt-engineer-app[bot]
bf3da6414a
Centralize CORS configuration
...
Consolidate CORS handling by introducing a shared supabase/functions/_shared/cors.ts and migrate edge functions to import from it. Remove inline cors.ts usage across functions, standardize headers (including traceparent and x-request-id), and prepare for environment-aware origins.
2025-11-10 21:28:46 +00:00
