From 9e0fce447deae456b76b0c937f392664c5c24387 Mon Sep 17 00:00:00 2001
From: withsang <jsa5115@naver.com>
Date: Mon, 25 Sep 2023 00:30:53 +0900
Subject: [PATCH] Fix: set express to trust proxy

---
 app.js                       | 3 +++
 src/middlewares/limitRate.js | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/app.js b/app.js
index 689de7a9..3394dec0 100644
--- a/app.js
+++ b/app.js
@@ -19,6 +19,9 @@ connectDatabase();
 app.use(express.urlencoded({ extended: false }));
 app.use(express.json());
 
+// reverse proxy가 설정한 헤더를 신뢰합니다.
+app.set("trust proxy", true);
+
 // [Middleware] CORS 설정
 app.use(require("./src/middlewares/cors"));
 
diff --git a/src/middlewares/limitRate.js b/src/middlewares/limitRate.js
index b218b0ba..4cba6af3 100644
--- a/src/middlewares/limitRate.js
+++ b/src/middlewares/limitRate.js
@@ -2,7 +2,7 @@ const rateLimit = require("express-rate-limit");
 
 const limiter = rateLimit({
   windowMs: 15 * 60 * 1000, // 15 minutes
-  max: 1500, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
+  max: 1500, // Limit each IP to 1500 requests per `window` (here, per 15 minutes)
   standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
   legacyHeaders: false, // Disable the `X-RateLimit-*` headers
 });