mirror of
https://gitlab.com/comunic/comunicapiv2
synced 2024-11-25 23:09:22 +00:00
Ready to implement API limit
This commit is contained in:
parent
d6b5393fe4
commit
78a612048d
27
src/controllers/APILimitsController.ts
Normal file
27
src/controllers/APILimitsController.ts
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
/**
|
||||||
|
* API limits manager
|
||||||
|
*
|
||||||
|
* @author Pierre HUBERT
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { RequestHandler } from "../entities/RequestHandler";
|
||||||
|
import { Action, APILimitHelper } from "../helpers/APILimitsHelper";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Trigger query limiter
|
||||||
|
*
|
||||||
|
* @param h Request handler
|
||||||
|
* @param action The action to check
|
||||||
|
* @param trigger TRUE if the counter has to be increased by one / else it is a simple check
|
||||||
|
*/
|
||||||
|
export async function limit_query(h: RequestHandler, action: Action, trigger: boolean) {
|
||||||
|
|
||||||
|
// Increment the number of actions / failures done by the user
|
||||||
|
if(trigger) {
|
||||||
|
await APILimitHelper.Trigger(h.remoteIP, action)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check for counter
|
||||||
|
if(await APILimitHelper.Count(h.remoteIP, action) > 10)
|
||||||
|
h.error(429, "Too many request. Please try again later.")
|
||||||
|
}
|
@ -3,6 +3,8 @@ import { AccountHelper } from "../helpers/AccountHelper";
|
|||||||
import { UserHelper } from "../helpers/UserHelper";
|
import { UserHelper } from "../helpers/UserHelper";
|
||||||
import { NewAccount } from "../entities/NewAccount";
|
import { NewAccount } from "../entities/NewAccount";
|
||||||
import { removeHTMLNodes } from "../utils/StringUtils";
|
import { removeHTMLNodes } from "../utils/StringUtils";
|
||||||
|
import { limit_query } from "./APILimitsController";
|
||||||
|
import { Action } from "../helpers/APILimitsHelper";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Account controller
|
* Account controller
|
||||||
@ -44,27 +46,29 @@ export class AccountController {
|
|||||||
/**
|
/**
|
||||||
* Attempt to login user
|
* Attempt to login user
|
||||||
*
|
*
|
||||||
* @param handler
|
* @param h Request handler
|
||||||
*/
|
*/
|
||||||
public static async LoginUser(handler: RequestHandler) {
|
public static async LoginUser(h: RequestHandler) {
|
||||||
|
|
||||||
// Get post data
|
// Get post data
|
||||||
const email = handler.postEmail("userMail");
|
const email = h.postEmail("userMail");
|
||||||
const password = handler.postString("userPassword");
|
const password = h.postString("userPassword");
|
||||||
|
|
||||||
// TODO : add limits
|
// Limit request
|
||||||
|
await limit_query(h, Action.LOGIN_FAILED, false);
|
||||||
|
|
||||||
// Authenticate user
|
// Authenticate user
|
||||||
const tokens = await AccountHelper.LoginUser(email, password, handler.getClientInfo());
|
const tokens = await AccountHelper.LoginUser(email, password, h.getClientInfo());
|
||||||
|
|
||||||
if(tokens == null) {
|
if(tokens == null) {
|
||||||
// TODO : add limits
|
// Trigger limit
|
||||||
|
await limit_query(h, Action.LOGIN_FAILED, true);
|
||||||
|
|
||||||
handler.error(401, "Invalid e-mail address / password !");
|
h.error(401, "Invalid e-mail address / password !");
|
||||||
}
|
}
|
||||||
|
|
||||||
// Success
|
// Success
|
||||||
handler.send({
|
h.send({
|
||||||
success: "User signed in!",
|
success: "User signed in!",
|
||||||
tokens: {
|
tokens: {
|
||||||
token1: tokens.token1,
|
token1: tokens.token1,
|
||||||
|
39
src/helpers/APILimitsHelper.ts
Normal file
39
src/helpers/APILimitsHelper.ts
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
/**
|
||||||
|
* API Limits helper
|
||||||
|
*
|
||||||
|
* This implementation of API limits stores
|
||||||
|
* the counters inside memory, not in the databas
|
||||||
|
*
|
||||||
|
* @author Pierre HUBERT
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Different supported actions
|
||||||
|
export enum Action {
|
||||||
|
LOGIN_FAILED = "login_failed",
|
||||||
|
CREATE_ACCOUNT = "create_account"
|
||||||
|
}
|
||||||
|
|
||||||
|
export class APILimitHelper {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Trigger the counter (increase it by one)
|
||||||
|
*
|
||||||
|
* @param ip Target IP address
|
||||||
|
* @param action The action to check
|
||||||
|
*/
|
||||||
|
public static async Trigger(ip: string, action: Action) {
|
||||||
|
// TODO : trigger counter
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Count the number of actions perfomed by a user
|
||||||
|
*
|
||||||
|
* @param ip Target IP address
|
||||||
|
* @param action The action to check
|
||||||
|
*/
|
||||||
|
public static async Count(ip: string, action: Action) : Promise<number> {
|
||||||
|
// TODO : return count
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user