neon/hackclub-nest
1
0
Fork 0
mirror of https://github.com/neongamerbot-qk/hackclub-nest synced 2025-05-12 00:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: ratelimits

Browse source
This commit is contained in:
Saahil dutta 2024-11-03 18:08:22 -05:00
parent f336ec37b3
commit d59be2bfb1
Signed by: neon
GPG key ID: 8A8B64515254CFC6
3 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
hackclub-spotify-bot/src/index.js
View file

@ -2,6 +2,7 @@ const path = require("path");
require("dotenv").config();
const express = require("express");
const session = require("express-session");
const rateLimit = require('express-rate-limit');
const FileStore = require("session-file-store")(session);
const { InstallProvider, FileInstallationStore } = require("@slack/oauth");
const {
@ -184,6 +185,16 @@ app.get("/download/db", async (req, res) => {
res.setHeader("Content-Disposition", 'attachment; filename="songs.csv"');
res.send(csvData);
});
const limiter = rateLimit({
windowMs: 1 * 60 * 1000, // 1 minutes
limit: 5, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
// store: ... , // Redis, Memcached, etc. See below.
})
// Apply the rate limiting middleware to all requests.
app.use(limiter)
app.post("/spotify/submitsong", async (req, res) => {
if (!req.session.token) return res.redirect("/login");
if (!cacheDb[req.query.token]) return res.redirect(`/home?error=0`);