From 216af35aeb93ebbaa05a8b947db0a65aeab47978 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Thu, 3 Mar 2022 12:03:29 +0000 Subject: [PATCH] Fixing review comments. --- packages/server/package.json | 1 + .../src/api/controllers/row/ExternalRequest.ts | 2 +- packages/server/src/api/routes/public/index.ts | 16 +++++++++++----- packages/server/src/environment.js | 2 +- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/packages/server/package.json b/packages/server/package.json index 5d7d2fa6ec..a14eb01430 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -148,6 +148,7 @@ "@types/jest": "^26.0.23", "@types/koa": "^2.13.3", "@types/koa-router": "^7.4.2", + "@types/koa2-ratelimit": "^0.9.2", "@types/node": "^15.12.4", "@types/oracledb": "^5.2.1", "@typescript-eslint/parser": "4.28.0", diff --git a/packages/server/src/api/controllers/row/ExternalRequest.ts b/packages/server/src/api/controllers/row/ExternalRequest.ts index c1181dd6d5..c109a43afa 100644 --- a/packages/server/src/api/controllers/row/ExternalRequest.ts +++ b/packages/server/src/api/controllers/row/ExternalRequest.ts @@ -58,7 +58,7 @@ module External { ) { const primary = table.primary // if passed in array need to copy for shifting etc - let idCopy = cloneDeep(id) + let idCopy: undefined | string | any[] = cloneDeep(id) if (filters) { // need to map over the filters and make sure the _id field isn't present for (let filter of Object.values(filters)) { diff --git a/packages/server/src/api/routes/public/index.ts b/packages/server/src/api/routes/public/index.ts index c4d8247b66..fe10f7b637 100644 --- a/packages/server/src/api/routes/public/index.ts +++ b/packages/server/src/api/routes/public/index.ts @@ -9,10 +9,9 @@ import { paramResource, paramSubResource } from "../../../middleware/resourceId" import { CtxFn } from "./utils/Endpoint" import mapperMiddleware from "./middleware/mapper" import env from "../../../environment" +import { RateLimit, Stores } from "koa2-ratelimit" // below imports don't have declaration files const Router = require("@koa/router") -const RateLimit = require("koa2-ratelimit").RateLimit -const Stores = require("koa2-ratelimit").Stores const { PermissionLevels, PermissionTypes, @@ -20,7 +19,14 @@ const { const { getRedisOptions } = require("@budibase/backend-core/redis").utils const PREFIX = "/api/public/v1" -const DEFAULT_API_LIMITING = 120 +const DEFAULT_API_REQ_LIMIT_PER_SEC = 10 + +function getApiLimitPerSecond(): number { + if (!env.API_REQ_LIMIT_PER_SEC) { + return DEFAULT_API_REQ_LIMIT_PER_SEC + } + return parseInt(env.API_REQ_LIMIT_PER_SEC) +} if (!env.isTest()) { const REDIS_OPTS = getRedisOptions() @@ -37,9 +43,9 @@ if (!env.isTest()) { } // rate limiting, allows for 2 requests per second const limiter = RateLimit.middleware({ - interval: { min: 1 }, + interval: { sec: 1 }, // per ip, per interval - max: env.API_RATE_LIMITING || DEFAULT_API_LIMITING, + max: getApiLimitPerSecond(), }) const publicRouter = new Router({ diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js index e3e321b795..312ecf313d 100644 --- a/packages/server/src/environment.js +++ b/packages/server/src/environment.js @@ -45,7 +45,7 @@ module.exports = { INTERNAL_API_KEY: process.env.INTERNAL_API_KEY, MULTI_TENANCY: process.env.MULTI_TENANCY, HTTP_MIGRATIONS: process.env.HTTP_MIGRATIONS, - API_RATE_LIMITING: process.env.API_RATE_LIMITING, + API_REQ_LIMIT_PER_SEC: process.env.API_REQ_LIMIT_PER_SEC, // environment NODE_ENV: process.env.NODE_ENV, JEST_WORKER_ID: process.env.JEST_WORKER_ID,