Auth rate limiter

2025-04-05 06:07:34 +03:00 · 2023-02-08 15:20:44 -05:00 · 2023-02-08 15:20:44 -05:00 · e1a4a74905
commit e1a4a74905
parent 3ac315a9e7
16 changed files with 152 additions and 60 deletions
--- a/server/server_middleware.go
+++ b/server/server_middleware.go
@ -1,9 +1,21 @@
 package server

 import (
+	"heckel.io/ntfy/util"
 	"net/http"
 )

+func (s *Server) limitRequests(next handleFunc) handleFunc {
+	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
+		if util.ContainsIP(s.config.VisitorRequestExemptIPAddrs, v.ip) {
+			return next(w, r, v)
+		} else if !v.RequestAllowed() {
+			return errHTTPTooManyRequestsLimitRequests
+		}
+		return next(w, r, v)
+	}
+}
+
 func (s *Server) ensureWebEnabled(next handleFunc) handleFunc {
 	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
 		if !s.config.EnableWeb {