Assist_Design/apps/bff/src/auth/guards/auth-throttle.guard.ts

import { Injectable } from "@nestjs/common";
import { ThrottlerGuard } from "@nestjs/throttler";

@Injectable()
export class AuthThrottleGuard extends ThrottlerGuard {
  protected async getTracker(req: Record<string, any>): Promise<string> {
    // Track by IP address for failed login attempts
    const forwarded = req.headers["x-forwarded-for"];
    const forwardedIp = Array.isArray(forwarded) ? forwarded[0] : forwarded;
    const ip =
      forwardedIp?.split(",")[0]?.trim() ||
      (req.headers["x-real-ip"] as string | undefined) ||
      req.socket?.remoteAddress ||
      req.ip ||
      "unknown";

    return `auth_${ip}`;
  }
}
structure changes 2025-08-21 15:24:40 +09:00			`import { Injectable } from "@nestjs/common";`
			`import { ThrottlerGuard } from "@nestjs/throttler";`
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00
			`@Injectable()`
			`export class AuthThrottleGuard extends ThrottlerGuard {`
			`protected async getTracker(req: Record<string, any>): Promise<string> {`
			`// Track by IP address for failed login attempts`
clean up 2025-08-22 17:02:49 +09:00			`const forwarded = req.headers["x-forwarded-for"];`
			`const forwardedIp = Array.isArray(forwarded) ? forwarded[0] : forwarded;`
structure changes 2025-08-21 15:24:40 +09:00			`const ip =`
clean up 2025-08-22 17:02:49 +09:00			`forwardedIp?.split(",")[0]?.trim() \|\|`
			`(req.headers["x-real-ip"] as string \| undefined) \|\|`
structure changes 2025-08-21 15:24:40 +09:00			`req.socket?.remoteAddress \|\|`
			`req.ip \|\|`
			`"unknown";`

Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00			return `auth_${ip}`;
			`}`
			`}`