diff --git a/backend/UserConfig.ts b/backend/UserConfig.ts index de49982..c31b903 100644 --- a/backend/UserConfig.ts +++ b/backend/UserConfig.ts @@ -2,7 +2,6 @@ import { UserConfiguration, UserConfigTypeChecker } from 'ass'; import fs from 'fs-extra'; import { path } from '@tycrek/joint'; - import { log } from './log'; const FILEPATH = path.join('.ass-data/userconfig.json'); @@ -113,9 +112,9 @@ export class UserConfig { // * optional rate limit config if (config.rateLimit != null) { - if (!Checkers.rateLimit.endpoint(config.rateLimit.login)) throw new Error('Invalid rate limit configuration'); - if (!Checkers.rateLimit.endpoint(config.rateLimit.upload)) throw new Error('Invalid rate limit configuration'); - if (!Checkers.rateLimit.endpoint(config.rateLimit.api)) throw new Error('Invalid rate limit configuration'); + if (!Checkers.rateLimit.endpoint(config.rateLimit.login)) throw new Error('Invalid Login rate limit configuration'); + if (!Checkers.rateLimit.endpoint(config.rateLimit.upload)) throw new Error('Invalid Upload rate limit configuration'); + if (!Checkers.rateLimit.endpoint(config.rateLimit.api)) throw new Error('Invalid API rate limit configuration'); } // All is fine, carry on! diff --git a/backend/ratelimit.ts b/backend/ratelimit.ts index ce2df56..0706ade 100644 --- a/backend/ratelimit.ts +++ b/backend/ratelimit.ts @@ -5,7 +5,7 @@ import { rateLimit } from 'express-rate-limit'; /** * map that contains rate limiter middleware for each group */ -let rateLimiterGroups = new Map void>(); +const rateLimiterGroups = new Map void>(); /** * creates middleware for rate limiting @@ -21,11 +21,11 @@ export const rateLimiterMiddleware = (group: string, config: EndpointRateLimitCo return rateLimiterGroups.get(group)!; } else { rateLimiterGroups.set(group, rateLimit({ - limit: config.requests, - windowMs: config.duration * 1000, + limit: config.requests, + windowMs: config.duration * 1000, skipFailedRequests: true, - legacyHeaders: false, - standardHeaders: "draft-7", + legacyHeaders: false, + standardHeaders: 'draft-7', keyGenerator: (req, res) => { return req.ip || 'disconnected'; }, diff --git a/backend/routers/api.ts b/backend/routers/api.ts index 2125234..fe6990e 100644 --- a/backend/routers/api.ts +++ b/backend/routers/api.ts @@ -39,7 +39,7 @@ router.post('/setup', BodyParserJson(), async (req, res) => { }); // User login -router.post('/login', rateLimiterMiddleware("login", UserConfig.config.rateLimit?.login), BodyParserJson(), (req, res) => { +router.post('/login', rateLimiterMiddleware('login', UserConfig.config.rateLimit?.login), BodyParserJson(), (req, res) => { const { username, password } = req.body; data.getAll('users') @@ -69,7 +69,7 @@ router.post('/login', rateLimiterMiddleware("login", UserConfig.config.rateLimit }); // todo: authenticate API endpoints -router.post('/user', rateLimiterMiddleware("api", UserConfig.config.rateLimit?.api), BodyParserJson(), async (req, res) => { +router.post('/user', rateLimiterMiddleware('api', UserConfig.config.rateLimit?.api), BodyParserJson(), async (req, res) => { if (!UserConfig.ready) return res.status(409).json({ success: false, message: 'User config not ready' }); diff --git a/common/types.d.ts b/common/types.d.ts index d9ca35f..af05700 100644 --- a/common/types.d.ts +++ b/common/types.d.ts @@ -59,7 +59,7 @@ declare module 'ass' { database: string; } } - + /** * rate limiter configuration * @since 0.15.0 diff --git a/frontend/setup.mts b/frontend/setup.mts index fe2d043..306e608 100644 --- a/frontend/setup.mts +++ b/frontend/setup.mts @@ -55,7 +55,7 @@ document.addEventListener('DOMContentLoaded', () => { ratelimitApiTime: document.querySelector('#ratelimit-api-time') as SlInput, ratelimitUploadRequests: document.querySelector('#ratelimit-upload-requests') as SlInput, ratelimitUploadTime: document.querySelector('#ratelimit-upload-time') as SlInput, - + submitButton: document.querySelector('#submit') as SlButton, }; @@ -101,7 +101,7 @@ document.addEventListener('DOMContentLoaded', () => { // append rate limit config, if specified if (( - Elements.ratelimitLoginRequests.value + Elements.ratelimitLoginRequests.value || Elements.ratelimitLoginTime.value || Elements.ratelimitUploadRequests.value || Elements.ratelimitUploadTime.value @@ -110,11 +110,11 @@ document.addEventListener('DOMContentLoaded', () => { ) { if (!config.rateLimit) config.rateLimit = {}; - if ( - genericRateLimit(config.rateLimit, 'login', Elements.submitButton, Elements.ratelimitLoginRequests, Elements.ratelimitLoginTime) + if ( + genericRateLimit(config.rateLimit, 'login', Elements.submitButton, Elements.ratelimitLoginRequests, Elements.ratelimitLoginTime) || genericRateLimit(config.rateLimit, 'api', Elements.submitButton, Elements.ratelimitApiRequests, Elements.ratelimitApiTime) || genericRateLimit(config.rateLimit, 'upload', Elements.submitButton, Elements.ratelimitUploadRequests, Elements.ratelimitUploadTime) - ) { + ) { return; } } diff --git a/package-lock.json b/package-lock.json index 4fe2967..1e5af72 100755 --- a/package-lock.json +++ b/package-lock.json @@ -11,10 +11,10 @@ "dependencies": { "@aws-sdk/client-s3": "^3.421.0", "@shoelace-style/shoelace": "^2.9.0", - "@tinycreek/postcss-font-magician": "^4.1.0", + "@tinycreek/postcss-font-magician": "^4.2.0", "@tsconfig/node20": "^20.1.2", "@tycrek/discord-hookr": "^0.1.0", - "@tycrek/express-postcss": "^0.4.0", + "@tycrek/express-postcss": "^0.4.1", "@tycrek/joint": "^1.0.0-1", "@tycrek/log": "^0.7.5", "@tycrek/papito": "^0.3.4", diff --git a/package.json b/package.json index afaf7ba..c8a5659 100644 --- a/package.json +++ b/package.json @@ -31,10 +31,10 @@ "dependencies": { "@aws-sdk/client-s3": "^3.421.0", "@shoelace-style/shoelace": "^2.9.0", - "@tinycreek/postcss-font-magician": "^4.1.0", + "@tinycreek/postcss-font-magician": "^4.2.0", "@tsconfig/node20": "^20.1.2", "@tycrek/discord-hookr": "^0.1.0", - "@tycrek/express-postcss": "^0.4.0", + "@tycrek/express-postcss": "^0.4.1", "@tycrek/joint": "^1.0.0-1", "@tycrek/log": "^0.7.5", "@tycrek/papito": "^0.3.4",