lucien/tanuki-s-forum
1
0
Fork 0
generated from lucien/api-template
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

improved rate limits

Browse source
This commit is contained in:
Lukian 2025-04-21 20:58:46 +02:00
parent 46aea20bf5
commit 9806fc3b3c
3 changed files with 44 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

17
back/api/channels.js
View file

@ -16,8 +16,21 @@ const {
deleteChannelMessages,
deleteChannel
} = require('../libs/mysql');
const rateLimit = require("express-rate-limit");
const slowDown = require("express-slow-down");
const { checkAuth } = require('../libs/middlewares');
const limiter = rateLimit({
windowMs: 1 * 1000,
max: 2,
});
const speedLimiter = slowDown({
windowMs: 1 * 1000,
delayAfter: 2,
delayMs: () => 5000,
});
const router = express.Router();
router.get('/', async (req, res) => {
@ -123,7 +136,7 @@ router.get('/:name/messages', async (req, res) => {
res.send(messages);
});
router.post('/:name/messages/send', checkAuth, async (req, res) => {
router.post('/:name/messages/send', speedLimiter, limiter, checkAuth, async (req, res) => {
const { message } = req.body;
const name = req.params.name;
const user = req.user;
@ -205,7 +218,7 @@ router.post('/:name/messages/delete', checkAuth, async (req, res) => {
res.send({ message: 'Message deleted' });
});
router.post('/add', checkAuth, async (req, res) => {
router.post('/add', speedLimiter, limiter, checkAuth, async (req, res) => {
const { name, description } = req.body;
const user = req.user;