Andrei c34de838f4 feat(phase-7): Advanced rate limiting with Redis and header redaction ...

- Implement tier-based rate limiting with rate-limiter-flexible
- Add Redis-backed rate limiters for different user tiers (free/pro/enterprise)
- Create comprehensive header redaction service for security
- Implement burst protection with per-minute limits
- Add organization and project-based rate limiting keys
- Create rate limiting middleware with proper error handling
- Integrate rate limits with tracking, bulk, and export endpoints
- Add header redaction to redirect tracking service
- Implement request logging with redacted sensitive headers
- Add comprehensive rate limit headers (limit, remaining, reset, tier)
- Support for anonymous vs authenticated rate limits
- Legacy endpoint rate limiting preserved for backward compatibility
- Admin functions for rate limit management and statistics
- Comprehensive test suite for all rate limiting scenarios

Security improvements:
- Sensitive header redaction (auth tokens, cookies, secrets)
- Partial redaction for debugging (admin mode)
- URL parameter redaction for sensitive data
- Request/response body redaction
- Configurable redaction levels

Backward compatibility: Maintained 100/hr rate limit for legacy endpoints

2025-08-18 14:40:31 +00:00

14 KiB

Raw Blame History

View Raw