aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers/api/index.ts
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2019-07-04 16:42:40 +0200
committerChocobozzz <me@florianbigard.com>2019-07-04 16:42:40 +0200
commitc1340a6ac35f924161e6ec2a1d728e20c89e55c8 (patch)
tree8f0a6b72b36be586422002039720d3a08309cbea /server/controllers/api/index.ts
parentfd0bfc3ac43eb0c0c2ac0b21bc2e0670f546384f (diff)
downloadPeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.tar.gz
PeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.tar.zst
PeerTube-c1340a6ac35f924161e6ec2a1d728e20c89e55c8.zip
Add rate limit to registration and API endpoints
Diffstat (limited to 'server/controllers/api/index.ts')
-rw-r--r--server/controllers/api/index.ts10
1 files changed, 10 insertions, 0 deletions
diff --git a/server/controllers/api/index.ts b/server/controllers/api/index.ts
index 60a84036e..ea2615e28 100644
--- a/server/controllers/api/index.ts
+++ b/server/controllers/api/index.ts
@@ -1,4 +1,5 @@
1import * as express from 'express' 1import * as express from 'express'
2import * as RateLimit from 'express-rate-limit'
2import { configRouter } from './config' 3import { configRouter } from './config'
3import { jobsRouter } from './jobs' 4import { jobsRouter } from './jobs'
4import { oauthClientsRouter } from './oauth-clients' 5import { oauthClientsRouter } from './oauth-clients'
@@ -12,6 +13,7 @@ import * as cors from 'cors'
12import { searchRouter } from './search' 13import { searchRouter } from './search'
13import { overviewsRouter } from './overviews' 14import { overviewsRouter } from './overviews'
14import { videoPlaylistRouter } from './video-playlist' 15import { videoPlaylistRouter } from './video-playlist'
16import { CONFIG } from '../../initializers/config'
15 17
16const apiRouter = express.Router() 18const apiRouter = express.Router()
17 19
@@ -21,6 +23,14 @@ apiRouter.use(cors({
21 credentials: true 23 credentials: true
22})) 24}))
23 25
26// FIXME: https://github.com/nfriedly/express-rate-limit/issues/138
27// @ts-ignore
28const apiRateLimiter = RateLimit({
29 windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS,
30 max: CONFIG.RATES_LIMIT.API.MAX
31})
32apiRouter.use(apiRateLimiter)
33
24apiRouter.use('/server', serverRouter) 34apiRouter.use('/server', serverRouter)
25apiRouter.use('/oauth-clients', oauthClientsRouter) 35apiRouter.use('/oauth-clients', oauthClientsRouter)
26apiRouter.use('/config', configRouter) 36apiRouter.use('/config', configRouter)