Windshaft-cartodb/lib/cartodb/middleware/rate-limit.js

67 lines
1.9 KiB
JavaScript
Raw Normal View History

2018-02-13 00:19:08 +08:00
'use strict';
const RATE_LIMIT_ENDPOINTS_GROUPS = {
2018-02-28 00:57:25 +08:00
ANONYMOUS: 'anonymous',
STATIC: 'static',
STATIC_NAMED: 'static_named',
DATAVIEW: 'dataview',
DATAVIEW_SEARCH: 'dataview_search',
ANALYSIS: 'analysis',
TILE: 'tile',
ATTRIBUTES: 'attributes',
NAMED_LIST: 'named_list',
NAMED_CREATE: 'named_create',
NAMED_GET: 'named_get',
NAMED: 'named',
NAMED_UPDATE: 'named_update',
NAMED_DELETE: 'named_delete',
NAMED_TILES: 'named_tiles'
2018-02-13 00:19:08 +08:00
};
2018-03-02 22:35:38 +08:00
function rateLimit(userLimitsApi, endpointGroup = null) {
2018-03-02 22:48:31 +08:00
if (!isRateLimitEnabled(endpointGroup)) {
2018-03-02 22:33:50 +08:00
return function rateLimitDisabledMiddleware(req, res, next) { next(); };
}
2018-02-26 18:20:31 +08:00
2018-03-02 22:33:50 +08:00
return function rateLimitMiddleware(req, res, next) {
2018-03-02 22:35:38 +08:00
userLimitsApi.getRateLimit(res.locals.user, endpointGroup, function (err, userRateLimit) {
2018-02-13 00:19:08 +08:00
if (err) {
return next(err);
}
2018-03-02 22:33:50 +08:00
2018-03-02 22:35:38 +08:00
if (!userRateLimit) {
2018-02-15 01:39:57 +08:00
return next();
}
2018-03-02 22:33:50 +08:00
2018-03-02 22:35:38 +08:00
const [isBlocked, limit, remaining, retry, reset] = userRateLimit;
2018-03-02 22:33:50 +08:00
2018-02-13 00:19:08 +08:00
res.set({
2018-03-14 19:09:20 +08:00
'Carto-Rate-Limit-Limit': limit,
'Carto-Rate-Limit-Remaining': remaining,
'Retry-After': retry,
'Carto-Rate-Limit-Reset': reset
2018-02-13 00:19:08 +08:00
});
2018-03-02 22:33:50 +08:00
2018-02-28 00:36:03 +08:00
if (isBlocked) {
2018-03-01 22:50:20 +08:00
const rateLimitError = new Error('You are over the limits.');
rateLimitError.http_status = 429;
rateLimitError.type = 'limit';
rateLimitError.subtype = 'rate-limit';
2018-03-01 22:50:20 +08:00
return next(rateLimitError);
2018-02-13 00:19:08 +08:00
}
2018-03-02 22:33:50 +08:00
2018-02-15 01:39:57 +08:00
return next();
2018-02-13 00:19:08 +08:00
});
};
2018-02-20 00:08:26 +08:00
}
2018-02-13 00:19:08 +08:00
2018-03-02 22:33:50 +08:00
function isRateLimitEnabled(endpointGroup) {
return global.environment.enabledFeatures.rateLimitsEnabled &&
endpointGroup &&
global.environment.enabledFeatures.rateLimitsByEndpoint[endpointGroup];
}
2018-03-02 22:35:38 +08:00
module.exports = rateLimit;
module.exports.RATE_LIMIT_ENDPOINTS_GROUPS = RATE_LIMIT_ENDPOINTS_GROUPS;