summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api/SigninApiService.ts
diff options
context:
space:
mode:
authorHazelnoot <acomputerdog@gmail.com>2024-12-07 13:13:19 -0500
committerHazelnoot <acomputerdog@gmail.com>2024-12-07 13:13:19 -0500
commitf6b256620b9637ffe4bd29a07cfba1a7880c9bb1 (patch)
tree8f2e8ffee698b1f843079297921bb34c8997f876 /packages/backend/src/server/api/SigninApiService.ts
parentrespect rate limit factor in FileServerService (diff)
downloadsharkey-f6b256620b9637ffe4bd29a07cfba1a7880c9bb1.tar.gz
sharkey-f6b256620b9637ffe4bd29a07cfba1a7880c9bb1.tar.bz2
sharkey-f6b256620b9637ffe4bd29a07cfba1a7880c9bb1.zip
separate SkRateLimiterService from RateLimiterService and update all usages
Diffstat (limited to 'packages/backend/src/server/api/SigninApiService.ts')
-rw-r--r--packages/backend/src/server/api/SigninApiService.ts17
1 files changed, 10 insertions, 7 deletions
diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index 64af7da7a6..1a4ce0a54c 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -21,12 +21,13 @@ import { IdService } from '@/core/IdService.js';
import { bindThis } from '@/decorators.js';
import { WebAuthnService } from '@/core/WebAuthnService.js';
import { UserAuthService } from '@/core/UserAuthService.js';
-import { RateLimiterService } from './RateLimiterService.js';
+import { isSystemAccount } from '@/misc/is-system-account.js';
+import type { MiMeta } from '@/models/_.js';
+import { SkRateLimiterService } from '@/server/api/SkRateLimiterService.js';
+import { sendRateLimitHeaders } from '@/misc/rate-limit-utils.js';
import { SigninService } from './SigninService.js';
import type { AuthenticationResponseJSON } from '@simplewebauthn/types';
import type { FastifyReply, FastifyRequest } from 'fastify';
-import { isSystemAccount } from '@/misc/is-system-account.js';
-import type { MiMeta } from '@/models/_.js';
@Injectable()
export class SigninApiService {
@@ -47,7 +48,7 @@ export class SigninApiService {
private signinsRepository: SigninsRepository,
private idService: IdService,
- private rateLimiterService: RateLimiterService,
+ private rateLimiterService: SkRateLimiterService,
private signinService: SigninService,
private userAuthService: UserAuthService,
private webAuthnService: WebAuthnService,
@@ -79,10 +80,12 @@ export class SigninApiService {
return { error };
}
- try {
// not more than 1 attempt per second and not more than 10 attempts per hour
- await this.rateLimiterService.limit({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, getIpHash(request.ip));
- } catch (err) {
+ const rateLimit = await this.rateLimiterService.limit({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, getIpHash(request.ip));
+
+ sendRateLimitHeaders(reply, rateLimit);
+
+ if (rateLimit.blocked) {
reply.code(429);
return {
error: {
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 14:59:59 +0000