mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-24 05:11:49 +00:00
Merge pull request #16000 from overleaf/jpa-web-join-project-rate-limit-per-user-id
[web] apply rate limit for joinProject per user-id and project-id GitOrigin-RevId: d03a81f4ff55d9a8f6d4ea4ca3633e3682e6dacb
This commit is contained in:
parent
de945a432d
commit
a523283559
2 changed files with 3 additions and 1 deletions
|
@ -58,7 +58,7 @@ const unsupportedSpellcheckLanguages = [
|
|||
|
||||
async function joinProject(req, res, next) {
|
||||
const projectId = req.params.Project_id
|
||||
let userId = req.query.user_id
|
||||
let userId = req.query.user_id // keep schema in sync with router
|
||||
if (userId === 'anonymous-user') {
|
||||
userId = null
|
||||
}
|
||||
|
|
|
@ -70,6 +70,8 @@ module.exports = {
|
|||
AuthenticationController.requirePrivateApiAuth(),
|
||||
RateLimiterMiddleware.rateLimit(rateLimiters.joinProject, {
|
||||
params: ['Project_id'],
|
||||
// keep schema in sync with controller
|
||||
getUserId: req => req.query.user_id,
|
||||
}),
|
||||
EditorHttpController.joinProject
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue