From e3b826db5a2dd86c15b3c5f5bdfbd7fec8d781ad Mon Sep 17 00:00:00 2001 From: Hazelnoot Date: Fri, 22 Nov 2024 13:43:06 -0500 Subject: add rate limits to all public endpoints --- packages/backend/src/server/api/endpoints/federation/followers.ts | 6 ++++++ packages/backend/src/server/api/endpoints/federation/following.ts | 6 ++++++ packages/backend/src/server/api/endpoints/federation/instances.ts | 6 ++++++ .../backend/src/server/api/endpoints/federation/show-instance.ts | 6 ++++++ packages/backend/src/server/api/endpoints/federation/stats.ts | 6 ++++++ .../src/server/api/endpoints/federation/update-remote-user.ts | 6 ++++++ packages/backend/src/server/api/endpoints/federation/users.ts | 6 ++++++ 7 files changed, 42 insertions(+) (limited to 'packages/backend/src/server/api/endpoints/federation') diff --git a/packages/backend/src/server/api/endpoints/federation/followers.ts b/packages/backend/src/server/api/endpoints/federation/followers.ts index d5b80035df..e7b528dda1 100644 --- a/packages/backend/src/server/api/endpoints/federation/followers.ts +++ b/packages/backend/src/server/api/endpoints/federation/followers.ts @@ -22,6 +22,12 @@ export const meta = { ref: 'Following', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/following.ts b/packages/backend/src/server/api/endpoints/federation/following.ts index 215f94fbcc..070a1c8407 100644 --- a/packages/backend/src/server/api/endpoints/federation/following.ts +++ b/packages/backend/src/server/api/endpoints/federation/following.ts @@ -22,6 +22,12 @@ export const meta = { ref: 'Following', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/instances.ts b/packages/backend/src/server/api/endpoints/federation/instances.ts index c1ce3f2238..97384d2498 100644 --- a/packages/backend/src/server/api/endpoints/federation/instances.ts +++ b/packages/backend/src/server/api/endpoints/federation/instances.ts @@ -27,6 +27,12 @@ export const meta = { ref: 'FederationInstance', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/show-instance.ts b/packages/backend/src/server/api/endpoints/federation/show-instance.ts index 2972861a4b..8168f9296f 100644 --- a/packages/backend/src/server/api/endpoints/federation/show-instance.ts +++ b/packages/backend/src/server/api/endpoints/federation/show-instance.ts @@ -20,6 +20,12 @@ export const meta = { optional: false, nullable: true, ref: 'FederationInstance', }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/stats.ts b/packages/backend/src/server/api/endpoints/federation/stats.ts index 69900bff9a..54d29c2faa 100644 --- a/packages/backend/src/server/api/endpoints/federation/stats.ts +++ b/packages/backend/src/server/api/endpoints/federation/stats.ts @@ -50,6 +50,12 @@ export const meta = { otherFollowingCount: { type: 'number' }, }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts index f8430ef431..3ec9522c44 100644 --- a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts +++ b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts @@ -12,6 +12,12 @@ export const meta = { tags: ['federation'], requireCredential: false, + + // 2 calls per second + limit: { + duration: 1000, + max: 2, + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/users.ts b/packages/backend/src/server/api/endpoints/federation/users.ts index 71b1aeb07b..e3bc2989df 100644 --- a/packages/backend/src/server/api/endpoints/federation/users.ts +++ b/packages/backend/src/server/api/endpoints/federation/users.ts @@ -24,6 +24,12 @@ export const meta = { ref: 'UserDetailedNotMe', }, }, + + // 10 calls per 5 seconds + limit: { + duration: 1000 * 5, + max: 10, + }, } as const; export const paramDef = { -- cgit v1.2.3-freya