2016-12-29 00:49:51 +02:00
|
|
|
import * as Limiter from 'ratelimiter';
|
2017-01-23 11:25:52 +02:00
|
|
|
import * as debug from 'debug';
|
2018-03-28 19:20:40 +03:00
|
|
|
import limiterDB from '../../db/redis';
|
2017-03-01 15:33:43 +02:00
|
|
|
import { Endpoint } from './endpoints';
|
2016-12-29 00:49:51 +02:00
|
|
|
import { IAuthContext } from './authenticate';
|
2018-04-02 06:58:53 +03:00
|
|
|
import getAcct from '../../user/get-acct';
|
2016-12-29 00:49:51 +02:00
|
|
|
|
2017-01-23 11:25:52 +02:00
|
|
|
const log = debug('misskey:limitter');
|
|
|
|
|
2017-03-01 15:33:43 +02:00
|
|
|
export default (endpoint: Endpoint, ctx: IAuthContext) => new Promise((ok, reject) => {
|
|
|
|
const limitation = endpoint.limit;
|
|
|
|
|
|
|
|
const key = limitation.hasOwnProperty('key')
|
|
|
|
? limitation.key
|
2016-12-29 00:49:51 +02:00
|
|
|
: endpoint.name;
|
|
|
|
|
2017-03-01 15:33:43 +02:00
|
|
|
const hasShortTermLimit =
|
|
|
|
limitation.hasOwnProperty('minInterval');
|
2016-12-29 00:49:51 +02:00
|
|
|
|
2017-03-01 15:33:43 +02:00
|
|
|
const hasLongTermLimit =
|
|
|
|
limitation.hasOwnProperty('duration') &&
|
|
|
|
limitation.hasOwnProperty('max');
|
2016-12-29 00:49:51 +02:00
|
|
|
|
2017-03-01 15:33:43 +02:00
|
|
|
if (hasShortTermLimit) {
|
2016-12-29 00:49:51 +02:00
|
|
|
min();
|
2017-03-01 15:33:43 +02:00
|
|
|
} else if (hasLongTermLimit) {
|
2016-12-29 00:49:51 +02:00
|
|
|
max();
|
|
|
|
} else {
|
|
|
|
ok();
|
|
|
|
}
|
|
|
|
|
|
|
|
// Short-term limit
|
2017-01-23 11:25:52 +02:00
|
|
|
function min() {
|
2016-12-29 00:49:51 +02:00
|
|
|
const minIntervalLimiter = new Limiter({
|
2017-03-01 15:33:43 +02:00
|
|
|
id: `${ctx.user._id}:${key}:min`,
|
|
|
|
duration: limitation.minInterval,
|
2016-12-29 00:49:51 +02:00
|
|
|
max: 1,
|
|
|
|
db: limiterDB
|
|
|
|
});
|
|
|
|
|
2017-01-23 11:25:52 +02:00
|
|
|
minIntervalLimiter.get((err, info) => {
|
|
|
|
if (err) {
|
|
|
|
return reject('ERR');
|
|
|
|
}
|
|
|
|
|
2018-03-27 10:51:12 +03:00
|
|
|
log(`@${getAcct(ctx.user)} ${endpoint.name} min remaining: ${info.remaining}`);
|
2017-01-23 11:25:52 +02:00
|
|
|
|
|
|
|
if (info.remaining === 0) {
|
2016-12-29 00:49:51 +02:00
|
|
|
reject('BRIEF_REQUEST_INTERVAL');
|
|
|
|
} else {
|
2017-03-01 15:33:43 +02:00
|
|
|
if (hasLongTermLimit) {
|
2016-12-29 00:49:51 +02:00
|
|
|
max();
|
|
|
|
} else {
|
|
|
|
ok();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
// Long term limit
|
2017-01-23 11:25:52 +02:00
|
|
|
function max() {
|
2016-12-29 00:49:51 +02:00
|
|
|
const limiter = new Limiter({
|
2017-03-01 15:33:43 +02:00
|
|
|
id: `${ctx.user._id}:${key}`,
|
|
|
|
duration: limitation.duration,
|
|
|
|
max: limitation.max,
|
2016-12-29 00:49:51 +02:00
|
|
|
db: limiterDB
|
|
|
|
});
|
|
|
|
|
2017-01-23 11:25:52 +02:00
|
|
|
limiter.get((err, info) => {
|
|
|
|
if (err) {
|
|
|
|
return reject('ERR');
|
|
|
|
}
|
|
|
|
|
2018-03-27 10:51:12 +03:00
|
|
|
log(`@${getAcct(ctx.user)} ${endpoint.name} max remaining: ${info.remaining}`);
|
2017-01-23 11:25:52 +02:00
|
|
|
|
|
|
|
if (info.remaining === 0) {
|
2016-12-29 00:49:51 +02:00
|
|
|
reject('RATE_LIMIT_EXCEEDED');
|
|
|
|
} else {
|
|
|
|
ok();
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|