summary refs log tree commit diff
path: root/api/src
diff options
context:
space:
mode:
authorErkin Alp Güney <erkinalp9035@gmail.com>2022-04-24 14:57:26 +0300
committerGitHub <noreply@github.com>2022-04-24 14:57:26 +0300
commitc87671d080f79185fce9dd13f6f6e1a3b3aa50a7 (patch)
treefbead4729c04f53f20e6adfbe53c24040e4d0e30 /api/src
parentUpdate Message.ts (diff)
downloadserver-c87671d080f79185fce9dd13f6f6e1a3b3aa50a7.tar.xz
Punitive rate limiting
Diffstat (limited to 'api/src')
-rw-r--r--api/src/middlewares/RateLimit.ts12


1 files changed, 8 insertions, 4 deletions
diff --git a/api/src/middlewares/RateLimit.ts b/api/src/middlewares/RateLimit.ts

index 1a38cfcf..8368d14a 100644
--- a/api/src/middlewares/RateLimit.ts
+++ b/api/src/middlewares/RateLimit.ts
@@ -53,12 +53,12 @@ export default function rateLimit(opts: {
 		if (opts.GET && ["GET", "OPTIONS", "HEAD"].includes(req.method)) max_hits = opts.GET;
 		else if (opts.MODIFY && ["POST", "DELETE", "PATCH", "PUT"].includes(req.method)) max_hits = opts.MODIFY;
 
-		const offender = Cache.get(executor_id + bucket_id);
+		let offender = Cache.get(executor_id + bucket_id);
 
 		if (offender) {
-			const reset = offender.expires_at.getTime();
-			const resetAfterMs = reset - Date.now();
-			const resetAfterSec = resetAfterMs / 1000;
+			let reset = offender.expires_at.getTime();
+			let resetAfterMs = reset - Date.now();
+			let resetAfterSec = (resetAfterMs + 999) / 1000;
 
 			if (resetAfterMs <= 0) {
 				offender.hits = 0;
@@ -70,6 +70,10 @@ export default function rateLimit(opts: {
 
 			if (offender.blocked) {
 				const global = bucket_id === "global";
+				reset = reset + opts.window * 1000; // each block violation pushes the expiry one full window further
+				offender.expires_at += opts.window * 1000;
+				resetAfterMs = reset - Date.now();
+				resetAfterSec = (resetAfterMs + 999) / 1000;
 
 				console.log("blocked bucket: " + bucket_id, { resetAfterMs });
 				return (

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-06-29 23:42:28 +0000