mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-07-27 14:15:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add rate limit and app name to env

Browse source
This commit is contained in:
Milo Schwartz 2024-10-03 21:01:19 -04:00
parent e6532752c6
commit e89ee4042a
No known key found for this signature in database
4 changed files with 18 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

12
server/environment.ts
View file

@ -21,6 +21,15 @@ const environmentSchema = z.object({
.string() .string()
.transform((val) => parseInt(val, 10)) .transform((val) => parseInt(val, 10))
.pipe(z.number()), .pipe(z.number()),
RATE_LIMIT_WINDOW_MIN: z
.string()
.transform((val) => parseInt(val, 10))
.pipe(z.number()),
RATE_LIMIT_MAX: z
.string()
.transform((val) => parseInt(val, 10))
.pipe(z.number()),
APP_NAME: z.string(),
EMAIL_SMTP_HOST: z.string().optional(), EMAIL_SMTP_HOST: z.string().optional(),
EMAIL_SMTP_PORT: z EMAIL_SMTP_PORT: z
.string() .string()
@ -45,6 +54,9 @@ const environment = {
path.join("config"), path.join("config"),
EXTERNAL_PORT: (process.env.EXTERNAL_PORT as string) || "3000", EXTERNAL_PORT: (process.env.EXTERNAL_PORT as string) || "3000",
INTERNAL_PORT: (process.env.INTERNAL_PORT as string) || "3001", INTERNAL_PORT: (process.env.INTERNAL_PORT as string) || "3001",
RATE_LIMIT_WINDOW_MIN: (process.env.RATE_LIMIT_WINDOW_MIN as string) || "1",
RATE_LIMIT_MAX: (process.env.RATE_LIMIT_MAX as string) || "100",
APP_NAME: (process.env.APP_NAME as string) || "Pangolin",
EMAIL_SMTP_HOST: process.env.EMAIL_SMTP_HOST as string, EMAIL_SMTP_HOST: process.env.EMAIL_SMTP_HOST as string,
EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT as string, EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT as string,
EMAIL_SMTP_USER: process.env.EMAIL_SMTP_USER as string, EMAIL_SMTP_USER: process.env.EMAIL_SMTP_USER as string,

5
server/middlewares/rateLimit.ts
View file

@ -3,9 +3,10 @@ import createHttpError from "http-errors";
import { NextFunction, Request, Response } from "express"; import { NextFunction, Request, Response } from "express";
import logger from "@server/logger"; import logger from "@server/logger";
import HttpCode from "@server/types/HttpCode"; import HttpCode from "@server/types/HttpCode";
import environment from "@server/environment";
const limit = 100; const limit = environment.RATE_LIMIT_MAX;
const minutes = 1; const minutes = environment.RATE_LIMIT_WINDOW_MIN;
export const rateLimitMiddleware = rateLimit({ export const rateLimitMiddleware = rateLimit({
windowMs: minutes * 60 * 1000, windowMs: minutes * 60 * 1000,

2
server/middlewares/verifySession.ts
View file

@ -1,4 +1,4 @@
import { NextFunction, Response, Request } from "express"; import { NextFunction, Response } from "express";
import ErrorResponse from "@server/types/ErrorResponse"; import ErrorResponse from "@server/types/ErrorResponse";
import { unauthorized, verifySession } from "@server/auth"; import { unauthorized, verifySession } from "@server/auth";
import { db } from "@server/db"; import { db } from "@server/db";

3
server/routers/auth/requestTotpSecret.ts
View file

@ -11,6 +11,7 @@ import { User, users } from "@server/db/schema";
import { eq } from "drizzle-orm"; import { eq } from "drizzle-orm";
import { verify } from "@node-rs/argon2"; import { verify } from "@node-rs/argon2";
import { createTOTPKeyURI } from "oslo/otp"; import { createTOTPKeyURI } from "oslo/otp";
import env from "@server/environment";
export const requestTotpSecretBody = z.object({ export const requestTotpSecretBody = z.object({
password: z.string(), password: z.string(),
@ -64,7 +65,7 @@ export async function requestTotpSecret(
const hex = crypto.getRandomValues(new Uint8Array(20)); const hex = crypto.getRandomValues(new Uint8Array(20));
const secret = encodeHex(hex); const secret = encodeHex(hex);
const uri = createTOTPKeyURI("pangolin", user.email, hex); const uri = createTOTPKeyURI(env.APP_NAME, user.email, hex);
await db await db
.update(users) .update(users)