ademczuk 533ff3e70b fix(gateway): prevent browser rate-limit self-DoS on missing credentials ...

Stop counting missing credentials (token_missing, password_missing) as
rate-limit failures — a misconfigured browser is not a brute-force attack.
Stop auto-reconnecting on non-recoverable auth errors (missing token,
missing password, wrong password, rate-limited). Preserve device-token
fallback by allowing reconnect on token mismatch.

Includes unit tests for both fixes (12 new tests, all passing).

Continuation of #36138 (closed due to unrelated changes drifting in).

2026-03-07 23:06:50 +01:00

..

public

fix: migrate legacy gateway services

2026-01-30 04:01:31 +01:00

src

fix(gateway): prevent browser rate-limit self-DoS on missing credentials

2026-03-07 23:06:50 +01:00

index.html

revert(ui): remove UI portions of mixed commits from main

2026-02-22 13:01:22 -06:00

package.json

chore: update dependencies except carbon

2026-03-07 10:55:18 +00:00

vite.config.ts

chore: silence onboard warning noise

2026-02-26 22:47:35 +01:00

vitest.config.ts

chore: update deps and add control ui routing tests

2025-12-30 14:30:46 +01:00

vitest.node.config.ts

chore: fix vitest standalone configs and update package description (#11865)

2026-02-08 05:24:50 -08:00