Add rate limit to registration and API endpoints

2 files changed, 8 insertions, 14 deletions

diff --git a/server/initializers/config.ts b/server/initializers/config.ts
index bb278ba43..eefb45fb9 100644
--- a/server/initializers/config.ts
+++ b/server/initializers/config.ts
@@ -72,6 +72,14 @@ const CONFIG = {
     PORT: config.get<number>('webserver.port')
   },
   RATES_LIMIT: {
+    API: {
+      WINDOW_MS: parseDurationToMs(config.get<string>('rates_limit.api.window')),
+      MAX: config.get<number>('rates_limit.api.max')
+    },
+    SIGNUP: {
+      WINDOW_MS: parseDurationToMs(config.get<string>('rates_limit.signup.window')),
+      MAX: config.get<number>('rates_limit.signup.max')
+    },
     LOGIN: {
       WINDOW_MS: parseDurationToMs(config.get<string>('rates_limit.login.window')),
       MAX: config.get<number>('rates_limit.login.max')
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index 500f8770a..abd9c2003 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -280,17 +280,6 @@ let CONSTRAINTS_FIELDS = {
   }
 }
 
-const RATES_LIMIT = {
-  LOGIN: {
-    WINDOW_MS: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS,
-    MAX: CONFIG.RATES_LIMIT.LOGIN.MAX
-  },
-  ASK_SEND_EMAIL: {
-    WINDOW_MS: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS,
-    MAX: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX
-  }
-}
-
 let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour
 let CONTACT_FORM_LIFETIME = 60000 * 60 // 1 hour
 
@@ -624,8 +613,6 @@ if (isTestInstance() === true) {
   FILES_CACHE.VIDEO_CAPTIONS.MAX_AGE = 3000
   MEMOIZE_TTL.OVERVIEWS_SAMPLE = 1
   ROUTE_CACHE_LIFETIME.OVERVIEWS.VIDEOS = '0ms'
-
-  RATES_LIMIT.LOGIN.MAX = 20
 }
 
 updateWebserverUrls()
@@ -696,7 +683,6 @@ export {
   SCHEDULER_INTERVALS_MS,
   REPEAT_JOBS,
   STATIC_DOWNLOAD_PATHS,
-  RATES_LIMIT,
   MIMETYPES,
   CRAWL_REQUEST_CONCURRENCY,
   DEFAULT_AUDIO_RESOLUTION,