hata düzeltme

2026-01-02 22:33:24 +03:00
parent aa5c77b4c7
commit 53006601ba
5 changed files with 13 additions and 229 deletions
--- a/src/lib/security.ts
+++ b/src/lib/security.ts
@@ -33,100 +33,4 @@ export async function logActivity(
    }
 }

-export async function checkRateLimit(action: string): Promise<{ blocked: boolean, remaining?: number, resetTime?: Date }> {
-    const MAX_ATTEMPTS = 5

-    try {
-        const supabase = await createAdminClient() || await createClient()
-        const headersList = await headers()
-        let ip = headersList.get("x-forwarded-for") || headersList.get("x-real-ip") || 'unknown'
-        if (ip.includes(',')) ip = ip.split(',')[0].trim()
-        if (ip === '::1') ip = '127.0.0.1'
-
-        // Clean up old limits
-        // Clean up old limits (logic simplified, variable unused)
-
-        // Check current limit
-        const { data: limit } = await supabase
-            .from('rate_limits')
-            .select('*')
-            .eq('ip_address', ip)
-            .eq('action', action)
-            .single()
-
-        if (!limit) {
-            return { blocked: false, remaining: MAX_ATTEMPTS }
-        }
-
-        // If blocked
-        if (limit.blocked_until && new Date(limit.blocked_until) > new Date()) {
-            return { blocked: true, resetTime: new Date(limit.blocked_until) }
-        }
-
-        // If window expired, reset code handling happens in increment logic usually.
-        // But here we just check.
-        // Actually, simpler logic:
-        // We will increment on failure. This function just checks if currently blocked.
-
-        return { blocked: false, remaining: MAX_ATTEMPTS - (limit.count || 0) }
-
-    } catch (error) {
-        console.error('Rate limit check failed:', error)
-        return { blocked: false } // Fail open
-    }
-}
-
-export async function incrementRateLimit(action: string) {
-    const BLOCK_DURATION_MINUTES = 15
-
-    try {
-        const supabase = await createAdminClient() || await createClient()
-        const headersList = await headers()
-        let ip = headersList.get("x-forwarded-for") || headersList.get("x-real-ip") || 'unknown'
-        if (ip.includes(',')) ip = ip.split(',')[0].trim()
-        if (ip === '::1') ip = '127.0.0.1'
-
-        const { data: limit } = await supabase
-            .from('rate_limits')
-            .select('*')
-            .eq('ip_address', ip)
-            .eq('action', action)
-            .single()
-
-        if (limit) {
-            // Check if we should reset (if last attempt was long ago)
-            const lastAttempt = new Date(limit.last_attempt)
-            const tenMinutesAgo = new Date(Date.now() - 10 * 60 * 1000)
-
-            let newCount = limit.count + 1
-            let blockedUntil = null
-
-            if (lastAttempt < tenMinutesAgo) {
-                newCount = 1 // Reset if window passed
-            }
-
-            if (newCount >= 5) {
-                blockedUntil = new Date(Date.now() + BLOCK_DURATION_MINUTES * 60 * 1000).toISOString()
-            }
-
-            await supabase
-                .from('rate_limits')
-                .update({
-                    count: newCount,
-                    last_attempt: new Date().toISOString(),
-                    blocked_until: blockedUntil
-                })
-                .eq('id', limit.id)
-        } else {
-            await supabase.from('rate_limits').insert({
-                ip_address: ip,
-                action,
-                count: 1,
-                last_attempt: new Date().toISOString()
-            })
-        }
-
-    } catch (error) {
-        console.error('Rate limit increment failed:', error)
-    }
-}