feat: enhance CORS configuration and implement throttling for API endpoints; add admin role checks in controllers

2026-04-21 08:17:44 +02:00
parent 7748ad311f
commit e370062b5c
10 changed files with 44 additions and 24 deletions
@@ -1,4 +1,5 @@
 import { Body, Controller, Post, UploadedFile, UseInterceptors } from '@nestjs/common';
+import { Throttle } from '@nestjs/throttler';
 import { FileInterceptor } from '@nestjs/platform-express';
 import { memoryStorage } from 'multer';
 import { QuickImportDto } from './dto/quick-import.dto';
@@ -9,6 +10,7 @@ export class QuickImportController {
  constructor(private readonly quickImportService: QuickImportService) {}

  @Post()
+  @Throttle({ default: { ttl: 60_000, limit: 20 } })
  @UseInterceptors(
    FileInterceptor('file', {
      storage: memoryStorage(),