summary refs log tree commit diff
diff options
context:
space:
mode:
authorTheArcaneBrony <myrainbowdash949@gmail.com>2022-09-18 14:09:16 +0200
committerMadeline <46743919+MaddyUnderStars@users.noreply.github.com>2022-12-19 22:17:06 +1100
commit47b999efec8b90b2e4f858c6bedb92e6ef81c8da (patch)
treec11bbcefefc4bcd08980bd4b3dd79eb038f6ae5a
parentRegistration tokens (diff)
downloadserver-47b999efec8b90b2e4f858c6bedb92e6ef81c8da.tar.xz
Message rate limiting
-rw-r--r--assets/locales/en/common.json31
-rw-r--r--src/api/routes/channels/#channel_id/messages/index.ts23
-rw-r--r--src/util/config/types/subconfigurations/limits/GlobalRateLimits.ts2
3 files changed, 54 insertions, 2 deletions
diff --git a/assets/locales/en/common.json b/assets/locales/en/common.json
index 8bb9c042..edcafa1d 100644
--- a/assets/locales/en/common.json
+++ b/assets/locales/en/common.json
@@ -14,5 +14,36 @@
 		"EMAIL_TYPE_INVALID_EMAIL": "Not a well-formed email address",
 		"DATE_TYPE_PARSE": "Could not parse {{date}}. Should be ISO8601",
 		"BASE_TYPE_BAD_LENGTH": "Must be between {{length}} in length"
+	},
+	"body": {
+		"INVALID_BODY": "Invalid Body",
+		"INVALID_REQUEST_SIGNATURE": "Invalid request signature",
+		"MISSING_FILE": "File missing",
+		"INVALID_FILE_TYPE": "Invalid file type"
+	},
+	"notfound": {
+		"CHANNEL": "This channel doesn't exist",
+		"USER": "User not found",
+		"ROLE": "Role not found",
+		"REACTION": "Reaction not found",
+		"FILE": "File not found"
+	},
+	"toomany": {
+		"CHANNEL": "Too many channels",
+		"USER": "Too many users",
+		"ROLE": "Too many roles",
+		"REACTION": "Too many reactions",
+		"FILE": "Too many files",
+		"MESSAGE": "Too many messages"
+	},
+	"relationship": {
+		"ALREADY_BLOCKED": "You already blocked the user",
+		"NOT_FRIENDS": "You are not friends with the user",
+		"ALREADY_FRIENDS": "You are already friends with the user",
+		"ALREADY_SENT": "You already sent a friend request",
+		"ADD_SELF": "You can't add yourself as a friend",
+		"REMOVE_SELF": "You can't remove yourself as a friend",
+		"UNBLOCK": "Unblock the user before sending a friend request",
+		"BLOCKED": "The user blocked you"
 	}
 }
diff --git a/src/api/routes/channels/#channel_id/messages/index.ts b/src/api/routes/channels/#channel_id/messages/index.ts
index 4b935f19..86864edb 100644
--- a/src/api/routes/channels/#channel_id/messages/index.ts
+++ b/src/api/routes/channels/#channel_id/messages/index.ts
@@ -6,6 +6,7 @@ import {
 	Config,
 	DmChannelDTO,
 	emitEvent,
+	FieldErrors,
 	getPermission,
 	Message,
 	MessageCreateEvent,
@@ -16,10 +17,13 @@ import {
 	MessageCreateSchema,
 	ReadState,
 	DiscordApiErrors,
+	getRights,
+	Rights,
 } from "@fosscord/util";
 import { HTTPError } from "lambert-server";
-import { handleMessage, postHandleMessage, route } from "@fosscord/api";
+import { handleMessage, postHandleMessage, route, getIpAdress } from "@fosscord/api";
 import multer from "multer";
+import { yellow } from "picocolors";
 import { FindManyOptions, LessThan, MoreThan } from "typeorm";
 import { URL } from "url";
 
@@ -215,6 +219,23 @@ router.post(
 			}
 		}
 
+		if (!req.rights.has(Rights.FLAGS.BYPASS_RATE_LIMITS)) {
+			var limits = Config.get().limits;
+			if (limits.absoluteRate.register.enabled) {
+				const count = await Message.count({
+					where: {
+						channel_id,
+						timestamp: MoreThan(new Date(Date.now() - limits.absoluteRate.sendMessage.window))
+					}
+				});
+
+				if (count >= limits.absoluteRate.sendMessage.limit)
+					throw FieldErrors({
+						channel_id: { code: "TOO_MANY_MESSAGES", message: req.t("common:toomany.MESSAGE") }
+					});
+			}
+		}
+
 		const files = (req.files as Express.Multer.File[]) ?? [];
 		for (var currFile of files) {
 			try {
diff --git a/src/util/config/types/subconfigurations/limits/GlobalRateLimits.ts b/src/util/config/types/subconfigurations/limits/GlobalRateLimits.ts
index 85280d3a..4029abbe 100644
--- a/src/util/config/types/subconfigurations/limits/GlobalRateLimits.ts
+++ b/src/util/config/types/subconfigurations/limits/GlobalRateLimits.ts
@@ -1,6 +1,6 @@
 export class GlobalRateLimits {
 	register: GlobalRateLimit = { limit: 25, window: 60 * 60 * 1000, enabled: true };
-	sendMessage: GlobalRateLimit = { limit: 50, window: 60 * 1000, enabled: true };
+	sendMessage: GlobalRateLimit = { limit: 200, window: 60 * 1000, enabled: true };
 }
 
 export class GlobalRateLimit {