agatha
7a835d3172
After LOGIN_MAX_FAILURES consecutive failed attempts from the same source IP within LOGIN_WINDOW_SECONDS, POST /api/v1/auth/token returns HTTP 429 with a Retry-After header for LOGIN_COOLDOWN_SECONDS. A successful login resets the counter. Trusted upstream proxy IPs/CIDRs can be declared via LOGIN_TRUSTED_PROXY_IPS so X-Forwarded-For is honoured correctly behind nginx ingress or similar reverse proxies. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
37 lines
1.2 KiB
Plaintext
37 lines
1.2 KiB
Plaintext
# Integration test environment variables
|
|
# Used when running pytest directly on the host (outside Docker).
|
|
#
|
|
# Start test services first:
|
|
# docker compose -f docker-compose.test.yml up -d postgres-test minio-test minio-init-test
|
|
#
|
|
# Then source this file and run tests:
|
|
# export $(grep -v '^#' .env.test.example | xargs)
|
|
# cd api && python -m pytest tests/integration/ -v
|
|
|
|
# PostgreSQL test database (postgres-test container on host port 5433)
|
|
TEST_DATABASE_URL=postgresql+asyncpg://reactbin:reactbin@localhost:5433/reactbin_test
|
|
DATABASE_URL=postgresql+asyncpg://reactbin:reactbin@localhost:5433/reactbin_test
|
|
|
|
# MinIO test instance (minio-test container on host port 9002)
|
|
S3_ENDPOINT_URL=http://localhost:9002
|
|
S3_BUCKET_NAME=reactbin-test
|
|
S3_ACCESS_KEY_ID=minioadmin
|
|
S3_SECRET_ACCESS_KEY=minioadmin
|
|
S3_REGION=us-east-1
|
|
|
|
# Auth (test values — not for production)
|
|
JWT_SECRET_KEY=test-secret-key-for-testing-only
|
|
OWNER_USERNAME=testowner
|
|
OWNER_PASSWORD=testpassword
|
|
|
|
# API
|
|
API_BASE_URL=http://localhost:8000
|
|
MAX_UPLOAD_BYTES=52428800
|
|
|
|
# Login brute-force protection
|
|
LOGIN_MAX_FAILURES=5
|
|
LOGIN_WINDOW_SECONDS=300
|
|
LOGIN_COOLDOWN_SECONDS=900
|
|
# Comma-separated IPs/CIDRs of trusted upstream proxies; leave empty for direct connections.
|
|
LOGIN_TRUSTED_PROXY_IPS=
|