]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
490b595a | 2 | |
41d1d075 | 3 | import { expect } from 'chai' |
c0e8b12e | 4 | import { HttpStatusCode } from '@shared/models' |
254d3579 | 5 | import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers, wait } from '@shared/extra-utils' |
490b595a C |
6 | |
7 | describe('Test application behind a reverse proxy', function () { | |
254d3579 | 8 | let server: PeerTubeServer |
d23dd9fb | 9 | let videoId: string |
490b595a C |
10 | |
11 | before(async function () { | |
12 | this.timeout(30000) | |
c1340a6a C |
13 | |
14 | const config = { | |
15 | rates_limit: { | |
16 | api: { | |
17 | max: 50, | |
18 | window: 5000 | |
19 | }, | |
20 | signup: { | |
21 | max: 3, | |
22 | window: 5000 | |
23 | }, | |
24 | login: { | |
25 | max: 20 | |
26 | } | |
27 | }, | |
28 | signup: { | |
29 | limit: 20 | |
30 | } | |
31 | } | |
32 | ||
254d3579 | 33 | server = await createSingleServer(1, config) |
490b595a C |
34 | await setAccessTokensToServers([ server ]) |
35 | ||
89d241a7 | 36 | const { uuid } = await server.videos.upload() |
d23dd9fb | 37 | videoId = uuid |
490b595a C |
38 | }) |
39 | ||
40 | it('Should view a video only once with the same IP by default', async function () { | |
6b616860 C |
41 | this.timeout(20000) |
42 | ||
89d241a7 C |
43 | await server.videos.view({ id: videoId }) |
44 | await server.videos.view({ id: videoId }) | |
490b595a | 45 | |
6b616860 C |
46 | // Wait the repeatable job |
47 | await wait(8000) | |
48 | ||
89d241a7 | 49 | const video = await server.videos.get({ id: videoId }) |
d23dd9fb | 50 | expect(video.views).to.equal(1) |
490b595a C |
51 | }) |
52 | ||
53 | it('Should view a video 2 times with the X-Forwarded-For header set', async function () { | |
6b616860 C |
54 | this.timeout(20000) |
55 | ||
89d241a7 C |
56 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.1,127.0.0.1' }) |
57 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.2,127.0.0.1' }) | |
490b595a | 58 | |
6b616860 C |
59 | // Wait the repeatable job |
60 | await wait(8000) | |
61 | ||
89d241a7 | 62 | const video = await server.videos.get({ id: videoId }) |
d23dd9fb | 63 | expect(video.views).to.equal(3) |
490b595a C |
64 | }) |
65 | ||
66 | it('Should view a video only once with the same client IP in the X-Forwarded-For header', async function () { | |
6b616860 C |
67 | this.timeout(20000) |
68 | ||
89d241a7 C |
69 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.4,0.0.0.3,::ffff:127.0.0.1' }) |
70 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.5,0.0.0.3,127.0.0.1' }) | |
490b595a | 71 | |
6b616860 C |
72 | // Wait the repeatable job |
73 | await wait(8000) | |
74 | ||
89d241a7 | 75 | const video = await server.videos.get({ id: videoId }) |
d23dd9fb | 76 | expect(video.views).to.equal(4) |
490b595a C |
77 | }) |
78 | ||
79 | it('Should view a video two times with a different client IP in the X-Forwarded-For header', async function () { | |
6b616860 C |
80 | this.timeout(20000) |
81 | ||
89d241a7 C |
82 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.8,0.0.0.6,127.0.0.1' }) |
83 | await server.videos.view({ id: videoId, xForwardedFor: '0.0.0.8,0.0.0.7,127.0.0.1' }) | |
490b595a | 84 | |
6b616860 C |
85 | // Wait the repeatable job |
86 | await wait(8000) | |
87 | ||
89d241a7 | 88 | const video = await server.videos.get({ id: videoId }) |
d23dd9fb | 89 | expect(video.views).to.equal(6) |
490b595a C |
90 | }) |
91 | ||
92 | it('Should rate limit logins', async function () { | |
93 | const user = { username: 'root', password: 'fail' } | |
94 | ||
e79d0ba5 | 95 | for (let i = 0; i < 19; i++) { |
89d241a7 | 96 | await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
490b595a C |
97 | } |
98 | ||
89d241a7 | 99 | await server.login.login({ user, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 }) |
490b595a C |
100 | }) |
101 | ||
c1340a6a | 102 | it('Should rate limit signup', async function () { |
2fa9c40e C |
103 | for (let i = 0; i < 10; i++) { |
104 | try { | |
89d241a7 | 105 | await server.users.register({ username: 'test' + i }) |
2fa9c40e C |
106 | } catch { |
107 | // empty | |
108 | } | |
c1340a6a C |
109 | } |
110 | ||
89d241a7 | 111 | await server.users.register({ username: 'test42', expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 }) |
c1340a6a C |
112 | }) |
113 | ||
114 | it('Should not rate limit failed signup', async function () { | |
115 | this.timeout(30000) | |
116 | ||
117 | await wait(7000) | |
118 | ||
119 | for (let i = 0; i < 3; i++) { | |
89d241a7 | 120 | await server.users.register({ username: 'test' + i, expectedStatus: HttpStatusCode.CONFLICT_409 }) |
c1340a6a C |
121 | } |
122 | ||
89d241a7 | 123 | await server.users.register({ username: 'test43', expectedStatus: HttpStatusCode.NO_CONTENT_204 }) |
c1340a6a C |
124 | |
125 | }) | |
126 | ||
127 | it('Should rate limit API calls', async function () { | |
128 | this.timeout(30000) | |
129 | ||
130 | await wait(7000) | |
131 | ||
c1e5bd23 C |
132 | for (let i = 0; i < 100; i++) { |
133 | try { | |
89d241a7 | 134 | await server.videos.get({ id: videoId }) |
c1e5bd23 C |
135 | } catch { |
136 | // don't care if it fails | |
137 | } | |
c1340a6a C |
138 | } |
139 | ||
89d241a7 | 140 | await server.videos.get({ id: videoId, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 }) |
c1340a6a C |
141 | }) |
142 | ||
7c3b7976 C |
143 | after(async function () { |
144 | await cleanupTests([ server ]) | |
490b595a C |
145 | }) |
146 | }) |