github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-02-17 00:24:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #4166 from overleaf/sk-analytics-rate-limit

Browse source 
Analytics: add rate-limiter to analytics api
GitOrigin-RevId: c58843a2c693b5276e962cc23d701b960e82f186
This commit is contained in:
Shane Kilkelly 2021-06-11 09:40:08 +01:00 committed by Copybot
parent bd24e523e3
commit c0d3b776e2
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
services/web/app/src/Features/Analytics/AnalyticsRouter.js
View file

@ -1,22 +1,39 @@
const AuthenticationController = require('./../Authentication/AuthenticationController') const AuthenticationController = require('./../Authentication/AuthenticationController')
const AnalyticsController = require('./AnalyticsController') const AnalyticsController = require('./AnalyticsController')
const AnalyticsProxy = require('./AnalyticsProxy') const AnalyticsProxy = require('./AnalyticsProxy')
const RateLimiterMiddleware = require('./../Security/RateLimiterMiddleware')
module.exports = { module.exports = {
apply(webRouter, privateApiRouter, publicApiRouter) { apply(webRouter, privateApiRouter, publicApiRouter) {
webRouter.post( webRouter.post(
'/event/:event([a-z0-9-_]+)', '/event/:event([a-z0-9-_]+)',
RateLimiterMiddleware.rateLimit({
endpointName: 'analytics-record-event',
maxRequests: 200,
timeInterval: 60,
}),
AnalyticsController.recordEvent AnalyticsController.recordEvent
) )
webRouter.put( webRouter.put(
'/editingSession/:projectId', '/editingSession/:projectId',
RateLimiterMiddleware.rateLimit({
endpointName: 'analytics-update-editing-session',
params: ['projectId'],
maxRequests: 20,
timeInterval: 60,
}),
AnalyticsController.updateEditingSession AnalyticsController.updateEditingSession
) )
publicApiRouter.use( publicApiRouter.use(
'/analytics/uniExternalCollaboration', '/analytics/uniExternalCollaboration',
AuthenticationController.requirePrivateApiAuth(), AuthenticationController.requirePrivateApiAuth(),
RateLimiterMiddleware.rateLimit({
endpointName: 'analytics-uni-external-collab-proxy',
maxRequests: 20,
timeInterval: 60,
}),
AnalyticsProxy.call('/uniExternalCollaboration') AnalyticsProxy.call('/uniExternalCollaboration')
) )
}, },