removed login rate limiting for now

2024-12-29 11:46:30 +08:00 · 2017-04-12 12:56:13 +03:00 · 2017-04-12 12:56:13 +03:00 · 17a936c3e0
commit 17a936c3e0
parent 89103122ff
2 changed files with 12 additions and 35 deletions
--- a/imap.js
+++ b/imap.js
@ -12,7 +12,6 @@ const ObjectID = require('mongodb').ObjectID;
 const Indexer = require('./imap-core/lib/indexer/indexer');
 const imapTools = require('./imap-core/lib/imap-tools');
 const fs = require('fs');
-const rateLimiter = require('rolling-rate-limiter');
 const setupIndexes = require('./indexes.json');
 const MessageHandler = require('./lib/message-handler');
 const db = require('./lib/db');
@ -66,40 +65,27 @@ let messageHandler;
 server.onAuth = function (login, session, callback) {
    let username = (login.username || '').toString().trim();

-    // rate limit authentication attempts per username/source IP
-    server.loginLimiter(username + ':' + session.remoteAddress, (err, timeLeft) => {
+    db.database.collection('users').findOne({
+        username
+    }, (err, user) => {
        if (err) {
            return callback(err);
        }
-        if (timeLeft) {
-            let err = new Error('Too many logins, try again later');
-            err.response = 'NO';
-            return callback(err);
+        if (!user) {
+            return callback();
        }

-        db.database.collection('users').findOne({
-            username
-        }, (err, user) => {
-            if (err) {
-                return callback(err);
-            }
-            if (!user) {
-                return callback();
-            }
+        if (!bcrypt.compareSync(login.password, user.password)) {
+            return callback();
+        }

-            if (!bcrypt.compareSync(login.password, user.password)) {
-                return callback();
+        callback(null, {
+            user: {
+                id: user._id,
+                username
            }
-
-            callback(null, {
-                user: {
-                    id: user._id,
-                    username
-                }
-            });
        });
    });
-
 };

 // LIST "" "*"
@ -1592,14 +1578,6 @@ module.exports = done => {
            database: db.database
        });

-        server.loginLimiter = rateLimiter({
-            redis: db.redis,
-            namespace: 'UserLoginLimiter',
-            // allow 100 login attempts per minute
-            interval: 60 * 1000,
-            maxInInterval: 100
-        });
-
        let started = false;

        server.on('error', err => {
--- a/package.json
+++ b/package.json
@ -35,7 +35,6 @@
    "redfour": "^1.0.0",
    "redis": "^2.7.1",
    "restify": "^4.3.0",
-    "rolling-rate-limiter": "^0.1.5",
    "smtp-server": "^3.0.1",
    "toml": "^2.3.2",
    "utf7": "^1.0.2",