diff --git a/api/src/middlewares/RateLimit.ts b/src/api/middlewares/RateLimit.ts
index 13f1602c..dc93dcef 100644
--- a/api/src/middlewares/RateLimit.ts
+++ b/src/api/middlewares/RateLimit.ts
@@ -1,6 +1,6 @@
-import { Config, getRights, listenEvent, Rights } from "@fosscord/util";
-import { NextFunction, Request, Response, Router } from "express";
import { getIpAdress } from "@fosscord/api";
+import { Config, getRights, listenEvent } from "@fosscord/util";
+import { NextFunction, Request, Response, Router } from "express";
import { API_PREFIX_TRAILING_SLASH } from "./Authentication";
// Docs: https://discord.com/developers/docs/topics/rate-limits
@@ -28,7 +28,7 @@ type RateLimit = {
expires_at: Date;
};
-var Cache = new Map<string, RateLimit>();
+let Cache = new Map<string, RateLimit>();
const EventRateLimit = "RATELIMIT";
export default function rateLimit(opts: {
@@ -48,14 +48,14 @@ export default function rateLimit(opts: {
// exempt user? if so, immediately short circuit
if (req.user_id) {
const rights = await getRights(req.user_id);
- if (rights.has("BYPASS_RATE_LIMITS")) return;
+ if (rights.has("BYPASS_RATE_LIMITS")) return next();
}
const bucket_id = opts.bucket || req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, "");
- var executor_id = getIpAdress(req);
+ let executor_id = getIpAdress(req);
if (!opts.onlyIp && req.user_id) executor_id = req.user_id;
- var max_hits = opts.count;
+ let max_hits = opts.count;
if (opts.bot && req.user_bot) max_hits = opts.bot;
if (opts.GET && ["GET", "OPTIONS", "HEAD"].includes(req.method)) max_hits = opts.GET;
else if (opts.MODIFY && ["POST", "DELETE", "PATCH", "PUT"].includes(req.method)) max_hits = opts.MODIFY;
@@ -121,6 +121,7 @@ export default function rateLimit(opts: {
export async function initRateLimits(app: Router) {
const { routes, global, ip, error, disabled } = Config.get().limits.rate;
if (disabled) return;
+ console.log("Enabling rate limits...");
await listenEvent(EventRateLimit, (event) => {
Cache.set(event.channel_id as string, event.data);
event.acknowledge?.();
@@ -163,9 +164,9 @@ export async function initRateLimits(app: Router) {
app.use("/auth/register", rateLimit({ onlyIp: true, success: true, ...routes.auth.register }));
}
-async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits: number; window: number; }) {
+async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits: number; window: number }) {
const id = opts.executor_id + opts.bucket_id;
- var limit = Cache.get(id);
+ let limit = Cache.get(id);
if (!limit) {
limit = {
id: opts.bucket_id,
@@ -183,7 +184,7 @@ async function hitRoute(opts: { executor_id: string; bucket_id: string; max_hits
}
/*
- var ratelimit = await RateLimit.findOne({ id: opts.bucket_id, executor_id: opts.executor_id });
+ let ratelimit = await RateLimit.findOne({ where: { id: opts.bucket_id, executor_id: opts.executor_id } });
if (!ratelimit) {
ratelimit = new RateLimit({
id: opts.bucket_id,
|
