diff options
author | Chocobozzz <me@florianbigard.com> | 2023-06-20 14:17:34 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2023-06-20 14:17:34 +0200 |
commit | e915cde30ec47258a2beeec5ca748c928b59858c (patch) | |
tree | f5692ab20c534a61487f3bd471bb6105ed58d88a /server/middlewares | |
parent | 923e41fa4f342019298b46e407ea1f0207f74205 (diff) | |
download | PeerTube-e915cde30ec47258a2beeec5ca748c928b59858c.tar.gz PeerTube-e915cde30ec47258a2beeec5ca748c928b59858c.tar.zst PeerTube-e915cde30ec47258a2beeec5ca748c928b59858c.zip |
Fix runner api rate limit bypass
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/rate-limiter.ts | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/server/middlewares/rate-limiter.ts b/server/middlewares/rate-limiter.ts index 0e936028c..8257965dd 100644 --- a/server/middlewares/rate-limiter.ts +++ b/server/middlewares/rate-limiter.ts | |||
@@ -1,5 +1,6 @@ | |||
1 | import express from 'express' | 1 | import express from 'express' |
2 | import RateLimit, { Options as RateLimitHandlerOptions } from 'express-rate-limit' | 2 | import RateLimit, { Options as RateLimitHandlerOptions } from 'express-rate-limit' |
3 | import { CONFIG } from '@server/initializers/config' | ||
3 | import { RunnerModel } from '@server/models/runner/runner' | 4 | import { RunnerModel } from '@server/models/runner/runner' |
4 | import { UserRole } from '@shared/models' | 5 | import { UserRole } from '@shared/models' |
5 | import { optionalAuthenticate } from './auth' | 6 | import { optionalAuthenticate } from './auth' |
@@ -39,6 +40,11 @@ export function buildRateLimiter (options: { | |||
39 | }) | 40 | }) |
40 | } | 41 | } |
41 | 42 | ||
43 | export const apiRateLimiter = buildRateLimiter({ | ||
44 | windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS, | ||
45 | max: CONFIG.RATES_LIMIT.API.MAX | ||
46 | }) | ||
47 | |||
42 | // --------------------------------------------------------------------------- | 48 | // --------------------------------------------------------------------------- |
43 | // Private | 49 | // Private |
44 | // --------------------------------------------------------------------------- | 50 | // --------------------------------------------------------------------------- |