nodemailer/wildduck
1
1
Fork 0
mirror of https://github.com/nodemailer/wildduck.git synced 2024-12-31 04:33:09 +08:00
Code Issues Projects Releases Packages Wiki Activity

removed login rate limiting for now

Browse source
This commit is contained in:
Andris Reinman 2017-04-12 12:56:13 +03:00
parent 89103122ff
commit 17a936c3e0
2 changed files with 12 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
imap.js
View file

@ -12,7 +12,6 @@ const ObjectID = require('mongodb').ObjectID;
const Indexer = require('./imap-core/lib/indexer/indexer'); const Indexer = require('./imap-core/lib/indexer/indexer');
const imapTools = require('./imap-core/lib/imap-tools'); const imapTools = require('./imap-core/lib/imap-tools');
const fs = require('fs'); const fs = require('fs');
const rateLimiter = require('rolling-rate-limiter');
const setupIndexes = require('./indexes.json'); const setupIndexes = require('./indexes.json');
const MessageHandler = require('./lib/message-handler'); const MessageHandler = require('./lib/message-handler');
const db = require('./lib/db'); const db = require('./lib/db');
@ -66,40 +65,27 @@ let messageHandler;
server.onAuth = function (login, session, callback) { server.onAuth = function (login, session, callback) {
let username = (login.username || '').toString().trim(); let username = (login.username || '').toString().trim();
// rate limit authentication attempts per username/source IP db.database.collection('users').findOne({
server.loginLimiter(username + ':' + session.remoteAddress, (err, timeLeft) => { username
}, (err, user) => {
if (err) { if (err) {
return callback(err); return callback(err);
} }
if (timeLeft) { if (!user) {
let err = new Error('Too many logins, try again later'); return callback();
err.response = 'NO';
return callback(err);
} }
db.database.collection('users').findOne({ if (!bcrypt.compareSync(login.password, user.password)) {
username return callback();
}, (err, user) => { }
if (err) {
return callback(err);
}
if (!user) {
return callback();
}
if (!bcrypt.compareSync(login.password, user.password)) { callback(null, {
return callback(); user: {
id: user._id,
username
} }
callback(null, {
user: {
id: user._id,
username
}
});
}); });
}); });
}; };
// LIST "" "*" // LIST "" "*"
@ -1592,14 +1578,6 @@ module.exports = done => {
database: db.database database: db.database
}); });
server.loginLimiter = rateLimiter({
redis: db.redis,
namespace: 'UserLoginLimiter',
// allow 100 login attempts per minute
interval: 60 * 1000,
maxInInterval: 100
});
let started = false; let started = false;
server.on('error', err => { server.on('error', err => {

1
package.json
View file

@ -35,7 +35,6 @@
"redfour": "^1.0.0", "redfour": "^1.0.0",
"redis": "^2.7.1", "redis": "^2.7.1",
"restify": "^4.3.0", "restify": "^4.3.0",
"rolling-rate-limiter": "^0.1.5",
"smtp-server": "^3.0.1", "smtp-server": "^3.0.1",
"toml": "^2.3.2", "toml": "^2.3.2",
"utf7": "^1.0.2", "utf7": "^1.0.2",