profxadke/misskey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

enhance(server): add rate limits for some endpoints

Browse source
This commit is contained in:
syuilo 2023-01-14 15:59:15 +09:00
parent 51b8d4ae3e
commit 7df3ca7388
7 changed files with 35 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -83,6 +83,7 @@ You should also include the user name that made the change.
- Server: Judge instance block by endsWith @tamaina
- Server: improve note scoring for featured notes @CyberRex0
- Server: アンケート選択肢の文字数制限を緩和 @syuilo
- Server: add rate limits for some endpoints @syuilo
- Server: improve stats api performance @syuilo
- Server: improve nodeinfo performance @syuilo
- Server: delete outdated notifications regularly to improve db performance @syuilo

4
packages/backend/src/server/api/endpoints/blocking/create.ts
View file

@ -5,15 +5,15 @@ import type { UsersRepository, BlockingsRepository } from '@/models/index.js';
import { UserEntityService } from '@/core/entities/UserEntityService.js';
import { UserBlockingService } from '@/core/UserBlockingService.js';
import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = {
tags: ['account'],
limit: {
duration: ms('1hour'),
max: 100,
max: 20,
},
requireCredential: true,

6
packages/backend/src/server/api/endpoints/channels/create.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { ChannelsRepository, DriveFilesRepository } from '@/models/index.js';
import type { Channel } from '@/models/entities/Channel.js';
@ -14,6 +15,11 @@ export const meta = {
kind: 'write:channels',
limit: {
duration: ms('1hour'),
max: 10,
},
res: {
type: 'object',
optional: false, nullable: false,

8
packages/backend/src/server/api/endpoints/clips/add-note.ts
View file

@ -1,10 +1,11 @@
import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { IdService } from '@/core/IdService.js';
import { DI } from '@/di-symbols.js';
import type { ClipNotesRepository, ClipsRepository } from '@/models/index.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = {
tags: ['account', 'notes', 'clips'],
@ -13,6 +14,11 @@ export const meta = {
kind: 'write:account',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: {
noSuchClip: {
message: 'No such clip.',

8
packages/backend/src/server/api/endpoints/mute/create.ts
View file

@ -1,12 +1,13 @@
import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { IdService } from '@/core/IdService.js';
import type { MutingsRepository } from '@/models/index.js';
import type { Muting } from '@/models/entities/Muting.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = {
tags: ['account'],
@ -15,6 +16,11 @@ export const meta = {
kind: 'write:mutes',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: {
noSuchUser: {
message: 'No such user.',

6
packages/backend/src/server/api/endpoints/notes/favorites/create.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import type { NoteFavoritesRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js';
import { Endpoint } from '@/server/api/endpoint-base.js';
@ -13,6 +14,11 @@ export const meta = {
kind: 'write:favorites',
limit: {
duration: ms('1hour'),
max: 20,
},
errors: {
noSuchNote: {
message: 'No such note.',

6
packages/backend/src/server/api/endpoints/users/lists/push.ts
View file

@ -1,4 +1,5 @@
import { Inject, Injectable } from '@nestjs/common';
import ms from 'ms';
import type { UserListsRepository, UserListJoiningsRepository, BlockingsRepository } from '@/models/index.js';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { GetterService } from '@/server/api/GetterService.js';
@ -15,6 +16,11 @@ export const meta = {
description: 'Add a user to an existing list.',
limit: {
duration: ms('1hour'),
max: 30,
},
errors: {
noSuchList: {
message: 'No such list.',