mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
added rate limit on server side for file uploads
This commit is contained in:
parent
a6aea41fb1
commit
8590af3e49
4 changed files with 18 additions and 0 deletions
|
@ -1,13 +1,21 @@
|
|||
SecurityManager = require('../../managers/SecurityManager')
|
||||
AuthenticationController = require('../Authentication/AuthenticationController')
|
||||
ProjectUploadController = require "./ProjectUploadController"
|
||||
RateLimiterMiddlewear = require('../Security/RateLimiterMiddlewear')
|
||||
|
||||
module.exports =
|
||||
apply: (webRouter, apiRouter) ->
|
||||
webRouter.post '/project/new/upload',
|
||||
AuthenticationController.requireLogin(),
|
||||
ProjectUploadController.uploadProject
|
||||
|
||||
webRouter.post '/Project/:Project_id/upload',
|
||||
RateLimiterMiddlewear.rateLimit({
|
||||
endpointName: "file-upload"
|
||||
params: ["Project_id"]
|
||||
maxRequests: 100
|
||||
timeInterval: 60 * 20
|
||||
}),
|
||||
SecurityManager.requestCanModifyProject,
|
||||
ProjectUploadController.uploadFile
|
||||
|
||||
|
|
|
@ -356,6 +356,7 @@ script(type="text/ng-template", id="uploadFileModalTemplate")
|
|||
h3 #{translate("upload_files")}
|
||||
span
|
||||
.alert.alert-warning.small(ng-if="tooManyFiles") #{translate("maximum_files_uploaded_together", {max:"{{max_files}}"})}
|
||||
.alert.alert-warning.small(ng-if="rateLimitHit") Too many files uploaded, your uploads have been throttled for short period.
|
||||
|
||||
.modal-body(
|
||||
fine-upload
|
||||
|
@ -369,6 +370,7 @@ script(type="text/ng-template", id="uploadFileModalTemplate")
|
|||
on-complete-callback="onComplete"
|
||||
on-upload-callback="onUpload"
|
||||
on-validate-batch="onValidateBatch"
|
||||
on-error-callback="onError"
|
||||
params="{'folder_id': parent_folder_id}"
|
||||
)
|
||||
span #{translate("upload_files")}
|
||||
|
|
|
@ -15,6 +15,7 @@ define [
|
|||
onCompleteCallback: "="
|
||||
onUploadCallback: "="
|
||||
onValidateBatch: "="
|
||||
onErrorCallback: "="
|
||||
params: "="
|
||||
}
|
||||
link: (scope, element, attrs) ->
|
||||
|
@ -34,6 +35,7 @@ define [
|
|||
|
||||
onComplete = scope.onCompleteCallback or () ->
|
||||
onUpload = scope.onUploadCallback or () ->
|
||||
onError = scope.onErrorCallback or () ->
|
||||
onValidateBatch = scope.onValidateBatch or () ->
|
||||
params = scope.params or {}
|
||||
params._csrf = window.csrfToken
|
||||
|
@ -52,6 +54,7 @@ define [
|
|||
onComplete: onComplete
|
||||
onUpload: onUpload
|
||||
onValidateBatch: onValidateBatch
|
||||
onError: onError
|
||||
text: text
|
||||
template: """
|
||||
<div class="qq-uploader">
|
||||
|
|
|
@ -103,6 +103,8 @@ define [
|
|||
($scope, ide, $modalInstance, $timeout, parent_folder) ->
|
||||
$scope.parent_folder_id = parent_folder?.id
|
||||
$scope.tooManyFiles = false
|
||||
$scope.rateLimitHit = false
|
||||
|
||||
uploadCount = 0
|
||||
$scope.onUpload = () ->
|
||||
uploadCount++
|
||||
|
@ -124,6 +126,9 @@ define [
|
|||
else
|
||||
return true
|
||||
|
||||
$scope.onError = (id, name, reason)->
|
||||
if reason.indexOf("429") != -1
|
||||
$scope.rateLimitHit = true
|
||||
|
||||
$scope.cancel = () ->
|
||||
$modalInstance.dismiss('cancel')
|
||||
|
|
Loading…
Reference in a new issue