From cca3f8090df468a89ada5edcdd44f828199c8faf Mon Sep 17 00:00:00 2001
From: Miodec <jack@monkeytype.com>
Date: Wed, 7 Jun 2023 15:15:14 +0200
Subject: [PATCH] updated admin limit

---
 backend/src/api/routes/admin.ts         | 6 +++---
 backend/src/api/routes/configuration.ts | 6 +++---
 backend/src/middlewares/rate-limit.ts   | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/backend/src/api/routes/admin.ts b/backend/src/api/routes/admin.ts
index 607f80ae0..eaf12c40c 100644
--- a/backend/src/api/routes/admin.ts
+++ b/backend/src/api/routes/admin.ts
@@ -7,7 +7,7 @@ import {
   validateConfiguration,
 } from "../../middlewares/api-utils";
 import * as AdminController from "../controllers/admin";
-import { onePerMin } from "../../middlewares/rate-limit";
+import { adminLimit } from "../../middlewares/rate-limit";
 import { toggleBan } from "../controllers/user";
 
 const router = Router();
@@ -23,7 +23,7 @@ router.use(
 
 router.get(
   "/",
-  onePerMin,
+  adminLimit,
   authenticateRequest({
     noCache: true,
   }),
@@ -33,7 +33,7 @@ router.get(
 
 router.post(
   "/toggleBan",
-  onePerMin,
+  adminLimit,
   authenticateRequest({
     noCache: true,
   }),
diff --git a/backend/src/api/routes/configuration.ts b/backend/src/api/routes/configuration.ts
index 93820fd04..c8d56c14e 100644
--- a/backend/src/api/routes/configuration.ts
+++ b/backend/src/api/routes/configuration.ts
@@ -8,7 +8,7 @@ import {
 } from "../../middlewares/api-utils";
 import * as ConfigurationController from "../controllers/configuration";
 import { authenticateRequest } from "../../middlewares/auth";
-import { onePerMin } from "../../middlewares/rate-limit";
+import { adminLimit } from "../../middlewares/rate-limit";
 
 const router = Router();
 
@@ -22,7 +22,7 @@ router.get("/", asyncHandler(ConfigurationController.getConfiguration));
 
 router.patch(
   "/",
-  onePerMin,
+  adminLimit,
   useInProduction([authenticateRequest(), checkIfUserIsConfigurationMod]),
   validateRequest({
     body: {
@@ -34,7 +34,7 @@ router.patch(
 
 router.get(
   "/schema",
-  onePerMin,
+  adminLimit,
   useInProduction([authenticateRequest(), checkIfUserIsConfigurationMod]),
   asyncHandler(ConfigurationController.getSchema)
 );
diff --git a/backend/src/middlewares/rate-limit.ts b/backend/src/middlewares/rate-limit.ts
index c30d8c98f..5f80690bf 100644
--- a/backend/src/middlewares/rate-limit.ts
+++ b/backend/src/middlewares/rate-limit.ts
@@ -98,8 +98,8 @@ export async function incrementBadAuth(
   } catch (error) {}
 }
 
-export const onePerMin = rateLimit({
-  windowMs: 60 * 1000,
+export const adminLimit = rateLimit({
+  windowMs: 5000,
   max: 1 * REQUEST_MULTIPLIER,
   keyGenerator: getKeyWithUid,
   handler: customHandler,