mirror of
https://activitypub.software/TransFem-org/Sharkey.git
synced 2024-12-13 05:00:45 +01:00
use the correct remote address
we're doing the same thing that Fastify does in the non-streaming ServerService
This commit is contained in:
parent
311a31da58
commit
4cd44130e0
3 changed files with 15 additions and 3 deletions
|
@ -156,6 +156,7 @@
|
|||
"pkce-challenge": "4.1.0",
|
||||
"probe-image-size": "7.2.3",
|
||||
"promise-limit": "2.7.0",
|
||||
"proxy-addr": "^2.0.7",
|
||||
"pug": "3.0.2",
|
||||
"punycode": "2.3.1",
|
||||
"qrcode": "1.5.3",
|
||||
|
|
|
@ -22,6 +22,7 @@ import { ChannelsService } from './stream/ChannelsService.js';
|
|||
import { RateLimiterService } from './RateLimiterService.js';
|
||||
import { RoleService } from '@/core/RoleService.js';
|
||||
import { getIpHash } from '@/misc/get-ip-hash.js';
|
||||
import proxyAddr from 'proxy-addr';
|
||||
import ms from 'ms';
|
||||
import type * as http from 'node:http';
|
||||
import type { IEndpointMeta } from './endpoints.js';
|
||||
|
@ -69,7 +70,9 @@ export class StreamingApiServerService {
|
|||
if (factor <= 0) return false;
|
||||
|
||||
// Rate limit
|
||||
return await this.rateLimiterService.limit(limit, limitActor, factor).then(() => { return false }).catch(err => { return true });
|
||||
return await this.rateLimiterService.limit(limit, limitActor, factor)
|
||||
.then(() => { return false; })
|
||||
.catch(err => { return true; });
|
||||
}
|
||||
|
||||
@bindThis
|
||||
|
@ -85,7 +88,12 @@ export class StreamingApiServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
if (await this.rateLimitThis(null, request.socket.remoteAddress, {
|
||||
// ServerServices sets `trustProxy: true`, which inside
|
||||
// fastify/request.js ends up calling `proxyAddr` in this way,
|
||||
// so we do the same
|
||||
const requestIp = proxyAddr(request, () => { return true; } );
|
||||
|
||||
if (await this.rateLimitThis(null, requestIp, {
|
||||
key: 'wsconnect',
|
||||
duration: ms('1min'),
|
||||
max: 20,
|
||||
|
@ -134,7 +142,7 @@ export class StreamingApiServerService {
|
|||
}
|
||||
|
||||
const rateLimiter = () => {
|
||||
return this.rateLimitThis(user, request.socket.remoteAddress, {
|
||||
return this.rateLimitThis(user, requestIp, {
|
||||
key: 'wsmessage',
|
||||
duration: ms('1sec'),
|
||||
max: 100,
|
||||
|
|
|
@ -352,6 +352,9 @@ importers:
|
|||
promise-limit:
|
||||
specifier: 2.7.0
|
||||
version: 2.7.0
|
||||
proxy-addr:
|
||||
specifier: ^2.0.7
|
||||
version: 2.0.7
|
||||
pug:
|
||||
specifier: 3.0.2
|
||||
version: 3.0.2
|
||||
|
|
Loading…
Reference in a new issue