mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
add api rate limiting based on client_ip url param
GitOrigin-RevId: 2fffcce053d5bf452508774b555959610db9a2c7
This commit is contained in:
parent
9af55a11f7
commit
77b7b03ead
2 changed files with 25 additions and 42 deletions
|
@ -1,34 +1,30 @@
|
|||
/* eslint-disable
|
||||
max-len,
|
||||
*/
|
||||
// TODO: This file was created by bulk-decaffeinate.
|
||||
// Fix any style issues and re-enable lint.
|
||||
/*
|
||||
* decaffeinate suggestions:
|
||||
* DS102: Remove unnecessary code created because of implicit returns
|
||||
* DS207: Consider shorter variations of null checks
|
||||
* Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
|
||||
*/
|
||||
const RateLimiter = require('../../infrastructure/RateLimiter')
|
||||
const { promisifyAll } = require('../../util/promises')
|
||||
|
||||
const ONE_MIN = 60
|
||||
const ATTEMPT_LIMIT = 10
|
||||
|
||||
module.exports = {
|
||||
processLoginRequest(email, callback) {
|
||||
const opts = {
|
||||
endpointName: 'login',
|
||||
throttle: ATTEMPT_LIMIT,
|
||||
timeInterval: ONE_MIN * 2,
|
||||
subjectName: email
|
||||
}
|
||||
RateLimiter.addCount(opts, (err, shouldAllow) => callback(err, shouldAllow))
|
||||
},
|
||||
|
||||
recordSuccessfulLogin(email, callback) {
|
||||
if (callback == null) {
|
||||
callback = function() {}
|
||||
}
|
||||
RateLimiter.clearRateLimit('login', email, callback)
|
||||
function processLoginRequest(email, callback) {
|
||||
const opts = {
|
||||
endpointName: 'login',
|
||||
throttle: ATTEMPT_LIMIT,
|
||||
timeInterval: ONE_MIN * 2,
|
||||
subjectName: email
|
||||
}
|
||||
RateLimiter.addCount(opts, (err, shouldAllow) => callback(err, shouldAllow))
|
||||
}
|
||||
|
||||
function recordSuccessfulLogin(email, callback) {
|
||||
if (callback == null) {
|
||||
callback = function() {}
|
||||
}
|
||||
RateLimiter.clearRateLimit('login', email, callback)
|
||||
}
|
||||
|
||||
const LoginRateLimiter = {
|
||||
processLoginRequest,
|
||||
recordSuccessfulLogin
|
||||
}
|
||||
LoginRateLimiter.promises = promisifyAll(LoginRateLimiter)
|
||||
|
||||
module.exports = LoginRateLimiter
|
||||
|
|
|
@ -1,16 +1,3 @@
|
|||
/* eslint-disable
|
||||
handle-callback-err,
|
||||
max-len,
|
||||
no-unused-vars,
|
||||
*/
|
||||
// TODO: This file was created by bulk-decaffeinate.
|
||||
// Fix any style issues and re-enable lint.
|
||||
/*
|
||||
* decaffeinate suggestions:
|
||||
* DS102: Remove unnecessary code created because of implicit returns
|
||||
* DS207: Consider shorter variations of null checks
|
||||
* Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
|
||||
*/
|
||||
const settings = require('settings-sharelatex')
|
||||
const Metrics = require('metrics-sharelatex')
|
||||
const RedisWrapper = require('./RedisWrapper')
|
||||
|
@ -24,7 +11,7 @@ const RateLimiter = {
|
|||
return callback(null, true)
|
||||
}
|
||||
if (callback == null) {
|
||||
callback = function(err, shouldProcess) {}
|
||||
callback = function() {}
|
||||
}
|
||||
const namespace = `RateLimit:${opts.endpointName}:`
|
||||
const k = `{${opts.subjectName}}`
|
||||
|
@ -35,7 +22,7 @@ const RateLimiter = {
|
|||
maxInInterval: opts.throttle
|
||||
})
|
||||
limiter(k, function(err, timeLeft, actionsLeft) {
|
||||
if (err != null) {
|
||||
if (err) {
|
||||
return callback(err)
|
||||
}
|
||||
const allowed = timeLeft === 0
|
||||
|
|
Loading…
Reference in a new issue