// limiter.js // Copyright (C) 2021 Digital Telepresence, LLC // License: Apache-2.0 'use strict'; const ONE_SECOND = 1000; const ONE_MINUTE = ONE_SECOND * 60; // const ONE_HOUR = ONE_MINUTE * 60; module.exports = { /* * AuthController */ auth: { postOtpEnable: { total: 5, expire: ONE_MINUTE * 30, message: 'You are enabling One-Time Passwords too quickly. Please try again later', }, postOtpAuthenticate: { total: 5, expire: ONE_MINUTE, message: 'You are trying One-Time Passwords too quickly. Please try again later', }, postLogin: { total: 10, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getPersonalApiToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getSocketToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getLogout: { total: 10, expire: ONE_MINUTE, message: 'You are logging out too quickly', }, }, comment: { deleteComment: { total: 1, expire: ONE_MINUTE, message: 'You are deleting comments too quickly', }, }, /* * ContentReportController */ contentReport: { postCommentReportForm: { total: 5, expire: ONE_MINUTE, message: 'You are reporting comments too quickly', }, postCommentReport: { total: 1, expire: ONE_MINUTE, message: 'You are reporting comments too quickly', }, }, /* * CryptoExchangeController */ cryptoExchange: { getRateGraph: { total: 10, expire: ONE_MINUTE, message: 'You are loading exchange rate graphs too quickly', }, getCurrentRates: { total: 10, expire: ONE_MINUTE, message: 'You are loading cryptocurrency exchange rates too quickly', }, }, /* * DashboardController */ dashboard: { getEpisodeView: { total: 15, expire: ONE_MINUTE, message: 'You are loading the dashboard episode view too quickly', }, getHome: { total: 15, expire: ONE_MINUTE, message: 'You are loading the publisher dashboard too quickly', }, }, /* * HomeController */ home: { getHome: { total: 20, expire: ONE_MINUTE, message: 'You are loading the home page too quickly', } }, /* * ImageController */ image: { postCreateImage: { total: 5, expire: ONE_MINUTE, message: 'You are uploading images too quickly', }, getImage: { // 50 per second on a 10-second scale // it simply *is* a limit instead of not having one at all, // and will help mitigate severe attacks total: 500, expire: ONE_SECOND * 10, message: 'You are requesting images too quickly', }, }, /* * ManifestController */ manifest: { getManifest: { total: 5, expire: ONE_SECOND, message: 'You are fetching application manifests too quickly', } }, /* * NewsletterController */ newsletter: { getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading newsletters too quickly', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are fetching newsletters too quickly', }, }, /* * PageController */ page: { getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading pages too quickly', }, }, /* * PostController */ post: { getComments: { total: 20, expire: ONE_MINUTE, message: 'You are reading comments too quickly', }, getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading posts too quickly', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are refreshing too quickly', }, }, /* * UserController */ user: { postCreate: { total: 4, expire: ONE_MINUTE, message: 'You are creating accounts too quickly', }, postProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are updating your profile photo too quickly', }, postUpdateSettings: { total: 4, expire: ONE_MINUTE, message: 'You are updating account settings too quickly', }, getSettings: { total: 8, expire: ONE_MINUTE, message: 'You are requesting user settings too quickly', }, getUserProfile: { total: 12, expire: ONE_MINUTE, message: 'You are requesting user profiles too quickly', }, deleteProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are deleting your profile photo too quickly', }, }, welcome: { total: 12, expire: ONE_MINUTE, message: 'You are loading these pages too quickly', }, };