mirror of
https://github.com/dec0dOS/zero-ui.git
synced 2024-09-20 06:56:05 +08:00
feat:rateLimiter
This commit is contained in:
parent
559a98850e
commit
60777f5165
|
@ -15,6 +15,7 @@
|
|||
"dotenv": "^16.3.1",
|
||||
"express": "^4.18.2",
|
||||
"express-bearer-token": "^2.4.0",
|
||||
"express-rate-limit": "^7.1.1",
|
||||
"helmet": "^5.1.1",
|
||||
"lodash": "^4.17.21",
|
||||
"lowdb": "^1.0.0",
|
||||
|
|
|
@ -1,8 +1,15 @@
|
|||
import express from "express";
|
||||
import rateLimit from "express-rate-limit"
|
||||
const router = express.Router();
|
||||
|
||||
import * as auth from "../services/auth.js";
|
||||
|
||||
const loginLimiter = rateLimit({
|
||||
windowMs: 15 * 60 * 1000, // 15 minutes
|
||||
max: 5, // limit each IP to 5 requests per windowMs
|
||||
message: "Too many login attempts, please try again in 15 minutes.",
|
||||
});
|
||||
|
||||
router.get("/login", async function (req, res) {
|
||||
if (process.env.ZU_DISABLE_AUTH === "true") {
|
||||
res.send({ enabled: false });
|
||||
|
@ -11,9 +18,10 @@ router.get("/login", async function (req, res) {
|
|||
}
|
||||
});
|
||||
|
||||
router.post("/login", async function (req, res) {
|
||||
router.post("/login", loginLimiter, async function (req, res) {
|
||||
if (req.body.username && req.body.password) {
|
||||
auth.authorize(req.body.username, req.body.password, function (err, user) {
|
||||
console.log(err.message)
|
||||
if (user) {
|
||||
res.send({ token: user["token"] });
|
||||
} else {
|
||||
|
|
10
yarn.lock
10
yarn.lock
|
@ -2020,6 +2020,7 @@ __metadata:
|
|||
eslint-plugin-unicorn: "npm:^48.0.1"
|
||||
express: "npm:^4.18.2"
|
||||
express-bearer-token: "npm:^2.4.0"
|
||||
express-rate-limit: "npm:^7.1.1"
|
||||
helmet: "npm:^5.1.1"
|
||||
lodash: "npm:^4.17.21"
|
||||
lowdb: "npm:^1.0.0"
|
||||
|
@ -4005,6 +4006,15 @@ __metadata:
|
|||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"express-rate-limit@npm:^7.1.1":
|
||||
version: 7.1.1
|
||||
resolution: "express-rate-limit@npm:7.1.1"
|
||||
peerDependencies:
|
||||
express: ^4 || ^5
|
||||
checksum: 28fc48e25e52b269a37a9e223fcd2a234022466645737c182eec2d2a72fdfdb42a396738a062924ee37ff56719957ae0ef092cfde510ba34b63d554ce094f6ba
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"express@npm:^4.18.2":
|
||||
version: 4.18.2
|
||||
resolution: "express@npm:4.18.2"
|
||||
|
|
Loading…
Reference in a new issue