mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-02 13:10:20 -05:00
4360a55fdc
Add rate limits to email-related endpoints GitOrigin-RevId: 05a8b40eb65a55aba35788e2401e6988b672b389
65 lines
3.6 KiB
CoffeeScript
65 lines
3.6 KiB
CoffeeScript
AuthenticationController = require('../Authentication/AuthenticationController')
|
|
SubscriptionController = require('./SubscriptionController')
|
|
SubscriptionGroupController = require './SubscriptionGroupController'
|
|
DomainLicenceController = require './DomainLicenceController'
|
|
TeamInvitesController = require './TeamInvitesController'
|
|
RateLimiterMiddlewear = require('../Security/RateLimiterMiddlewear')
|
|
Settings = require "settings-sharelatex"
|
|
|
|
module.exports =
|
|
apply: (webRouter, privateApiRouter, publicApiRouter) ->
|
|
return unless Settings.enableSubscriptions
|
|
|
|
webRouter.get '/user/subscription/plans', SubscriptionController.plansPage
|
|
|
|
webRouter.get '/user/subscription', AuthenticationController.requireLogin(), SubscriptionController.userSubscriptionPage
|
|
|
|
webRouter.get '/user/subscription/new', AuthenticationController.requireLogin(), SubscriptionController.paymentPage
|
|
|
|
webRouter.get '/user/subscription/thank-you', AuthenticationController.requireLogin(), SubscriptionController.successful_subscription
|
|
|
|
|
|
webRouter.get '/subscription/group', AuthenticationController.requireLogin(), SubscriptionGroupController.redirectToSubscriptionGroupAdminPage
|
|
webRouter.delete '/subscription/group/user', AuthenticationController.requireLogin(), SubscriptionGroupController.removeSelfFromGroup
|
|
|
|
# Team invites
|
|
webRouter.get '/subscription/invites/:token/', AuthenticationController.requireLogin(),
|
|
TeamInvitesController.viewInvite
|
|
webRouter.put '/subscription/invites/:token/',
|
|
AuthenticationController.requireLogin(),
|
|
RateLimiterMiddlewear.rateLimit({
|
|
endpointName: 'team-invite',
|
|
maxRequests: 10
|
|
timeInterval: 60
|
|
}),
|
|
TeamInvitesController.acceptInvite
|
|
|
|
# Routes to join a domain licence team
|
|
webRouter.get '/user/subscription/domain/join', AuthenticationController.requireLogin(), DomainLicenceController.join
|
|
webRouter.post '/user/subscription/domain/join',
|
|
AuthenticationController.requireLogin(),
|
|
RateLimiterMiddlewear.rateLimit({
|
|
endpointName: 'join-domain-subscription',
|
|
maxRequests: 10
|
|
timeInterval: 60
|
|
}),
|
|
DomainLicenceController.createInvite
|
|
|
|
#recurly callback
|
|
publicApiRouter.post '/user/subscription/callback', SubscriptionController.recurlyNotificationParser, SubscriptionController.recurlyCallback
|
|
|
|
#user changes their account state
|
|
webRouter.post '/user/subscription/create', AuthenticationController.requireLogin(), SubscriptionController.createSubscription
|
|
webRouter.post '/user/subscription/update', AuthenticationController.requireLogin(), SubscriptionController.updateSubscription
|
|
webRouter.post '/user/subscription/cancel', AuthenticationController.requireLogin(), SubscriptionController.cancelSubscription
|
|
webRouter.post '/user/subscription/reactivate', AuthenticationController.requireLogin(), SubscriptionController.reactivateSubscription
|
|
|
|
webRouter.post '/user/subscription/v1/cancel', AuthenticationController.requireLogin(), SubscriptionController.cancelV1Subscription
|
|
|
|
webRouter.put '/user/subscription/extend', AuthenticationController.requireLogin(), SubscriptionController.extendTrial
|
|
|
|
webRouter.get "/user/subscription/upgrade-annual", AuthenticationController.requireLogin(), SubscriptionController.renderUpgradeToAnnualPlanPage
|
|
webRouter.post "/user/subscription/upgrade-annual", AuthenticationController.requireLogin(), SubscriptionController.processUpgradeToAnnualPlan
|
|
|
|
# Currently used in acceptance tests only, as a way to trigger the syncing logic
|
|
publicApiRouter.post "/user/:user_id/features/sync", AuthenticationController.httpAuth, SubscriptionController.refreshUserFeatures
|