From ccc244ec19fc2edbaf552420297190f040ff23de Mon Sep 17 00:00:00 2001
From: Trivernis <trivernis@gmail.com>
Date: Fri, 31 Jan 2020 15:15:50 +0100
Subject: [PATCH 1/2] Change ratelimit to also include the user id

---
 src/app.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 3e1a6e5..94de29a 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -164,7 +164,7 @@ class App {
         this.app.use("/home", homeRoute.router);
         this.limiter({
             expire: config.get("api.rateLimit.upload.expire"),
-            lookup: ["connection.remoteAddress"],
+            lookup: ["connection.remoteAddress", "session.userId"],
             method: "all",
             onRateLimited: (req: IncomingMessage, res: any) => {
                 res.status(httpStatus.TOO_MANY_REQUESTS);
@@ -179,7 +179,7 @@ class App {
         // listen for graphql requests
         this.limiter({
             expire: config.get("api.rateLimit.graphql.expire"),
-            lookup: ["connection.remoteAddress"],
+            lookup: ["connection.remoteAddress", "session.userId"],
             method: "all",
             onRateLimited: (req: IncomingMessage, res: any) => {
                 res.status(httpStatus.TOO_MANY_REQUESTS);

From fcdd9e57c12c4f1bd2621e3ee3f25a93ddd026f5 Mon Sep 17 00:00:00 2001
From: Trivernis <trivernis@gmail.com>
Date: Fri, 31 Jan 2020 16:39:17 +0100
Subject: [PATCH 2/2] Fix duplicated friend in friend list

---
 src/lib/models/User.ts | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/lib/models/User.ts b/src/lib/models/User.ts
index ad571db..06908bf 100644
--- a/src/lib/models/User.ts
+++ b/src/lib/models/User.ts
@@ -293,7 +293,13 @@ export class User extends Model<User> {
         offset = offset ?? 0;
         let friendList = await this.$get("rFriendOf", {limit, offset}) as User[];
         friendList = friendList.concat(await this.$get("rFriends", {limit, offset}) as User[]);
-        return friendList.slice(0, limit);
+        const resultList: User[] = [];
+        for (const friend of friendList) {
+            if (!resultList.find((user) => user.id === friend.id) && friend.id !== this.id) {
+                resultList.push(friend);
+            }
+        }
+        return resultList.slice(0, limit);
     }
 
     /**
@@ -430,7 +436,7 @@ export class User extends Model<User> {
                 await Friendship.bulkCreate([
                     {userId: this.id, friendId: sender},
                     {userId: sender, friendId: this.id},
-                ], {ignoreDuplicates: true});
+                ], {ignoreDuplicates: false});
                 await request.destroy();
             }
         } else {