mirrors/misskey
1
0
Fork 1
mirror of https://github.com/misskey-dev/misskey.git synced 2026-05-05 01:55:36 +02:00
Code Releases Activity

Fix IP address rate limit (#8758)

Browse Source 
* Fix IP address rate limit

* CHANGELOG

* Tune getIpHash
This commit is contained in:
MeiMei
2022-05-31 17:44:22 +09:00
committed by GitHub
parent a98194bf1b
commit c05723ca6a
4 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packages/backend/src/server/api/private/signin.ts
View File

@@ -10,6 +10,7 @@ import { verifyLogin, hash } from '../2fa.js';
import { randomBytes } from 'node:crypto';
import { IsNull } from 'typeorm';
import { limiter } from '../limiter.js';
import { getIpHash } from '@/misc/get-ip-hash.js';
export default async (ctx: Koa.Context) => {
ctx.set('Access-Control-Allow-Origin', config.url);
@@ -27,7 +28,7 @@ export default async (ctx: Koa.Context) => {
try {
// not more than 1 attempt per second and not more than 10 attempts per hour
await limiter({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, ctx.ip);
await limiter({ key: 'signin', duration: 60 * 60 * 1000, max: 10, minInterval: 1000 }, getIpHash(ctx.ip));
} catch (err) {
ctx.status = 429;
ctx.body = {