Assist_Design/apps/bff/src/modules/auth/guards/auth-throttle.guard.ts

import { Injectable } from "@nestjs/common";
import { ThrottlerGuard } from "@nestjs/throttler";
import { createHash } from "crypto";
import type { Request } from "express";

@Injectable()
export class AuthThrottleGuard extends ThrottlerGuard {
  protected override async getTracker(req: Request): Promise<string> {
    // Track by IP address + User Agent for better security on sensitive auth operations
    const forwarded = req.headers["x-forwarded-for"];
    const forwardedIp = Array.isArray(forwarded) ? forwarded[0] : forwarded;
    const ip =
      (typeof forwardedIp === "string" ? forwardedIp.split(",")[0]?.trim() : undefined) ||
      (req.headers["x-real-ip"] as string | undefined) ||
      req.socket?.remoteAddress ||
      req.ip ||
      "unknown";

    const userAgent = req.headers["user-agent"] || "unknown";
    const userAgentHash = createHash("sha256").update(userAgent).digest("hex").slice(0, 16);

    const normalizedIp = ip.replace(/^::ffff:/, "");

    const resolvedIp = await Promise.resolve(normalizedIp);
    return `auth_${resolvedIp}_${userAgentHash}`;
  }
}
structure changes 2025-08-21 15:24:40 +09:00			`import { Injectable } from "@nestjs/common";`
			`import { ThrottlerGuard } from "@nestjs/throttler";`
Refactor error handling in various services to improve consistency and maintainability. Update user role management across authentication and user services, ensuring proper type definitions. Enhance validation schemas and streamline import/export practices in the domain and validation modules. Remove deprecated files and clean up unused code in the Salesforce integration and catalog services. 2025-09-25 13:21:11 +09:00			`import { createHash } from "crypto";`
fixed lintel errors, 2025-08-23 18:02:05 +09:00			`import type { Request } from "express";`
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00
			`@Injectable()`
			`export class AuthThrottleGuard extends ThrottlerGuard {`
Refactor AuthZodController to AuthController, enhancing login and password set functionalities with throttling and improved response handling. Update AuthModule to reflect controller name change and add new services. Refine AuthService to return sanitized user data and improve error logging. Enhance AuthThrottleGuard to track login attempts by IP and User Agent for better security. Clean up unused JWT guard and streamline token management in AuthTokenService. 2025-09-19 17:37:46 +09:00			`protected override async getTracker(req: Request): Promise<string> {`
			`// Track by IP address + User Agent for better security on sensitive auth operations`
clean up 2025-08-22 17:02:49 +09:00			`const forwarded = req.headers["x-forwarded-for"];`
			`const forwardedIp = Array.isArray(forwarded) ? forwarded[0] : forwarded;`
structure changes 2025-08-21 15:24:40 +09:00			`const ip =`
fixed lintel errors, 2025-08-23 18:02:05 +09:00			`(typeof forwardedIp === "string" ? forwardedIp.split(",")[0]?.trim() : undefined) \|\|`
clean up 2025-08-22 17:02:49 +09:00			`(req.headers["x-real-ip"] as string \| undefined) \|\|`
order fix 2025-08-27 10:54:05 +09:00			`req.socket?.remoteAddress \|\|`
			`req.ip \|\|`
structure changes 2025-08-21 15:24:40 +09:00			`"unknown";`

Refactor AuthZodController to AuthController, enhancing login and password set functionalities with throttling and improved response handling. Update AuthModule to reflect controller name change and add new services. Refine AuthService to return sanitized user data and improve error logging. Enhance AuthThrottleGuard to track login attempts by IP and User Agent for better security. Clean up unused JWT guard and streamline token management in AuthTokenService. 2025-09-19 17:37:46 +09:00			`const userAgent = req.headers["user-agent"] \|\| "unknown";`
Refactor error handling in various services to improve consistency and maintainability. Update user role management across authentication and user services, ensuring proper type definitions. Enhance validation schemas and streamline import/export practices in the domain and validation modules. Remove deprecated files and clean up unused code in the Salesforce integration and catalog services. 2025-09-25 13:21:11 +09:00			`const userAgentHash = createHash("sha256").update(userAgent).digest("hex").slice(0, 16);`
Refactor AuthZodController to AuthController, enhancing login and password set functionalities with throttling and improved response handling. Update AuthModule to reflect controller name change and add new services. Refine AuthService to return sanitized user data and improve error logging. Enhance AuthThrottleGuard to track login attempts by IP and User Agent for better security. Clean up unused JWT guard and streamline token management in AuthTokenService. 2025-09-19 17:37:46 +09:00
Refactor error handling in various services to improve consistency and maintainability. Update user role management across authentication and user services, ensuring proper type definitions. Enhance validation schemas and streamline import/export practices in the domain and validation modules. Remove deprecated files and clean up unused code in the Salesforce integration and catalog services. 2025-09-25 13:21:11 +09:00			`const normalizedIp = ip.replace(/^::ffff:/, "");`

			`const resolvedIp = await Promise.resolve(normalizedIp);`
Refactor AuthZodController to AuthController, enhancing login and password set functionalities with throttling and improved response handling. Update AuthModule to reflect controller name change and add new services. Refine AuthService to return sanitized user data and improve error logging. Enhance AuthThrottleGuard to track login attempts by IP and User Agent for better security. Clean up unused JWT guard and streamline token management in AuthTokenService. 2025-09-19 17:37:46 +09:00			return `auth_${resolvedIp}_${userAgentHash}`;
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00			`}`
			`}`