|
|
|
|
@ -4,7 +4,6 @@ const LRU = require('lru-cache');
|
|
|
|
|
const meta = require('../meta');
|
|
|
|
|
const helpers = require('./helpers');
|
|
|
|
|
const user = require('../user');
|
|
|
|
|
const controllerHelpers = require('../controllers/helpers');
|
|
|
|
|
|
|
|
|
|
const cache = new LRU({
|
|
|
|
|
maxAge: meta.config.uploadRateLimitThreshold * 1000,
|
|
|
|
|
@ -13,20 +12,16 @@ const cache = new LRU({
|
|
|
|
|
module.exports = function (middleware) {
|
|
|
|
|
middleware.ratelimitUploads = helpers.try(async (req, res, next) => {
|
|
|
|
|
const { uid } = req;
|
|
|
|
|
if (!uid) {
|
|
|
|
|
return controllerHelpers.notAllowed(req, res);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!meta.config.uploadRateLimitThreshold || await user.isAdminOrGlobalMod(req.uid)) {
|
|
|
|
|
if (!meta.config.uploadRateLimitThreshold || uid && await user.isAdminOrGlobalMod(uid)) {
|
|
|
|
|
return next();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const count = (cache.peek(`${uid}:uploaded_file_count`) || 0) + req.files.files.length;
|
|
|
|
|
const count = (cache.peek(`${req.ip}:uploaded_file_count`) || 0) + req.files.files.length;
|
|
|
|
|
if (count > meta.config.uploadRateLimitThreshold) {
|
|
|
|
|
return next(new Error(['[[error:upload-ratelimit-reached]]']));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cache.set(`${uid}:uploaded_file_count`, count);
|
|
|
|
|
cache.set(`${req.ip}:uploaded_file_count`, count);
|
|
|
|
|
next();
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
psychobunny
4 years ago
committed by
Andrew Rodrigues