diff options
author | Chocobozzz <me@florianbigard.com> | 2019-07-04 16:42:40 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2019-07-04 16:42:40 +0200 |
commit | c1340a6ac35f924161e6ec2a1d728e20c89e55c8 (patch) | |
tree | 8f0a6b72b36be586422002039720d3a08309cbea /server/controllers/api/index.ts | |
parent | fd0bfc3ac43eb0c0c2ac0b21bc2e0670f546384f (diff) | |
download | PeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.tar.gz PeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.tar.zst PeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.zip |
Add rate limit to registration and API endpoints
Diffstat (limited to 'server/controllers/api/index.ts')
-rw-r--r-- | server/controllers/api/index.ts | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/server/controllers/api/index.ts b/server/controllers/api/index.ts index 60a84036e..ea2615e28 100644 --- a/server/controllers/api/index.ts +++ b/server/controllers/api/index.ts | |||
@@ -1,4 +1,5 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import * as RateLimit from 'express-rate-limit' | ||
2 | import { configRouter } from './config' | 3 | import { configRouter } from './config' |
3 | import { jobsRouter } from './jobs' | 4 | import { jobsRouter } from './jobs' |
4 | import { oauthClientsRouter } from './oauth-clients' | 5 | import { oauthClientsRouter } from './oauth-clients' |
@@ -12,6 +13,7 @@ import * as cors from 'cors' | |||
12 | import { searchRouter } from './search' | 13 | import { searchRouter } from './search' |
13 | import { overviewsRouter } from './overviews' | 14 | import { overviewsRouter } from './overviews' |
14 | import { videoPlaylistRouter } from './video-playlist' | 15 | import { videoPlaylistRouter } from './video-playlist' |
16 | import { CONFIG } from '../../initializers/config' | ||
15 | 17 | ||
16 | const apiRouter = express.Router() | 18 | const apiRouter = express.Router() |
17 | 19 | ||
@@ -21,6 +23,14 @@ apiRouter.use(cors({ | |||
21 | credentials: true | 23 | credentials: true |
22 | })) | 24 | })) |
23 | 25 | ||
26 | // FIXME: https://github.com/nfriedly/express-rate-limit/issues/138 | ||
27 | // @ts-ignore | ||
28 | const apiRateLimiter = RateLimit({ | ||
29 | windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS, | ||
30 | max: CONFIG.RATES_LIMIT.API.MAX | ||
31 | }) | ||
32 | apiRouter.use(apiRateLimiter) | ||
33 | |||
24 | apiRouter.use('/server', serverRouter) | 34 | apiRouter.use('/server', serverRouter) |
25 | apiRouter.use('/oauth-clients', oauthClientsRouter) | 35 | apiRouter.use('/oauth-clients', oauthClientsRouter) |
26 | apiRouter.use('/config', configRouter) | 36 | apiRouter.use('/config', configRouter) |