summary refs log tree commit diff
diff options
context:
space:
mode:
authorTheArcaneBrony <myrainbowdash949@gmail.com>2022-08-24 03:01:57 +0200
committerTheArcaneBrony <myrainbowdash949@gmail.com>2022-08-24 16:57:10 +0200
commitbaeec00f65f74001cae5e6fd4e93767f27e43ceb (patch)
tree000a3d3734f5ae2940ca829f97be51a042f5c558
parentMerge branch 'dev/cherry-plugins-improvements' into staging (diff)
downloadserver-baeec00f65f74001cae5e6fd4e93767f27e43ceb.tar.xz
case insensitive header for rate limits, fix rate limit default settings
Also disabled rate limit bypass right as it doesn't work...
Diffstat
-rw-r--r--src/api/middlewares/RateLimit.ts3
-rw-r--r--src/api/util/utility/ipAddress.ts6
-rw-r--r--src/util/config/types/subconfigurations/limits/RateLimits.ts2
-rw-r--r--src/util/config/types/subconfigurations/limits/ratelimits/Route.ts2
4 files changed, 9 insertions, 4 deletions
diff --git a/src/api/middlewares/RateLimit.ts b/src/api/middlewares/RateLimit.ts
index 7754edf6..dc93dcef 100644
--- a/src/api/middlewares/RateLimit.ts
+++ b/src/api/middlewares/RateLimit.ts
@@ -48,7 +48,7 @@ export default function rateLimit(opts: {
 		// exempt user? if so, immediately short circuit
 		if (req.user_id) {
 			const rights = await getRights(req.user_id);
-			if (rights.has("BYPASS_RATE_LIMITS")) return;
+			if (rights.has("BYPASS_RATE_LIMITS")) return next();
 		}
 
 		const bucket_id = opts.bucket || req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, "");
@@ -121,6 +121,7 @@ export default function rateLimit(opts: {
 export async function initRateLimits(app: Router) {
 	const { routes, global, ip, error, disabled } = Config.get().limits.rate;
 	if (disabled) return;
+	console.log("Enabling rate limits...");
 	await listenEvent(EventRateLimit, (event) => {
 		Cache.set(event.channel_id as string, event.data);
 		event.acknowledge?.();
diff --git a/src/api/util/utility/ipAddress.ts b/src/api/util/utility/ipAddress.ts
index 8d986b26..c96feb9e 100644
--- a/src/api/util/utility/ipAddress.ts
+++ b/src/api/util/utility/ipAddress.ts
@@ -78,7 +78,11 @@ export function isProxy(data: typeof exampleData) {
 
 export function getIpAdress(req: Request): string {
 	// @ts-ignore
-	return req.headers[Config.get().security.forwadedFor] || req.socket.remoteAddress;
+	return (
+		req.headers[Config.get().security.forwadedFor as string] ||
+		req.headers[Config.get().security.forwadedFor?.toLowerCase() as string] ||
+		req.socket.remoteAddress
+	);
 }
 
 export function distanceBetweenLocations(loc1: any, loc2: any): number {
diff --git a/src/util/config/types/subconfigurations/limits/RateLimits.ts b/src/util/config/types/subconfigurations/limits/RateLimits.ts
index db3f8a4c..764acdd6 100644
--- a/src/util/config/types/subconfigurations/limits/RateLimits.ts
+++ b/src/util/config/types/subconfigurations/limits/RateLimits.ts
@@ -14,5 +14,5 @@ export class RateLimits {
 		count: 10,
 		window: 5
 	};
-	routes: RouteRateLimit;
+	routes: RouteRateLimit = new RouteRateLimit();
 }
diff --git a/src/util/config/types/subconfigurations/limits/ratelimits/Route.ts b/src/util/config/types/subconfigurations/limits/ratelimits/Route.ts
index 464670f2..6890699e 100644
--- a/src/util/config/types/subconfigurations/limits/ratelimits/Route.ts
+++ b/src/util/config/types/subconfigurations/limits/ratelimits/Route.ts
@@ -14,6 +14,6 @@ export class RouteRateLimit {
 		count: 10,
 		window: 5
 	};
-	auth: AuthRateLimit;
+	auth: AuthRateLimit = new AuthRateLimit();
 	// TODO: rate limit configuration for all routes
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:25:26 +0000