encrypt/gancio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

minor

Browse Source
This commit is contained in:
lesion
2023-02-18 00:04:28 +01:00
parent 80d2dbd06b
commit bb9f7cca47
4 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/api/index.js
View File

@@ -132,7 +132,7 @@ module.exports = () => {
* @param {image} [image] - Image
*/
// allow anyone to add an event (anon event has to be confirmed, TODO: flood protection)
// allow anyone to add an event (anon event has to be confirmed, flood protection)
api.post('/event', eventController.isAnonEventAllowed, SPAMProtectionApiRateLimiter, upload.single('image'), eventController.add)
// api.get('/event/search', eventController.search)

13
server/api/limiter.js
View File

@@ -6,8 +6,8 @@ const next = (req, res, next) => next()
const instanceApiRateLimiter = {
DDOSProtectionApiRateLimiter: (process.env.NODE_ENV === 'test' ? next : rateLimit({
windowMs: 60 * 1000, // 5 minutes
max: 100, // Limit each IP to 100 requests per `window` (here, per 5 minutes)
windowMs: 60 * 1000, // 1 minutes
max: 100, // Limit each IP to 100 requests per `window`
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
handler: (request, response, next, options) => {
@@ -15,10 +15,13 @@ const instanceApiRateLimiter = {
return response.status(options.statusCode).send(options.message)
}
})),
/** This is a limiter used to avoid spam
* (used during the registration, pass recovery, posting events) */
SPAMProtectionApiRateLimiter: (process.env.NODE_ENV === 'test' ? next : rateLimit({
windowMs: 5 * 60 * 1000, // 10 minutes
max: 3, // Limit each IP to 3 requests per `window` (here, per 15 minutes)
windowMs: 5 * 60 * 1000, // 5 minutes
max: 3, // Limit each IP to 3 requests per `window` (here, per 5 minutes)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
handler: (request, response, next, options) => {

2
server/api/mail.js
View File

@@ -61,7 +61,7 @@ const mail = {
...locals,
locale,
config: { title: settings.title, baseurl: settings.baseurl, description: settings.description, admin_email: settings.admin_email },
datetime: datetime => moment.unix(datetime).locale(locale).format('ddd, D MMMM HH:mm')
datetime: datetime => moment.unix(datetime).tz().locale(locale).format('ddd, D MMMM HH:mm')
}
}
return email.send(msg)