feat(server): add Redis-based rate limiting middleware

Store Redis client in AppState instead of discarding it. Create rate_limit middleware using Redis INCR + EXPIRE for fixed-window counting. Apply user-based rate limiting (100 req/min) to all protected routes. Graceful degradation when Redis is unavailable.
2026-04-11 23:58:54 +08:00
parent db2cd24259
commit 529d90ff46
4 changed files with 128 additions and 3 deletions
--- a/crates/erp-server/src/middleware/mod.rs
+++ b/crates/erp-server/src/middleware/mod.rs
@@ -0,0 +1 @@
+pub mod rate_limit;