overleaf/services/web/app/coffee/Features/Security/LoginRateLimiter.coffee

24 lines
667 B
CoffeeScript
Raw Normal View History

2014-02-12 05:23:40 -05:00
Settings = require('settings-sharelatex')
redis = require('redis')
rclient = redis.createClient(Settings.redis.web.port, Settings.redis.web.host)
rclient.auth(Settings.redis.web.password)
buildKey = (k)->
return "LoginRateLimit:#{k}"
ONE_MIN = 60
ATTEMPT_LIMIT = 10
module.exports =
processLoginRequest: (email, callback)->
multi = rclient.multi()
multi.incr(buildKey(email))
multi.get(buildKey(email))
multi.expire(buildKey(email), ONE_MIN * 2)
multi.exec (err, results)->
loginCount = results[1]
allow = loginCount <= ATTEMPT_LIMIT
callback err, allow
recordSuccessfulLogin: (email, callback = ->)->
rclient.del buildKey(email), callback