We use cookies to ensure you get the best experience on our website
首页 发现 帮助
注册 登录
0ct0pu5
/
YellowLabTools
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 0da2ad0c10
分支列表 标签列表
YellowLabTools
/
lib
/
server
/
middlewares
/
apiLimitsMiddleware.js

apiLimitsMiddleware.js 2.3 KB
文件历史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. var config      = require('../../../server_config/settings.json');
    2. 

  2. 

  3. var debug       = require('debug')('apiLimitsMiddleware');
    4. 

  4. 

  5. 

  6. var apiLimitsMiddleware = function(req, res, next) {
    7. 

  7.     'use strict';
    8. 

  8. 

  9.     debug('Entering API Limits Middleware with IP address %s', req.connection.remoteAddress);
    10. 

  10. 

  11.     if (req.path.indexOf('/api/') === 0 && !res.locals.hasApiKey) {
    12. 

  12.         
    13. 

  13.         
    14. 

  14.         if (req.path === '/api/runs') {
    15. 

  15.             
    16. 

  16.             if (!runsTable.accepts(req.connection.remoteAddress)) {
    17. 

  17.                 // Sorry :/
    18. 

  18.                 debug('Too many tests launched from IP address %s', req.connection.remoteAddress);
    19. 

  19.                 res.status(429).send('Too Many Requests');
    20. 

  20.                 return;
    21. 

  21.             }
    22. 

  22. 

  23.         }
    24. 

  24. 

  25.         if (!callsTable.accepts(req.connection.remoteAddress)) {
    26. 

  26.             // Sorry :/
    27. 

  27.             debug('Too many API requests from IP address %s', req.connection.remoteAddress);
    28. 

  28.             res.status(429).send('Too Many Requests');
    29. 

  29.             return;
    30. 

  30.         }
    31. 

  31. 

  32.         debug('Not blocked by the API limits');
    33. 

  33.         // It's ok for the moment
    34. 

  34.     }
    35. 

  35. 

  36.     next();
    37. 

  37. };
    38. 

  38. 

  39. 

  40. var RecordTable = function(maxPerDay) {
    41. 

  41.     var table = {};
    42. 

  42. 

  43.     // Check if the user overpassed the limit and save its visit
    44. 

  44.     this.accepts = function(ipAddress) {
    45. 

  45.         if (table[ipAddress]) {
    46. 

  46.             
    47. 

  47.             this.cleanEntry(ipAddress);
    48. 

  48. 

  49.             debug('%d visits in the last 24 hours', table[ipAddress].length);
    50. 

  50. 

  51.             if (table[ipAddress].length >= maxPerDay) {
    52. 

  52.                 return false;
    53. 

  53.             } else {
    54. 

  54.                 table[ipAddress].push(Date.now());
    55. 

  55.             }
    56. 

  56. 

  57.         } else {
    58. 

  58.             table[ipAddress] = [];
    59. 

  59.             table[ipAddress].push(Date.now());
    60. 

  60.         }
    61. 

  61. 

  62.         return true;
    63. 

  63.     };
    64. 

  64. 

  65.     // Clean the table for this guy
    66. 

  66.     this.cleanEntry = function(ipAddress) {
    67. 

  67.         table[ipAddress] = table[ipAddress].filter(function(date) {
    68. 

  68.             return date > Date.now() - 1000*60*60*24;
    69. 

  69.         });
    70. 

  70.     };
    71. 

  71. 

  72.     // Clean the entire table once in a while
    73. 

  73.     this.removeOld = function() {
    74. 

  74.         for (var ipAddress in table) {
    75. 

  75.             this.cleanEntry(ipAddress);
    76. 

  76.         }
    77. 

  77.     };
    78. 

  78. 

  79. };
    80. 

  80. 

  81. // Init the records tables
    82. 

  82. var runsTable = new RecordTable(config.maxAnonymousRunsPerDay);
    83. 

  83. var callsTable = new RecordTable(config.maxAnonymousCallsPerDay);
    84. 

  84. 

  85. module.exports = apiLimitsMiddleware;
    86.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5