]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blobdiff - server/initializers/constants.ts
projects / github / Chocobozzz / PeerTube.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevent brute force login attack
[github/Chocobozzz/PeerTube.git] / server / initializers / constants.ts
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index 284acf8f313889c64c845befd762cc7445c68f62..986fed09955cdb706b283d8d0f56ffee52c66ad8 100644 (file)
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -127,6 +127,7 @@ const CONFIG = {
     URL: '',
     HOST: ''
   },
+  TRUST_PROXY: config.get<string[]>('trust_proxy'),
   LOG: {
     LEVEL: config.get<string>('log.level')
   },
@@ -234,6 +235,13 @@ const CONSTRAINTS_FIELDS = {
   }
 }
 
+const RATES_LIMIT = {
+  LOGIN: {
+    WINDOW_MS: 5 * 60 * 1000, // 5 minutes
+    MAX: 10 // 10 attempts
+  }
+}
+
 let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour
 const VIDEO_TRANSCODING_FPS = {
   MIN: 10,
@@ -468,6 +476,7 @@ export {
   USER_PASSWORD_RESET_LIFETIME,
   IMAGE_MIMETYPE_EXT,
   SCHEDULER_INTERVAL,
+  RATES_LIMIT,
   JOB_COMPLETED_LIFETIME,
   VIDEO_VIEW_LIFETIME
 }
ActivityPub-federated video streaming platform using P2P directly in your web browser