diff options
| author | Chocobozzz <me@florianbigard.com> | 2022-05-30 11:33:38 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2022-05-30 11:39:44 +0200 |
| commit | e5a781ec25191c0dbb4a991f25307732d798619d (patch) | |
| tree | a407404628bfeaefea24757b768a25166ca74739 /server/controllers/api/users/index.ts | |
| parent | f823637d1810351f87835db38145ef99df63e403 (diff) | |
| download | PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.tar.gz PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.tar.zst PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.zip | |
Bypass rate limits for admins and moderators
Diffstat (limited to 'server/controllers/api/users/index.ts')
| -rw-r--r-- | server/controllers/api/users/index.ts | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index e13e31aaf..46e80d56d 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
| @@ -1,5 +1,4 @@ | |||
| 1 | import express from 'express' | 1 | import express from 'express' |
| 2 | import RateLimit from 'express-rate-limit' | ||
| 3 | import { tokensRouter } from '@server/controllers/api/users/token' | 2 | import { tokensRouter } from '@server/controllers/api/users/token' |
| 4 | import { Hooks } from '@server/lib/plugins/hooks' | 3 | import { Hooks } from '@server/lib/plugins/hooks' |
| 5 | import { OAuthTokenModel } from '@server/models/oauth/oauth-token' | 4 | import { OAuthTokenModel } from '@server/models/oauth/oauth-token' |
| @@ -17,9 +16,11 @@ import { Notifier } from '../../../lib/notifier' | |||
| 17 | import { Redis } from '../../../lib/redis' | 16 | import { Redis } from '../../../lib/redis' |
| 18 | import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' | 17 | import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' |
| 19 | import { | 18 | import { |
| 19 | adminUsersSortValidator, | ||
| 20 | asyncMiddleware, | 20 | asyncMiddleware, |
| 21 | asyncRetryTransactionMiddleware, | 21 | asyncRetryTransactionMiddleware, |
| 22 | authenticate, | 22 | authenticate, |
| 23 | buildRateLimiter, | ||
| 23 | ensureUserHasRight, | 24 | ensureUserHasRight, |
| 24 | ensureUserRegistrationAllowed, | 25 | ensureUserRegistrationAllowed, |
| 25 | ensureUserRegistrationAllowedForIP, | 26 | ensureUserRegistrationAllowedForIP, |
| @@ -32,7 +33,6 @@ import { | |||
| 32 | usersListValidator, | 33 | usersListValidator, |
| 33 | usersRegisterValidator, | 34 | usersRegisterValidator, |
| 34 | usersRemoveValidator, | 35 | usersRemoveValidator, |
| 35 | adminUsersSortValidator, | ||
| 36 | usersUpdateValidator | 36 | usersUpdateValidator |
| 37 | } from '../../../middlewares' | 37 | } from '../../../middlewares' |
| 38 | import { | 38 | import { |
| @@ -54,13 +54,13 @@ import { myVideoPlaylistsRouter } from './my-video-playlists' | |||
| 54 | 54 | ||
| 55 | const auditLogger = auditLoggerFactory('users') | 55 | const auditLogger = auditLoggerFactory('users') |
| 56 | 56 | ||
| 57 | const signupRateLimiter = RateLimit({ | 57 | const signupRateLimiter = buildRateLimiter({ |
| 58 | windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, | 58 | windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS, |
| 59 | max: CONFIG.RATES_LIMIT.SIGNUP.MAX, | 59 | max: CONFIG.RATES_LIMIT.SIGNUP.MAX, |
| 60 | skipFailedRequests: true | 60 | skipFailedRequests: true |
| 61 | }) | 61 | }) |
| 62 | 62 | ||
| 63 | const askSendEmailLimiter = RateLimit({ | 63 | const askSendEmailLimiter = buildRateLimiter({ |
| 64 | windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, | 64 | windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, |
| 65 | max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX | 65 | max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX |
| 66 | }) | 66 | }) |