diff options
Diffstat (limited to 'packages/backend/src/server/api/endpoints/i')
31 files changed, 190 insertions, 2 deletions
diff --git a/packages/backend/src/server/api/endpoints/i/2fa/done.ts b/packages/backend/src/server/api/endpoints/i/2fa/done.ts index 2a30e8b0c3..34b6907338 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/done.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/done.ts @@ -10,6 +10,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; import type { UserProfilesRepository } from '@/models/_.js'; import { GlobalEventService } from '@/core/GlobalEventService.js'; import { DI } from '@/di-symbols.js'; +import ms from 'ms'; export const meta = { requireCredential: true, @@ -28,6 +29,12 @@ export const meta = { }, }, }, + + limit: { + duration: ms('1hour'), + max: 10, + minInterval: ms('1sec'), + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/2fa/password-less.ts b/packages/backend/src/server/api/endpoints/i/2fa/password-less.ts index bf039ccd16..a1c965f603 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/password-less.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/password-less.ts @@ -10,6 +10,7 @@ import type { UserProfilesRepository, UserSecurityKeysRepository } from '@/model import { GlobalEventService } from '@/core/GlobalEventService.js'; import { DI } from '@/di-symbols.js'; import { ApiError } from '../../../error.js'; +import ms from 'ms'; export const meta = { requireCredential: true, @@ -23,6 +24,12 @@ export const meta = { id: 'f9c54d7f-d4c2-4d3c-9a8g-a70daac86512', }, }, + + limit: { + duration: ms('1hour'), + max: 10, + minInterval: ms('1sec'), + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/2fa/update-key.ts b/packages/backend/src/server/api/endpoints/i/2fa/update-key.ts index deb56a3ac4..eb8a63b3dc 100644 --- a/packages/backend/src/server/api/endpoints/i/2fa/update-key.ts +++ b/packages/backend/src/server/api/endpoints/i/2fa/update-key.ts @@ -11,6 +11,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { GlobalEventService } from '@/core/GlobalEventService.js'; import { DI } from '@/di-symbols.js'; import { ApiError } from '../../../error.js'; +import ms from 'ms'; export const meta = { requireCredential: true, @@ -30,6 +31,12 @@ export const meta = { id: '1fb7cb09-d46a-4fff-b8df-057708cce513', }, }, + + limit: { + duration: ms('1hour'), + max: 10, + minInterval: ms('1sec'), + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/apps.ts b/packages/backend/src/server/api/endpoints/i/apps.ts index 91c8597b1b..661fa257a6 100644 --- a/packages/backend/src/server/api/endpoints/i/apps.ts +++ b/packages/backend/src/server/api/endpoints/i/apps.ts @@ -49,6 +49,12 @@ export const meta = { }, }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/authorized-apps.ts b/packages/backend/src/server/api/endpoints/i/authorized-apps.ts index 0b4faf5ef8..447fd18dcf 100644 --- a/packages/backend/src/server/api/endpoints/i/authorized-apps.ts +++ b/packages/backend/src/server/api/endpoints/i/authorized-apps.ts @@ -48,6 +48,12 @@ export const meta = { }, }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts index 603df44733..ebb25ebf1c 100644 --- a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts +++ b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts @@ -13,6 +13,12 @@ export const meta = { requireCredential: true, prohibitMoved: true, kind: 'write:account', + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/favorites.ts b/packages/backend/src/server/api/endpoints/i/favorites.ts index 3558035eca..49d47e1624 100644 --- a/packages/backend/src/server/api/endpoints/i/favorites.ts +++ b/packages/backend/src/server/api/endpoints/i/favorites.ts @@ -26,6 +26,12 @@ export const meta = { ref: 'NoteFavorite', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/gallery/likes.ts b/packages/backend/src/server/api/endpoints/i/gallery/likes.ts index d492585ffa..9baa01ae1e 100644 --- a/packages/backend/src/server/api/endpoints/i/gallery/likes.ts +++ b/packages/backend/src/server/api/endpoints/i/gallery/likes.ts @@ -37,6 +37,12 @@ export const meta = { }, }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/gallery/posts.ts b/packages/backend/src/server/api/endpoints/i/gallery/posts.ts index 73a6fcc98b..350491a73a 100644 --- a/packages/backend/src/server/api/endpoints/i/gallery/posts.ts +++ b/packages/backend/src/server/api/endpoints/i/gallery/posts.ts @@ -26,6 +26,12 @@ export const meta = { ref: 'GalleryPost', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/page-likes.ts b/packages/backend/src/server/api/endpoints/i/page-likes.ts index d4c09426a7..19baa9726d 100644 --- a/packages/backend/src/server/api/endpoints/i/page-likes.ts +++ b/packages/backend/src/server/api/endpoints/i/page-likes.ts @@ -36,6 +36,12 @@ export const meta = { }, }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/pages.ts b/packages/backend/src/server/api/endpoints/i/pages.ts index 1b6359a633..65a19ac5ab 100644 --- a/packages/backend/src/server/api/endpoints/i/pages.ts +++ b/packages/backend/src/server/api/endpoints/i/pages.ts @@ -26,6 +26,12 @@ export const meta = { ref: 'Page', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/pin.ts b/packages/backend/src/server/api/endpoints/i/pin.ts index b7cafd74df..e324485277 100644 --- a/packages/backend/src/server/api/endpoints/i/pin.ts +++ b/packages/backend/src/server/api/endpoints/i/pin.ts @@ -42,6 +42,12 @@ export const meta = { optional: false, nullable: false, ref: 'MeDetailed', }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/read-all-unread-notes.ts b/packages/backend/src/server/api/endpoints/i/read-all-unread-notes.ts index d1a8eccb1d..edf570fcc5 100644 --- a/packages/backend/src/server/api/endpoints/i/read-all-unread-notes.ts +++ b/packages/backend/src/server/api/endpoints/i/read-all-unread-notes.ts @@ -15,6 +15,12 @@ export const meta = { requireCredential: true, kind: 'write:account', + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/read-announcement.ts b/packages/backend/src/server/api/endpoints/i/read-announcement.ts index 4db1ca73c1..4111e90a19 100644 --- a/packages/backend/src/server/api/endpoints/i/read-announcement.ts +++ b/packages/backend/src/server/api/endpoints/i/read-announcement.ts @@ -16,6 +16,12 @@ export const meta = { errors: { }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts index f1797cfde7..98b993d271 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts @@ -14,6 +14,12 @@ export const meta = { res: { type: 'object', }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts index d53c390460..4a3d38efa3 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts @@ -32,6 +32,12 @@ export const meta = { }, }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-unsecure.ts b/packages/backend/src/server/api/endpoints/i/registry/get-unsecure.ts index 3aa256077e..268c650f27 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-unsecure.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-unsecure.ts @@ -22,6 +22,12 @@ export const meta = { id: 'ac3ed68a-62f0-422b-a7bc-d5e09e8f6a6a', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get.ts b/packages/backend/src/server/api/endpoints/i/registry/get.ts index d9a8fdd449..dff33016e0 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get.ts @@ -22,7 +22,13 @@ export const meta = { res: { type: 'object', - } + }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts index 3fe339606d..8216728549 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts @@ -17,6 +17,12 @@ export const meta = { type: 'string', }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys.ts b/packages/backend/src/server/api/endpoints/i/registry/keys.ts index 28f158c62d..001cd22236 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys.ts @@ -17,6 +17,12 @@ export const meta = { type: 'string', }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/remove.ts b/packages/backend/src/server/api/endpoints/i/registry/remove.ts index cf965ba0cf..62338965e0 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/remove.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/remove.ts @@ -21,6 +21,12 @@ export const meta = { id: '1fac4e8a-a6cd-4e39-a4a5-3a7e11f1b019', }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/scopes-with-domain.ts b/packages/backend/src/server/api/endpoints/i/registry/scopes-with-domain.ts index 67a99b028a..f23335ed46 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/scopes-with-domain.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/scopes-with-domain.ts @@ -31,7 +31,13 @@ export const meta = { }, }, }, - } + }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/set.ts b/packages/backend/src/server/api/endpoints/i/registry/set.ts index 8723035d84..35414ca2a9 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/set.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/set.ts @@ -10,6 +10,12 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, kind: 'write:account', + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/revoke-token.ts b/packages/backend/src/server/api/endpoints/i/revoke-token.ts index c05ee93c6f..07acddaa54 100644 --- a/packages/backend/src/server/api/endpoints/i/revoke-token.ts +++ b/packages/backend/src/server/api/endpoints/i/revoke-token.ts @@ -12,6 +12,12 @@ export const meta = { requireCredential: true, secure: true, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/signin-history.ts b/packages/backend/src/server/api/endpoints/i/signin-history.ts index 76ad0bbe21..8b39b87a7f 100644 --- a/packages/backend/src/server/api/endpoints/i/signin-history.ts +++ b/packages/backend/src/server/api/endpoints/i/signin-history.ts @@ -23,6 +23,12 @@ export const meta = { ref: 'Signin', }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/unpin.ts b/packages/backend/src/server/api/endpoints/i/unpin.ts index 74825cf9f3..e88e3fbc01 100644 --- a/packages/backend/src/server/api/endpoints/i/unpin.ts +++ b/packages/backend/src/server/api/endpoints/i/unpin.ts @@ -29,6 +29,12 @@ export const meta = { optional: false, nullable: false, ref: 'MeDetailed', }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/webhooks/create.ts b/packages/backend/src/server/api/endpoints/i/webhooks/create.ts index 6e84603f7a..b0c736937c 100644 --- a/packages/backend/src/server/api/endpoints/i/webhooks/create.ts +++ b/packages/backend/src/server/api/endpoints/i/webhooks/create.ts @@ -55,6 +55,12 @@ export const meta = { latestStatus: { type: 'integer', nullable: true }, }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/webhooks/delete.ts b/packages/backend/src/server/api/endpoints/i/webhooks/delete.ts index 1b1ac00670..1b76a01ca9 100644 --- a/packages/backend/src/server/api/endpoints/i/webhooks/delete.ts +++ b/packages/backend/src/server/api/endpoints/i/webhooks/delete.ts @@ -24,6 +24,12 @@ export const meta = { id: 'bae73e5a-5522-4965-ae19-3a8688e71d82', }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/webhooks/list.ts b/packages/backend/src/server/api/endpoints/i/webhooks/list.ts index 394c178f2a..f1c0f53fec 100644 --- a/packages/backend/src/server/api/endpoints/i/webhooks/list.ts +++ b/packages/backend/src/server/api/endpoints/i/webhooks/list.ts @@ -46,6 +46,12 @@ export const meta = { }, }, }, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/webhooks/show.ts b/packages/backend/src/server/api/endpoints/i/webhooks/show.ts index 4a0c09ff0c..5c7c84a73c 100644 --- a/packages/backend/src/server/api/endpoints/i/webhooks/show.ts +++ b/packages/backend/src/server/api/endpoints/i/webhooks/show.ts @@ -52,6 +52,12 @@ export const meta = { latestStatus: { type: 'integer', nullable: true }, }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/webhooks/update.ts b/packages/backend/src/server/api/endpoints/i/webhooks/update.ts index 07a25bd82a..632fd2b671 100644 --- a/packages/backend/src/server/api/endpoints/i/webhooks/update.ts +++ b/packages/backend/src/server/api/endpoints/i/webhooks/update.ts @@ -26,6 +26,11 @@ export const meta = { }, }, + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { |