damanukyan/cryptowallet
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

revert: non-custodial — client supplies addresses+paths to POST /wallets/create

Browse Source
This commit is contained in:
ZOMBIIIIIII
2026-05-11 19:51:10 +03:00
parent 8d91dbeb14
commit c8bc40af97
20 changed files with 122 additions and 1475 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/api/src/app.ts
View File

@@ -8,7 +8,7 @@ import { swaggerSpec } from './config/swagger';
import { traceMiddleware } from './middleware/trace';
import { authMiddleware } from './middleware/auth';
import { csrfMiddleware } from './middleware/csrf';
import { globalLimiter, mutateLimiter, sensitiveLimiter, mnemonicRevealLimiter } from './middleware/rate-limit';
import { globalLimiter, mutateLimiter, sensitiveLimiter } from './middleware/rate-limit';
import { errorHandler } from './middleware/error-handler';
import walletRoutes from './routes/wallet.routes';
import relayProxyRoutes from './routes/relay-proxy.routes';
@@ -50,9 +50,8 @@ app.use('/api', globalLimiter);
// ── PROTECTED endpoints (JWT + CSRF) ─────────────────────────────────────────
const protect = [authMiddleware, csrfMiddleware];
// Sensitive — самый строгий лимит. Каждый POST/PUT защищён JWT + CSRF.
// Sensitive — самый строгий лимит. Каждый POST защищён JWT + CSRF.
app.use('/api/wallets/create', ...protect, sensitiveLimiter);
app.use('/api/wallets/mnemonic/reveal', ...protect, mnemonicRevealLimiter);
app.use('/api/wallets/:chain/send', ...protect, sensitiveLimiter);
// Mutating (proxy + read endpoints) — повышенный лимит