Change ratelimit to also include the user id

pull/5/head
Trivernis 5 years ago
parent 99c91f20a4
commit ccc244ec19

@ -164,7 +164,7 @@ class App {
this.app.use("/home", homeRoute.router); this.app.use("/home", homeRoute.router);
this.limiter({ this.limiter({
expire: config.get("api.rateLimit.upload.expire"), expire: config.get("api.rateLimit.upload.expire"),
lookup: ["connection.remoteAddress"], lookup: ["connection.remoteAddress", "session.userId"],
method: "all", method: "all",
onRateLimited: (req: IncomingMessage, res: any) => { onRateLimited: (req: IncomingMessage, res: any) => {
res.status(httpStatus.TOO_MANY_REQUESTS); res.status(httpStatus.TOO_MANY_REQUESTS);
@ -179,7 +179,7 @@ class App {
// listen for graphql requests // listen for graphql requests
this.limiter({ this.limiter({
expire: config.get("api.rateLimit.graphql.expire"), expire: config.get("api.rateLimit.graphql.expire"),
lookup: ["connection.remoteAddress"], lookup: ["connection.remoteAddress", "session.userId"],
method: "all", method: "all",
onRateLimited: (req: IncomingMessage, res: any) => { onRateLimited: (req: IncomingMessage, res: any) => {
res.status(httpStatus.TOO_MANY_REQUESTS); res.status(httpStatus.TOO_MANY_REQUESTS);

Loading…
Cancel
Save