// limiter.js // Copyright (C) 2021 Digital Telepresence, LLC // License: Apache-2.0 'use strict'; const ONE_SECOND = 1000; const ONE_MINUTE = ONE_SECOND * 60; const ONE_HOUR = ONE_MINUTE * 60; module.exports = { /* * AuthController */ auth: { postOtpEnable: { total: 5, expire: ONE_MINUTE * 30, message: 'You are enabling One-Time Passwords too quickly. Please try again later', }, postOtpAuthenticate: { total: 5, expire: ONE_MINUTE, message: 'You are trying One-Time Passwords too quickly. Please try again later', }, postLogin: { total: 10, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getPersonalApiToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getSocketToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getCoreHome: { total: 20, expire: ONE_MINUTE, message: 'You are loading the Core Selection menu too quickly', }, getLogout: { total: 10, expire: ONE_MINUTE, message: 'You are logging out too quickly', }, }, /* * AuthorController */ author: { getPostIndex: { total: 20, expire: ONE_MINUTE, message: 'You are sending room invite actions too quickly', }, getIndex: { total: 20, expire: ONE_MINUTE, message: 'You are sending room invite actions too quickly', }, }, /* * ChatController */ chat: { postRoomInviteAction: { total: 20, expire: ONE_MINUTE, message: 'You are sending room invite actions too quickly', }, postRoomInvite: { total: 25, expire: ONE_MINUTE, message: 'You are sending room invites too quickly', }, postRoomUpdate: { total: 10, expire: ONE_MINUTE, message: 'You are updating chat rooms too quickly', }, postRoomCreate: { total: 1, expire: ONE_MINUTE * 5, message: 'You are creating chat rooms too quickly', }, getRoomForm: { total: 30, expire: ONE_MINUTE, message: 'You are loading chat room forms too quickly', }, getRoomInviteView: { total: 15, expire: ONE_MINUTE, message: 'You are loading chat room invite view too quickly', }, getRoomSettings: { total: 15, expire: ONE_MINUTE, message: 'You are loading chat rooms too quickly', }, getRoomView: { total: 15, expire: ONE_MINUTE, message: 'You are loading chat rooms too quickly', }, getRoomHome: { total: 20, expire: ONE_MINUTE, message: 'You are loading chat home too quickly', }, getHome: { total: 30, expire: ONE_MINUTE, message: 'You are loading chat home too quickly', }, deleteInvite: { total: 10, expire: ONE_MINUTE, message: 'You are deleting chat room invites too quickly', }, deleteRoom: { total: 4, expire: ONE_MINUTE, message: 'You are deleting chat rooms too quickly', }, }, /* * CommentController */ comment: { deleteComment: { total: 1, expire: ONE_MINUTE, message: 'You are deleting comments too quickly', }, }, /* * ContentReportController */ contentReport: { postCommentReportForm: { total: 5, expire: ONE_MINUTE, message: 'You are reporting comments too quickly', }, postCommentReport: { total: 1, expire: ONE_MINUTE, message: 'You are reporting comments too quickly', }, }, /* * CryptoExchangeController */ cryptoExchange: { getRateGraph: { total: 10, expire: ONE_MINUTE, message: 'You are loading exchange rate graphs too quickly', }, getCurrentRates: { total: 10, expire: ONE_MINUTE, message: 'You are loading cryptocurrency exchange rates too quickly', }, }, /* * DashboardController */ dashboard: { getEpisodeView: { total: 15, expire: ONE_MINUTE, message: 'You are loading the dashboard episode view too quickly', }, getHome: { total: 15, expire: ONE_MINUTE, message: 'You are loading the publisher dashboard too quickly', }, }, /* * EmailController */ email: { getEmailOptOut: { total: 10, expire: ONE_HOUR, message: "You really don't need to do that this much.", }, getEmailVerify: { total: 10, expire: ONE_HOUR, message: "You really don't need to do that this much and can stop.", }, }, form: { getForm: { total: 20, expire: ONE_MINUTE, message: "You are requesting forms too quickly.", }, }, /* * HomeController */ home: { getHome: { total: 20, expire: ONE_MINUTE, message: 'You are loading the home page too quickly', } }, /* * ImageController */ image: { postCreateImage: { total: 5, expire: ONE_MINUTE, message: 'You are uploading images too quickly', }, getImage: { // 50 per second on a 10-second scale // it simply *is* a limit instead of not having one at all, // and will help mitigate severe attacks total: 500, expire: ONE_SECOND * 10, message: 'You are requesting images too quickly', }, }, /* * ManifestController */ manifest: { getManifest: { total: 5, expire: ONE_SECOND, message: 'You are fetching application manifests too quickly', } }, /* * NotificationController */ notification: { getNotificationView: { total: 60, expire: ONE_MINUTE, message: 'You are fetching notifications too quickly', }, getNotificationHome: { total: 30, expire: ONE_MINUTE, message: 'You are refreshing notifications too quickly', }, }, /* * NewsletterController */ newsletter: { getView: { total: 15, expire: ONE_MINUTE, message: 'You are loading newsfeed views too quickly. Please try again later.', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are loading the newsroom too quickly. Please try again later.', }, }, /* * NewsroomController */ newsroom: { getFeedView: { total: 5, expire: ONE_MINUTE, message: 'You are reading newsletters too quickly', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are fetching newsletters too quickly', }, }, /* * PageController */ page: { getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading pages too quickly', }, }, /* * PostController */ post: { getComments: { total: 20, expire: ONE_MINUTE, message: 'You are reading comments too quickly', }, getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading posts too quickly', }, getAllAuthorsView: { total: 20, expire: ONE_MINUTE, message: 'You are loading pages too quickly', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are refreshing too quickly', }, }, /* * UserController */ user: { postCreate: { total: 4, expire: ONE_MINUTE, message: 'You are creating accounts too quickly', }, postProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are updating your profile photo too quickly', }, postUpdateCoreSettings: { total: 4, expire: ONE_MINUTE, message: 'You are updating account settings too quickly', }, postUpdateSettings: { total: 4, expire: ONE_MINUTE, message: 'You are updating account settings too quickly', }, getOtpSetup: { total: 10, expire: ONE_MINUTE, message: 'You are configuring two-factor authentication too quickly', }, getOtpDisable: { total: 10, expire: ONE_MINUTE, message: 'You are disabling two-factor authentication too quickly', }, getSettings: { total: 8, expire: ONE_MINUTE, message: 'You are requesting user settings too quickly', }, getUserProfile: { total: 12, expire: ONE_MINUTE, message: 'You are requesting user profiles too quickly', }, deleteProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are deleting your profile photo too quickly', }, }, /* * VenueController */ venue: { getVenueEmbed: { total: 20, expire: ONE_MINUTE, message: 'You are loading Venue too quickly. Please try again later.', }, }, /* * WelcomeController */ welcome: { total: 12, expire: ONE_MINUTE, message: 'You are loading these pages too quickly', }, };