code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add individual url ratelimiting

Browse Source
This commit is contained in:
Mystikfluu 2022-06-18 18:28:29 +02:00
parent 2db1f8ec64
commit 3cf533cc0a
2 changed files with 128 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
server.js
View File

@ -181,6 +181,7 @@ var API_CALLS_ACCOUNT = {}
var USER_CALLS = {} var USER_CALLS = {}
var SESSIONS = {} var SESSIONS = {}
var REVERSE_SESSIONS = {} var REVERSE_SESSIONS = {}
var INDIVIDUAL_CALLS = {}
function clear_api_calls() { function clear_api_calls() {
API_CALLS = {} API_CALLS = {}
} }
@ -194,6 +195,32 @@ setInterval(clear_api_calls, config.rate_limits.api.reset_time)
setInterval(clear_account_api_calls, config.rate_limits.api.reset_time) setInterval(clear_account_api_calls, config.rate_limits.api.reset_time)
setInterval(clear_user_calls, config.rate_limits.user.reset_time) setInterval(clear_user_calls, config.rate_limits.user.reset_time)
function increaseIndividualCall(url,req) { //true = continue, false = ratelimit
let conf = config["rate_limits"]["individual"][url]
if(!conf) {
console.log(5,"uri not in individual ratelimiter",url);
return true;
}
if(!conf["enabled"])return true;
let ip = req.socket.remoteAddress
if(INDIVIDUAL_CALLS[ip]==undefined)INDIVIDUAL_CALLS[ip] = {}
if(INDIVIDUAL_CALLS[ip][url]==undefined)INDIVIDUAL_CALLS[ip][url] = 0
if(INDIVIDUAL_CALLS[ip][url] == 0) {
setTimeout(function(){
INDIVIDUAL_CALLS[ip][url] = 0
},conf["reset_time"])
}
INDIVIDUAL_CALLS[ip][url]++;
if(INDIVIDUAL_CALLS[ip][url] >= conf["max"]){
console.log(5,"ratelimiting someone on", url, INDIVIDUAL_CALLS[ip][url],conf["max"]);
return false;
}
return true;
}
function increaseAccountAPICall(req,res) { function increaseAccountAPICall(req,res) {
let cookie = req.cookies.AUTH_COOKIE let cookie = req.cookies.AUTH_COOKIE
if(!cookie){ if(!cookie){
@ -307,6 +334,16 @@ app.use("/*",function(req,res,next){
return return
} }
} }
let fullurl = req.baseUrl + req.path
if(fullurl != "/") {
fullurl = fullurl.substring(0,fullurl.length-1)
}
if(!increaseIndividualCall(fullurl,req)){
res.status(429)
res.json({"error":"you are sending too many requests!"})
return
}
next() next()
}) })

95
server_config.json
View File

@ -11,14 +11,101 @@
}, },
"rate_limits": { "rate_limits": {
"api": { "api": {
"reset_time": 10000, "reset_time": 40000,
"max_without_session": 20, "max_without_session": 30,
"max_with_session": 60, "max_with_session": 120,
"max_per_account": 30 "max_per_account": 200
}, },
"user": { "user": {
"reset_time": 30000, "reset_time": 30000,
"max": 60 "max": 60
},
"individual": {
"/" : {
"enabled": true,
"max": 4,
"reset_time": 10000
},
"/js/warn_message.js" : {
"enabled": true,
"max": 10,
"reset_time": 5000
},
"/js/addnavbar.js" : {
"enabled": true,
"max": 10,
"reset_time": 5000
},
"/css/logon.css" : {
"enabled": true,
"max": 10,
"reset_time": 5000
},
"/css/global.css" : {
"enabled": true,
"max": 10,
"reset_time": 5000
},
"/api/getuser" : {
"enabled": true,
"max": 10,
"reset_time": 10000
},
"/api/getotheruser" : {
"enabled": true,
"max": 60,
"reset_time": 10000
},
"/login" : {
"enabled": true,
"max": 6,
"reset_time": 10000
},
"/images/default_avatar.png" : {
"enabled": true,
"max": 20,
"reset_time": 10000
},
"/images/bot.png" : {
"enabled": true,
"max": 10,
"reset_time": 10000
},
"/js/markdown.js" : {
"enabled": true,
"max": 5,
"reset_time": 10000
},
"/posts" : {
"enabled": true,
"max": 5,
"reset_time": 10000
},
"/js/httppost.js" : {
"enabled": true,
"max": 10,
"reset_time": 10000
},
"/js/htmlescape.js" : {
"enabled": true,
"max": 10,
"reset_time": 10000
},
"/api/getPosts" : {
"enabled": true,
"max": 10,
"reset_time": 20000
},
"/api/setBio": {
"enabled": true,
"max": 3,
"reset_time": 20000
},
"/api/setavatar": {
"enabled": true,
"max": 6,
"reset_time": 120000
}
} }
}, },
"logs": { "logs": {