fix: Configure trust proxy securely for Railway deployment

- Change trust proxy from 'true' to 1 (single proxy) for Railway
- This prevents express-rate-limit ERR_ERL_PERMISSIVE_TRUST_PROXY warning
- Railway uses a single reverse proxy, so trust proxy: 1 is appropriate
- Applied to both Chat Service and Knowledge Base Service

Author: StephaneWamba

services/chat/src/index.ts

@@ -36,7 +36,8 @@ const logger = createLogger('chat-service')
 const app = express()
 
 // Trust proxy (required for Railway and other reverse proxies)
-app.set('trust proxy', true)
+// Set to 1 for Railway's single reverse proxy (more secure than 'true')
+app.set('trust proxy', 1)
 
 const httpServer = createServer(app)
 const io = new Server(httpServer, {

services/knowledge-base/src/index.ts

@@ -33,7 +33,8 @@ const app = express()
 const PORT = parseInt(process.env.PORT || '4005', 10)
 
 // Trust proxy (required for Railway and other reverse proxies)
-app.set('trust proxy', true)
+// Set to 1 for Railway's single reverse proxy (more secure than 'true')
+app.set('trust proxy', 1)
 
 // Middleware
 app.use(helmet())
@@ -50,6 +51,8 @@ app.use(express.json({ limit: '50mb' })) // Larger limit for document uploads
 const limiter = rateLimit({
   windowMs: 15 * 60 * 1000, // 15 minutes
   max: 100, // limit each IP to 100 requests per windowMs
+  standardHeaders: true,
+  legacyHeaders: false,
 })
 app.use('/api/', limiter)