michal/mcpctl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cde1c59fd62e98621d4ce69e189f020048cd4dc1
mcpctl/src/mcpd/src/middleware/security.ts
Michal 47f10f62c7 feat: implement mcpd core server framework with Fastify 
Add Fastify server with config validation (Zod), health/healthz endpoints,
auth middleware (Bearer token + session lookup), security plugins (CORS,
Helmet, rate limiting), error handler, audit logging, and graceful shutdown.
36 tests passing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-21 04:35:00 +00:00

25 lines
665 B
TypeScript
Raw Blame History

import type { FastifyInstance } from 'fastify';
import cors from '@fastify/cors';
import helmet from '@fastify/helmet';
import rateLimit from '@fastify/rate-limit';
import type { McpdConfig } from '../config/index.js';
export async function registerSecurityPlugins(
app: FastifyInstance,
config: McpdConfig,
): Promise<void> {
await app.register(cors, {
origin: config.corsOrigins,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'],
});
await app.register(helmet, {
contentSecurityPolicy: false, // API server, no HTML
});
await app.register(rateLimit, {
max: config.rateLimitMax,
timeWindow: config.rateLimitWindowMs,
});
}
Reference in New Issue View Git Blame Copy Permalink