From a07ea54631d2eff1d148f8d2bd27009ba768fd26 Mon Sep 17 00:00:00 2001 From: Artemy Date: Wed, 19 Apr 2023 18:06:50 +0300 Subject: [PATCH] feat: limit for publish notes --- index.js | 10 +++++++++- package-lock.json | 18 ++++++++++++++++++ package.json | 1 + 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/index.js b/index.js index 9f1d85b..770de0f 100644 --- a/index.js +++ b/index.js @@ -6,6 +6,7 @@ const fs = require("fs"); const path = require("path"); const cryptojs = require("crypto-js"); const { Server } = require("socket.io"); +const rateLimit = require("express-rate-limit"); require("dotenv").config(); @@ -13,6 +14,13 @@ const app = express(), server = require("http").createServer(app), io = new Server().listen(server); +const limiter = rateLimit({ + windowMs: 24 * 60 * 60 * 1000, // one day limit + max: 5, + standardHeaders: true, + legacyHeaders: false, +}); + if (!fs.existsSync("./notes")) { fs.mkdirSync("./notes"); } @@ -57,7 +65,7 @@ io.on("connection", (socket) => { app.use(bodyParser.json()); -app.post("/publish", function (req, res) { +app.post("/publish", limiter, function (req, res) { if (isValidNote(req.body)) { let hash = sha3(JSON.stringify(req.body)); req.body.time = Date.now(); diff --git a/package-lock.json b/package-lock.json index 9e1ff37..73607ea 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,6 +15,7 @@ "crypto-js": "^4.1.1", "dotenv": "^16.0.3", "express": "^4.18.2", + "express-rate-limit": "^6.7.0", "fuse.js": "^6.6.2", "js-sha3": "^0.8.0", "openai": "^3.2.1", @@ -2046,6 +2047,17 @@ "node": ">= 0.10.0" } }, + "node_modules/express-rate-limit": { + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-6.7.0.tgz", + "integrity": "sha512-vhwIdRoqcYB/72TK3tRZI+0ttS8Ytrk24GfmsxDXK9o9IhHNO5bXRiXQSExPQ4GbaE5tvIS7j1SGrxsuWs+sGA==", + "engines": { + "node": ">= 12.9.0" + }, + "peerDependencies": { + "express": "^4 || ^5" + } + }, "node_modules/express/node_modules/body-parser": { "version": "1.20.1", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz", @@ -7104,6 +7116,12 @@ } } }, + "express-rate-limit": { + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-6.7.0.tgz", + "integrity": "sha512-vhwIdRoqcYB/72TK3tRZI+0ttS8Ytrk24GfmsxDXK9o9IhHNO5bXRiXQSExPQ4GbaE5tvIS7j1SGrxsuWs+sGA==", + "requires": {} + }, "extend": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", diff --git a/package.json b/package.json index 5a81c79..0828244 100644 --- a/package.json +++ b/package.json @@ -18,6 +18,7 @@ "crypto-js": "^4.1.1", "dotenv": "^16.0.3", "express": "^4.18.2", + "express-rate-limit": "^6.7.0", "fuse.js": "^6.6.2", "js-sha3": "^0.8.0", "openai": "^3.2.1",