fix: RateLimiterService (#13997)

* fix rate limit check never ends

* fix: long term / short term limitがないときでもそれぞれ用のnew Limiterとlimiter.getが呼ばれる問題

* refactor: wrap ratelimiter with promise

* refactor: reimplement max/min with async

* refactor: reimplement limit with async

* refactor: do not check long term limit inside min

* refactor: check if there is rate limit inside min/max function

* refactor: remove unnecessary return in min/max function

* refactor: remove unnecessary max/min function

* refactor: return rate limit instead of throwing an object

* fix: レートリミットのfactorが二回適用されて二乗の効果がある問題を修正

* fix lint error

---------

Co-authored-by: Kisaragi <48310258+KisaragiEffective@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com>

1 files changed, 2 insertions, 3 deletions

diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index 1d983ca4bc..3e889372d8 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -89,10 +89,9 @@ export class SigninApiService {
 			return { error };
 		}
 
-		try {
 		// not more than 1 attempt per second and not more than 10 attempts per hour
-			await this.rateLimiterService.limit({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, getIpHash(request.ip));
-		} catch (err) {
+		const rateLimit = await this.rateLimiterService.limit({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, getIpHash(request.ip));
+		if (rateLimit != null) {
 			reply.code(429);
 			return {
 				error: {