summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api/ApiCallService.ts
diff options
context:
space:
mode:
authorHazelnoot <acomputerdog@gmail.com>2025-02-02 22:02:08 -0500
committerHazelnoot <acomputerdog@gmail.com>2025-02-05 11:20:25 -0500
commit09669d72e7e2474141a2712a12c6dafe290ccf88 (patch)
treedd707484b8a158561382607fd3254dc5ad092fd3 /packages/backend/src/server/api/ApiCallService.ts
parentincrease sign-in rate limit (diff)
downloadsharkey-09669d72e7e2474141a2712a12c6dafe290ccf88.tar.gz
sharkey-09669d72e7e2474141a2712a12c6dafe290ccf88.tar.bz2
sharkey-09669d72e7e2474141a2712a12c6dafe290ccf88.zip
lookup and cache rate limit factors directly within SkRateLimiterService
Diffstat (limited to 'packages/backend/src/server/api/ApiCallService.ts')
-rw-r--r--packages/backend/src/server/api/ApiCallService.ts37
1 files changed, 16 insertions, 21 deletions
diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts
index 03f25a51fe..9c3952d541 100644
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@@ -313,35 +313,30 @@ export class ApiCallService implements OnApplicationShutdown {
// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
if (endpointLimit) {
// koa will automatically load the `X-Forwarded-For` header if `proxy: true` is configured in the app.
- let limitActor: string;
+ let limitActor: string | MiLocalUser;
if (user) {
- limitActor = user.id;
+ limitActor = user;
} else {
limitActor = getIpHash(request.ip);
}
- // TODO: 毎リクエスト計算するのもあれだしキャッシュしたい
- const factor = user ? (await this.roleService.getUserPolicies(user.id)).rateLimitFactor : 1;
+ const limit = {
+ key: ep.name,
+ ...endpointLimit,
+ };
- if (factor > 0) {
- const limit = {
- key: ep.name,
- ...endpointLimit,
- };
+ // Rate limit
+ const info = await this.rateLimiterService.limit(limit, limitActor);
- // Rate limit
- const info = await this.rateLimiterService.limit(limit, limitActor, factor);
+ sendRateLimitHeaders(reply, info);
- sendRateLimitHeaders(reply, info);
-
- if (info.blocked) {
- throw new ApiError({
- message: 'Rate limit exceeded. Please try again later.',
- code: 'RATE_LIMIT_EXCEEDED',
- id: 'd5826d14-3982-4d2e-8011-b9e9f02499ef',
- httpStatusCode: 429,
- }, info);
- }
+ if (info.blocked) {
+ throw new ApiError({
+ message: 'Rate limit exceeded. Please try again later.',
+ code: 'RATE_LIMIT_EXCEEDED',
+ id: 'd5826d14-3982-4d2e-8011-b9e9f02499ef',
+ httpStatusCode: 429,
+ }, info);
}
}
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 18:58:54 +0000