import { Router } from 'express'; import * as controller from '../controllers/consent-public.controller.js'; import { publicConsentRateLimiter } from '../middleware/rateLimit.js'; const router = Router(); // Öffentliche Routes - KEINE Authentifizierung erforderlich. // Rate-Limit gegen DoS – siehe publicConsentRateLimiter // (Pentest 2026-05-20 INFO 28.4). router.use(publicConsentRateLimiter); router.get('/:hash', controller.getConsentPage); router.post('/:hash/grant', controller.grantAllConsents); router.get('/:hash/pdf', controller.getConsentPdf); export default router;