diff options
| author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-07-01 21:27:46 +0200 |
|---|---|---|
| committer | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-07-01 21:27:46 +0200 |
| commit | c3c8026041d29d7b50d54080d21518cadae97fff (patch) | |
| tree | 3c95d992accbc99624d5a6dcc7ec946f56e48697 /src/routes | |
| parent | Merge pull request #162 from fosscord/feat--rate-limit (diff) | |
| download | server-c3c8026041d29d7b50d54080d21518cadae97fff.tar.xz | |
:sparkles: route specific rate limits
Diffstat (limited to 'src/routes')
| -rw-r--r-- | src/routes/auth/login.ts | 2 | ||||
| -rw-r--r-- | src/routes/auth/register.ts | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index 2c4084ea..547d115b 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -4,12 +4,14 @@ import bcrypt from "bcrypt"; import jwt from "jsonwebtoken"; import { Config, UserModel } from "@fosscord/server-util"; import { adjustEmail } from "./register"; +import RateLimit from "../../middlewares/RateLimit"; const router: Router = Router(); export default router; router.post( "/", + RateLimit({ count: 5, window: 60, onylIp: true }), check({ login: new Length(String, 2, 100), // email or telephone password: new Length(String, 8, 64), diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index f39206f2..83f8dc8c 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -6,11 +6,13 @@ import "missing-native-js-functions"; import { generateToken } from "./login"; import { getIpAdress, IPAnalysis, isProxy } from "../../util/ipAddress"; import { HTTPError } from "lambert-server"; +import RateLimit from "../../middlewares/RateLimit"; const router: Router = Router(); router.post( "/", + RateLimit({ count: 2, window: 60 * 60 * 12, onylIp: true, success: true }), check({ username: new Length(String, 2, 32), // TODO: check min password length in config |