We use cookies to ensure you get the best experience on our website
Halaman utama Jelajahi Bantuan
Daftar Masuk
0ct0pu5
/
YellowLabTools
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: 95659839b2
Ranting Tag
YellowLabTools
/
lib
/
server
/
middlewares
/
apiLimitsMiddleware.js

apiLimitsMiddleware.js 2.4 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. var config = (process.env.IS_TEST) ? require('../../../test/fixtures/settings.json') : require('../../../server_config/settings.json');
    2. 

  2. 

  3. var debug = require('debug')('apiLimitsMiddleware');
    4. 

  4. 

  5. 

  6. var apiLimitsMiddleware = function(req, res, next) {
    7. 

  7.     'use strict';
    8. 

  8. 

  9.     var ipAddress = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
    10. 

  10. 

  11.     debug('Entering API Limits Middleware with IP address %s', ipAddress);
    12. 

  12. 

  13.     if (req.path.indexOf('/api/') === 0 && !res.locals.hasApiKey) {
    14. 

  14.         
    15. 

  15.         
    16. 

  16.         if (req.path === '/api/runs') {
    17. 

  17.             
    18. 

  18.             if (!runsTable.accepts(ipAddress)) {
    19. 

  19.                 // Sorry :/
    20. 

  20.                 debug('Too many tests launched from IP address %s', ipAddress);
    21. 

  21.                 res.status(429).send('Too many requests');
    22. 

  22.                 return;
    23. 

  23.             }
    24. 

  24. 

  25.         }
    26. 

  26. 

  27.         if (!callsTable.accepts(ipAddress)) {
    28. 

  28.             // Sorry :/
    29. 

  29.             debug('Too many API requests from IP address %s', ipAddress);
    30. 

  30.             res.status(429).send('Too many requests');
    31. 

  31.             return;
    32. 

  32.         }
    33. 

  33. 

  34.         debug('Not blocked by the API limits');
    35. 

  35.         // It's ok for the moment
    36. 

  36.     }
    37. 

  37. 

  38.     next();
    39. 

  39. };
    40. 

  40. 

  41. 

  42. var RecordTable = function(maxPerDay) {
    43. 

  43.     var table = {};
    44. 

  44. 

  45.     // Check if the user overpassed the limit and save its visit
    46. 

  46.     this.accepts = function(ipAddress) {
    47. 

  47.         if (table[ipAddress]) {
    48. 

  48.             
    49. 

  49.             this.cleanEntry(ipAddress);
    50. 

  50. 

  51.             debug('%d visits in the last 24 hours', table[ipAddress].length);
    52. 

  52. 

  53.             if (table[ipAddress].length >= maxPerDay) {
    54. 

  54.                 return false;
    55. 

  55.             } else {
    56. 

  56.                 table[ipAddress].push(Date.now());
    57. 

  57.             }
    58. 

  58. 

  59.         } else {
    60. 

  60.             table[ipAddress] = [];
    61. 

  61.             table[ipAddress].push(Date.now());
    62. 

  62.         }
    63. 

  63. 

  64.         return true;
    65. 

  65.     };
    66. 

  66. 

  67.     // Clean the table for this guy
    68. 

  68.     this.cleanEntry = function(ipAddress) {
    69. 

  69.         table[ipAddress] = table[ipAddress].filter(function(date) {
    70. 

  70.             return date > Date.now() - 1000*60*60*24;
    71. 

  71.         });
    72. 

  72.     };
    73. 

  73. 

  74.     // Clean the entire table once in a while
    75. 

  75.     this.removeOld = function() {
    76. 

  76.         for (var ipAddress in table) {
    77. 

  77.             this.cleanEntry(ipAddress);
    78. 

  78.         }
    79. 

  79.     };
    80. 

  80. 

  81. };
    82. 

  82. 

  83. // Init the records tables
    84. 

  84. var runsTable = new RecordTable(config.maxAnonymousRunsPerDay);
    85. 

  85. var callsTable = new RecordTable(config.maxAnonymousCallsPerDay);
    86. 

  86. 

  87. module.exports = apiLimitsMiddleware;
    88.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5