mirror of
https://github.com/formbricks/formbricks.git
synced 2026-02-05 10:36:06 -06:00
b67177ba55
* fix(auth): enhance password validation and rate limiting for login attempts - Added password length validation to prevent CPU DoS attacks, limiting to 128 characters. - Implemented constant-time password verification to mitigate timing attacks. - Adjusted rate limit for login attempts from 30 to 10 per 15 minutes for improved security. - Updated login form validation to reflect new password length constraints. - Introduced constants for authentication endpoints in the API. * fixed sample size for timing test * password validation messages --------- Co-authored-by: Your Name <you@example.com>
16 lines
803 B
TypeScript
16 lines
803 B
TypeScript
export const RESPONSES_API_URL = `/api/v2/management/responses`;
|
|
export const SURVEYS_API_URL = `/api/v1/management/surveys`;
|
|
export const WEBHOOKS_API_URL = `/api/v2/management/webhooks`;
|
|
export const ROLES_API_URL = `/api/v2/roles`;
|
|
export const ME_API_URL = `/api/v2/me`;
|
|
export const HEALTH_API_URL = `/api/v2/health`;
|
|
|
|
// Authentication endpoints
|
|
export const AUTH_CALLBACK_URL = `/api/auth/callback/credentials`;
|
|
export const AUTH_CSRF_URL = `/api/auth/csrf`;
|
|
|
|
export const TEAMS_API_URL = (organizationId: string) => `/api/v2/organizations/${organizationId}/teams`;
|
|
export const PROJECT_TEAMS_API_URL = (organizationId: string) =>
|
|
`/api/v2/organizations/${organizationId}/project-teams`;
|
|
export const USERS_API_URL = (organizationId: string) => `/api/v2/organizations/${organizationId}/users`;
|