From bcb37a126410ead362201b91703de9c6d53c1085 Mon Sep 17 00:00:00 2001 From: abretonc7s Date: Mon, 26 Feb 2024 23:10:21 +0800 Subject: [PATCH 1/2] feat: disable http rate limiter --- packages/sdk-socket-server/src/api-config.ts | 37 +++++++++++++++----- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/packages/sdk-socket-server/src/api-config.ts b/packages/sdk-socket-server/src/api-config.ts index bf0010222..d4986c279 100644 --- a/packages/sdk-socket-server/src/api-config.ts +++ b/packages/sdk-socket-server/src/api-config.ts @@ -4,7 +4,6 @@ import Analytics from 'analytics-node'; import bodyParser from 'body-parser'; import cors from 'cors'; import express from 'express'; -import { rateLimit } from 'express-rate-limit'; import helmet from 'helmet'; import { createClient } from 'redis'; import { logger } from './logger'; @@ -18,13 +17,33 @@ const THIRTY_DAYS_IN_SECONDS = 30 * 24 * 60 * 60; // expiration time of entries const app = express(); -const limiter = rateLimit({ - windowMs: 5 * 60 * 1000, // 5 minutes - limit: 100, // Limit each IP to 100 requests per `window` (here, per 5 minutes). - standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header - legacyHeaders: false, // Disable the `X-RateLimit-*` headers. - // store: ... , // Use an external store for consistency across multiple server instances. -}); +// let windowMsNum = 1; +// try { +// if (process.env.REDIS_HTTP_WINDOW_MS_NUM) { +// windowMsNum = parseInt(process.env.REDIS_HTTP_WINDOW_MS_NUM, 16); +// } +// } catch (err) { +// logger.warn( +// `Invalid REDIS_HTTP_WINDOW_MS_NUM env: ${process.env.REDIS_HTTP_WINDOW_MS_NUM}`, +// ); +// } + +// let httpLimit = 10_000_000; +// try { +// if (process.env.REDIS_HTTP_LIMIT) { +// httpLimit = parseInt(process.env.REDIS_HTTP_LIMIT, 16); +// } +// } catch (err) { +// logger.warn(`Invalid REDIS_HTTP_LIMIT env: ${process.env.REDIS_HTTP_LIMIT}`); +// } + +// const limiter = rateLimit({ +// windowMs: windowMsNum * 60 * 1000, // 1 minutes +// limit: httpLimit, // Limit each IP to 10000000 requests per `window` (here, per 5 minutes). +// standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header +// legacyHeaders: false, // Disable the `X-RateLimit-*` headers. +// // store: ... , // Use an external store for consistency across multiple server instances. +// }); app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); @@ -33,7 +52,7 @@ app.options('*', cors()); app.use(helmet()); app.disable('x-powered-by'); // Apply the rate limiting middleware to all requests. -app.use(limiter); +// app.use(limiter); async function inspectRedis(key?: string) { if (key && typeof key === 'string') { From dc55d28a8d432742ed4ace09701f0077ac599bc4 Mon Sep 17 00:00:00 2001 From: abretonc7s Date: Mon, 26 Feb 2024 23:11:38 +0800 Subject: [PATCH 2/2] feat: disable http rate limiter --- packages/sdk-socket-server/src/api-config.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/sdk-socket-server/src/api-config.ts b/packages/sdk-socket-server/src/api-config.ts index d4986c279..fcd91aa55 100644 --- a/packages/sdk-socket-server/src/api-config.ts +++ b/packages/sdk-socket-server/src/api-config.ts @@ -17,6 +17,7 @@ const THIRTY_DAYS_IN_SECONDS = 30 * 24 * 60 * 60; // expiration time of entries const app = express(); +// FIXME enable correctly // let windowMsNum = 1; // try { // if (process.env.REDIS_HTTP_WINDOW_MS_NUM) {