updates

2025-12-01 01:08:39 +02:00
parent 0fa2adeb19
commit 1a103a769f
234 changed files with 5513 additions and 283 deletions
--- a/Backend/src/shared/config/settings.py
+++ b/Backend/src/shared/config/settings.py
@@ -28,6 +28,10 @@ class Settings(BaseSettings):
    CORS_ORIGINS: List[str] = Field(default_factory=lambda: ['http://localhost:5173', 'http://localhost:3000', 'http://127.0.0.1:5173'], description='Allowed CORS origins')
    RATE_LIMIT_ENABLED: bool = Field(default=True, description='Enable rate limiting')
    RATE_LIMIT_PER_MINUTE: int = Field(default=60, description='Requests per minute per IP')
+    RATE_LIMIT_ADMIN_PER_MINUTE: int = Field(default=300, description='Requests per minute for admin users')
+    RATE_LIMIT_STAFF_PER_MINUTE: int = Field(default=200, description='Requests per minute for staff users')
+    RATE_LIMIT_ACCOUNTANT_PER_MINUTE: int = Field(default=200, description='Requests per minute for accountant users')
+    RATE_LIMIT_CUSTOMER_PER_MINUTE: int = Field(default=100, description='Requests per minute for customer users')
    CSRF_PROTECTION_ENABLED: bool = Field(default=True, description='Enable CSRF protection')
    HSTS_PRELOAD_ENABLED: bool = Field(default=False, description='Enable HSTS preload directive (requires domain submission to hstspreload.org)')
    LOG_LEVEL: str = Field(default='INFO', description='Log level: DEBUG, INFO, WARNING, ERROR, CRITICAL')