blek
/
bin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add rate limits

This commit is contained in:
b1ek 2023-04-18 10:42:16 +10:00
parent c9e9debd70
commit 2a873f38eb
Signed by: blek
GPG Key ID: 14546221E3595D0C
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
routes/upload.js
View File

@ -3,23 +3,21 @@ const router = express.Router();
const handler = require('express-async-handler');
const content = require('../helpers/content');
const memcache = require('memcached');
const cache = new memcache(process.env.SESSION_MEMCACHE_HOST);
const crypto = require('crypto');
const { MAXFILES, APP_DEBUG, RATE_LIMIT } = process.env;
let ratelimits = {};
var ratelimits = {};
async function upload(req, res) {
if (!ratelimits[req.ip])
ratelimits[req.ip] = Date.now();
let rate_lim = ratelimits[req.ip];
if (Date.now() - ratelimits[req.ip] < RATE_LIMIT) {
res.status(503).send('You are being rate limited.');
return;
}
if (rate_lim)
if (Date.now() - rate_lim < RATE_LIMIT) {
res.status(503).send('You are being rate limited.');
return;
}
if (req.body['_csrf'] != req.session.csrf) {
res.status(405).send('CSRF error');
@ -50,6 +48,7 @@ async function upload(req, res) {
return;
}
ratelimits[req.ip] = Date.now();
const id = await content.create(data);
res.redirect(
'/view?id=' + encodeURIComponent(id)