diff options
author | Chocobozzz <me@florianbigard.com> | 2022-05-30 11:33:38 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2022-05-30 11:39:44 +0200 |
commit | e5a781ec25191c0dbb4a991f25307732d798619d (patch) | |
tree | a407404628bfeaefea24757b768a25166ca74739 /server/middlewares/rate-limiter.ts | |
parent | f823637d1810351f87835db38145ef99df63e403 (diff) | |
download | PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.tar.gz PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.tar.zst PeerTube-e5a781ec25191c0dbb4a991f25307732d798619d.zip |
Bypass rate limits for admins and moderators
Diffstat (limited to 'server/middlewares/rate-limiter.ts')
-rw-r--r-- | server/middlewares/rate-limiter.ts | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/server/middlewares/rate-limiter.ts b/server/middlewares/rate-limiter.ts new file mode 100644 index 000000000..bc9513969 --- /dev/null +++ b/server/middlewares/rate-limiter.ts | |||
@@ -0,0 +1,31 @@ | |||
1 | import { UserRole } from '@shared/models' | ||
2 | import RateLimit from 'express-rate-limit' | ||
3 | import { optionalAuthenticate } from './auth' | ||
4 | |||
5 | const whitelistRoles = new Set([ UserRole.ADMINISTRATOR, UserRole.MODERATOR ]) | ||
6 | |||
7 | function buildRateLimiter (options: { | ||
8 | windowMs: number | ||
9 | max: number | ||
10 | skipFailedRequests?: boolean | ||
11 | }) { | ||
12 | return RateLimit({ | ||
13 | windowMs: options.windowMs, | ||
14 | max: options.max, | ||
15 | skipFailedRequests: options.skipFailedRequests, | ||
16 | |||
17 | handler: (req, res, next, options) => { | ||
18 | return optionalAuthenticate(req, res, () => { | ||
19 | if (res.locals.authenticated === true && whitelistRoles.has(res.locals.oauth.token.User.role)) { | ||
20 | return next() | ||
21 | } | ||
22 | |||
23 | return res.status(options.statusCode).send(options.message) | ||
24 | }) | ||
25 | } | ||
26 | }) | ||
27 | } | ||
28 | |||
29 | export { | ||
30 | buildRateLimiter | ||
31 | } | ||