mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
64f69529e0
Add additional rate limits to prevent resource-exhaustion attacks GitOrigin-RevId: 428cf8a16e062267dd92e7fba73ef5c192a8e668
28 lines
1 KiB
CoffeeScript
28 lines
1 KiB
CoffeeScript
AuthorizationMiddlewear = require('../Authorization/AuthorizationMiddlewear')
|
|
AuthenticationController = require('../Authentication/AuthenticationController')
|
|
RateLimiterMiddlewear = require('../Security/RateLimiterMiddlewear')
|
|
LinkedFilesController = require "./LinkedFilesController"
|
|
|
|
module.exports =
|
|
apply: (webRouter) ->
|
|
webRouter.post '/project/:project_id/linked_file',
|
|
AuthenticationController.requireLogin(),
|
|
AuthorizationMiddlewear.ensureUserCanWriteProjectContent,
|
|
RateLimiterMiddlewear.rateLimit({
|
|
endpointName: "create-linked-file"
|
|
params: ["project_id"]
|
|
maxRequests: 100
|
|
timeInterval: 60
|
|
}),
|
|
LinkedFilesController.createLinkedFile
|
|
|
|
webRouter.post '/project/:project_id/linked_file/:file_id/refresh',
|
|
AuthenticationController.requireLogin(),
|
|
AuthorizationMiddlewear.ensureUserCanWriteProjectContent,
|
|
RateLimiterMiddlewear.rateLimit({
|
|
endpointName: "refresh-linked-file"
|
|
params: ["project_id"]
|
|
maxRequests: 100
|
|
timeInterval: 60
|
|
}),
|
|
LinkedFilesController.refreshLinkedFile
|