Added rate limiter

2024-01-08 13:29:06 -08:00 · 2024-01-08 13:29:06 -08:00 · 190b902090
commit 190b902090
parent ec3ccc110e
5 changed files with 54 additions and 17 deletions
--- a/app.js
+++ b/app.js
@ -5,6 +5,7 @@ import helmet from 'helmet';
 import Docker from 'dockerode';
 import cors from 'cors';
 import { Readable } from 'stream';
+import { rateLimit } from 'express-rate-limit';
 import { instrument } from '@socket.io/admin-ui'
 import { router } from './router/index.js';
 import { createServer } from 'node:http';
@ -23,7 +24,7 @@ let metricsInterval, cardsInterval, graphsInterval;
 let cardList = '';
 const statsArray = {};

-// socket.io admin ui
+// Socket.io admin ui
 export const io = new Server(server, { 
    connectionStateRecovery: {},
    cors: {
@ -48,8 +49,18 @@ const sessionMiddleware = session({
        maxAge:3600000 * 8 // Session max age in milliseconds. 3600000 = 1 hour.
    }
 });
+
+// Make session data available to socket.io
 io.engine.use(sessionMiddleware); 

+// Rate limiter
+const limiter = rateLimit({
+	windowMs: 5 * 60 * 1000, // 5 minutes
+	limit: 30, // Limit each IP to 30 requests per `window`.
+	standardHeaders: 'draft-7',
+	legacyHeaders: false,
+})
+
 // Express middleware
 app.set('view engine', 'ejs');
 app.use([
@ -67,19 +78,17 @@ app.use([
 server.listen(port, () => {
    async function init() {
        try {
-        await sequelize.authenticate();
-        console.log('[Connected to DB]');
-        } catch (error) {
-            console.log('[Could not connect to DB]', error);
+            await sequelize.authenticate().then(() => { console.log('[Connected to DB]') });
+        } catch {
+            console.log('[Could not connect to DB]');
        }
        try {
-        await sequelize.sync();
-        console.log('[Models Synced]');
-        hidden = await Container.findAll({ where: {visibility:false}});
-        containerCards();
-        } catch (error) {
-        console.log('[Could not Sync Models]', error);
+            await sequelize.sync().then(() => { console.log('[Models Synced]') });
+        } catch {
+            console.log('[Could not Sync Models]', error);
        }
+        getHidden();
+        containerCards();
        console.log(`\nServer listening on http://localhost:${port}`);
    }
    init();
--- a/controllers/dashboard.js
+++ b/controllers/dashboard.js
@ -2,7 +2,6 @@
 export const Dashboard = (req, res) => {


-
    res.render("dashboard", {
        name: req.session.user,
        role: req.session.role,
--- a/controllers/images.js
+++ b/controllers/images.js
@ -1,13 +1,26 @@
 import { docker } from '../app.js';
+import { dockerImages } from 'systeminformation';

 export const Images = async function(req, res) {

-    const allImages = await docker.listImages({ all: true });
+    const data1 = await dockerImages({ all: true });

-    for (let i = 0; i < allImages.length; i++) {
-        console.log(`Image ${i}:`)
-        console.log(`repoTags: ${allImages[i].repoTags}`)
-    }
+    const data2 = await docker.listImages({ all: true });
+
+    // for ( i = 0; i < data.length; i++) {
+    //     console.log(`Image ${i}:`)
+    //     console.log(`repoTags: ${data[i].repoTags}`)
+    // }
+    
+    console.log(`data1: ${data1}`);
+
+    console.log(`data2: ${data2}`);
+
+
+    // for (let i = 0; i < allImages.length; i++) {
+    //     console.log(`Image ${i}:`)
+    //     console.log(`repoTags: ${allImages[i].repoTags}`)
+    // }
    
    res.render("images", {
        name: req.session.user,
--- a/package-lock.json
+++ b/package-lock.json
@ -19,6 +19,7 @@
        "dockerode": "^4.0.1",
        "ejs": "^3.1.9",
        "express": "^4.18.2",
+        "express-rate-limit": "^7.1.5",
        "express-session": "^1.17.3",
        "helmet": "^7.1.0",
        "mocha": "^10.2.0",
@ -1883,6 +1884,20 @@
        "node": ">= 0.10.0"
      }
    },
+    "node_modules/express-rate-limit": {
+      "version": "7.1.5",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.1.5.tgz",
+      "integrity": "sha512-/iVogxu7ueadrepw1bS0X0kaRC/U0afwiYRSLg68Ts+p4Dc85Q5QKsOnPS/QUjPMHvOJQtBDrZgvkOzf8ejUYw==",
+      "engines": {
+        "node": ">= 16"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/express-rate-limit"
+      },
+      "peerDependencies": {
+        "express": "4 || 5 || ^5.0.0-beta.1"
+      }
+    },
    "node_modules/express-session": {
      "version": "1.17.3",
      "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz",
--- a/package.json
+++ b/package.json
@ -21,6 +21,7 @@
    "dockerode": "^4.0.1",
    "ejs": "^3.1.9",
    "express": "^4.18.2",
+    "express-rate-limit": "^7.1.5",
    "express-session": "^1.17.3",
    "helmet": "^7.1.0",
    "mocha": "^10.2.0",