pierre/GeneIT
1
0
Fork 0
Code Issues Pull Requests 3 Packages Projects Releases Wiki Activity

Add rate limiting

Browse Source
This commit is contained in:
Pierre HUBERT
2023-05-26 17:55:19 +02:00
parent 4ba4d10fce
commit c84c2ef3c5
14 changed files with 242 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
geneit_backend/src/controllers/auth_controller.rs
View File

@ -1,7 +1,8 @@
use crate::constants::StaticConstraints;
use crate::services::users_service;
use crate::controllers::HttpResult;
use crate::services::rate_limiter_service::RatedAction;
use crate::services::{rate_limiter_service, users_service};
use actix_remote_ip::RemoteIP;
use actix_web::error::ErrorInternalServerError;
use actix_web::{web, HttpResponse};
#[derive(serde::Deserialize)]
@ -11,11 +12,12 @@ pub struct CreateAccountBody {
}
/// Create a new account
pub async fn create_account(
_remote_ip: RemoteIP,
req: web::Json<CreateAccountBody>,
) -> actix_web::Result<HttpResponse> {
// TODO : rate limiting
pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBody>) -> HttpResult {
// Rate limiting
if rate_limiter_service::should_block_action(remote_ip.0, RatedAction::CreateAccount).await? {
return Ok(HttpResponse::TooManyRequests().finish());
}
rate_limiter_service::record_action(remote_ip.0, RatedAction::CreateAccount).await?;
// Check if email is valid
if !mailchecker::is_valid(&req.email) {
@ -30,25 +32,14 @@ pub async fn create_account(
}
// Check if email is already attached to an account
match users_service::exists_email(&req.email).await {
Ok(false) => {}
Ok(true) => {
return Ok(HttpResponse::Conflict()
.json("An account with the same email address already exists!"));
}
Err(e) => {
log::error!("Failed to check email existence! {}", e);
return Err(ErrorInternalServerError(e));
}
if users_service::exists_email(&req.email).await? {
return Ok(
HttpResponse::Conflict().json("An account with the same email address already exists!")
);
}
// Create the account
let user_id = users_service::create_account(&req.name, &req.email)
.await
.map_err(|e| {
log::error!("Failed to create user! {e}");
ErrorInternalServerError(e)
})?;
let user_id = users_service::create_account(&req.name, &req.email).await?;
// TODO : trigger reset password (send mail)