From c1340a6ac35f924161e6ec2a1d728e20c89e55c8 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 4 Jul 2019 16:42:40 +0200 Subject: Add rate limit to registration and API endpoints --- server/initializers/config.ts | 8 ++++++++ server/initializers/constants.ts | 14 -------------- 2 files changed, 8 insertions(+), 14 deletions(-) (limited to 'server/initializers') diff --git a/server/initializers/config.ts b/server/initializers/config.ts index bb278ba43..eefb45fb9 100644 --- a/server/initializers/config.ts +++ b/server/initializers/config.ts @@ -72,6 +72,14 @@ const CONFIG = { PORT: config.get('webserver.port') }, RATES_LIMIT: { + API: { + WINDOW_MS: parseDurationToMs(config.get('rates_limit.api.window')), + MAX: config.get('rates_limit.api.max') + }, + SIGNUP: { + WINDOW_MS: parseDurationToMs(config.get('rates_limit.signup.window')), + MAX: config.get('rates_limit.signup.max') + }, LOGIN: { WINDOW_MS: parseDurationToMs(config.get('rates_limit.login.window')), MAX: config.get('rates_limit.login.max') diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index 500f8770a..abd9c2003 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts @@ -280,17 +280,6 @@ let CONSTRAINTS_FIELDS = { } } -const RATES_LIMIT = { - LOGIN: { - WINDOW_MS: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, - MAX: CONFIG.RATES_LIMIT.LOGIN.MAX - }, - ASK_SEND_EMAIL: { - WINDOW_MS: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, - MAX: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX - } -} - let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour let CONTACT_FORM_LIFETIME = 60000 * 60 // 1 hour @@ -624,8 +613,6 @@ if (isTestInstance() === true) { FILES_CACHE.VIDEO_CAPTIONS.MAX_AGE = 3000 MEMOIZE_TTL.OVERVIEWS_SAMPLE = 1 ROUTE_CACHE_LIFETIME.OVERVIEWS.VIDEOS = '0ms' - - RATES_LIMIT.LOGIN.MAX = 20 } updateWebserverUrls() @@ -696,7 +683,6 @@ export { SCHEDULER_INTERVALS_MS, REPEAT_JOBS, STATIC_DOWNLOAD_PATHS, - RATES_LIMIT, MIMETYPES, CRAWL_REQUEST_CONCURRENCY, DEFAULT_AUDIO_RESOLUTION, -- cgit v1.2.3