update rate limits

Author: AnthonyGress

backend/src/middleware/rate-limiter.ts

@@ -2,7 +2,7 @@ import rateLimit from 'express-rate-limit';
 
 // General API rate limiter - used as the default
 export const generalLimiter = rateLimit({
-    windowMs: 5 * 60 * 1000, // 15 minutes
+    windowMs: 5 * 60 * 1000, // 5 minutes
     max: 500,
     standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
     legacyHeaders: false, // Disable the `X-RateLimit-*` headers
@@ -11,11 +11,11 @@ export const generalLimiter = rateLimit({
 
 // Auth endpoints rate limiter - more restrictive for security
 export const authLimiter = rateLimit({
-    windowMs: 15 * 60 * 1000, // 15 minutes
+    windowMs: 5 * 60 * 1000, // 5 minutes
     max: 50, // Limit each IP to 50 auth requests per window
     standardHeaders: true,
     legacyHeaders: false,
-    message: 'Too many authentication attempts from this IP, please try again after 15 minutes'
+    message: 'Too many authentication attempts, please try again after 5 minutes'
 });
 
 // Internal/External API endpoints rate limiter - to prevent overwhelming third-party services
@@ -24,16 +24,16 @@ export const apiLimiter = rateLimit({
     max: 200,
     standardHeaders: true,
     legacyHeaders: false,
-    message: 'Too many API requests from this IP, please try again after 5 minutes'
+    message: 'Too many API requests, please try again after 5 minutes'
 });
 
 // Health check endpoints limiter - higher limits for monitoring tools
 export const healthLimiter = rateLimit({
-    windowMs: 60 * 1000, // 1 minute
-    max: 500,
+    windowMs: 30 * 1000,
+    max: 1000,
     standardHeaders: true,
     legacyHeaders: false,
-    message: 'Health check rate limit exceeded, please reduce frequency'
+    message: 'Health check rate limit exceeded, please try again later'
 });
 
 // Weather API specific limiter - weather APIs often have strict rate limits