opensource/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash.git synced 2025-10-27 19:53:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

feature (429): rate limit authentication endpoints

Browse Source
This commit is contained in:
Mickael Kerjean
2022-09-04 22:26:03 +10:00
parent 952f45097e
commit c7e40e42db
8 changed files with 494 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/middleware/http.go
View File

@ -3,6 +3,7 @@ package middleware
import (
"fmt"
. "github.com/mickael-kerjean/filestash/server/common"
"golang.org/x/time/rate"
"net/http"
"path/filepath"
)
@ -91,3 +92,18 @@ func SecureAjax(fn func(*App, http.ResponseWriter, *http.Request)) func(ctx *App
SendErrorResult(res, ErrNotAllowed)
}
}
var limiter = rate.NewLimiter(5, 500)
func RateLimiter(fn func(*App, http.ResponseWriter, *http.Request)) func(ctx *App, res http.ResponseWriter, req *http.Request) {
return func(ctx *App, res http.ResponseWriter, req *http.Request) {
if limiter.Allow() == false {
SendErrorResult(
res,
NewError(http.StatusText(429), http.StatusTooManyRequests),
)
return
}
fn(ctx, res, req)
}
}