Add p2p test result dashboard #12

wojciechos · 2024-11-27T16:21:51Z

No description provided.

Changed arrow direction from -> to <- and swapped node positions to show target <- source instead of source -> target

git-subtree-dir: dashboard git-subtree-mainline: 59f539a git-subtree-split: 5ec30f4

dashboard/src/server/index.js

+app.get('/events', async (req, res) => {
+  res.setHeader('Content-Type', 'text/event-stream');
+  res.setHeader('Cache-Control', 'no-cache');
+  res.setHeader('Connection', 'keep-alive');
+
+  try {
+    const result = await appPool.query('SELECT data FROM test_runs');
+    const initialData = result.rows.map(row => row.data);
+    res.write(`data: ${JSON.stringify({ type: 'initial', data: initialData })}\n\n`);
+  } catch (error) {
+    console.error('Error fetching initial data:', error);
+  }
+
+  clients.add(res);
+  req.on('close', () => clients.delete(res));
+});


To fix the problem, we need to introduce rate limiting to the /events endpoint to prevent abuse and potential denial-of-service attacks. The best way to achieve this is by using the express-rate-limit middleware, which allows us to set a maximum number of requests that a client can make within a specified time window.

Install the express-rate-limit package.

Import the express-rate-limit package in the dashboard/src/server/index.js file.

Create a rate limiter with appropriate settings (e.g., maximum of 100 requests per 15 minutes).

Apply the rate limiter to the /events endpoint.

dashboard/src/server/index.js

+app.get('*', (req, res) => {
+  res.sendFile(join(__dirname, '../../dist/index.html'));
+});


To fix the problem, we need to introduce rate limiting to the Express application. The best way to do this is by using the express-rate-limit package, which allows us to set a maximum number of requests that can be made to the server within a specified time window. This will help prevent abuse and mitigate the risk of denial-of-service attacks.

We will:

Install the express-rate-limit package.

Import the package in the dashboard/src/server/index.js file.

Set up a rate limiter with appropriate configuration.

Apply the rate limiter to the specific route handler that performs the file system access.

dashboard/src/server/index.js

+app.post('/update', async (req, res) => {
+  const update = req.body;
+
+  try {
+    if (update.type === 'newTest' || update.type === 'updateTest') {
+      await appPool.query(
+        'INSERT INTO test_runs (id, data) VALUES ($1, $2) ON CONFLICT (id) DO UPDATE SET data = $2',
+        [update.data.id, update.data]
+      );
+    }
+
+    broadcastUpdate(update);
+    res.sendStatus(200);
+  } catch (error) {
+    console.error('Error updating data:', error);
+    res.sendStatus(500);
+  }
+});


To fix the problem, we will introduce rate limiting to the Express application using the express-rate-limit package. This package allows us to set a maximum number of requests that can be made to the server within a specified time window. We will apply this rate limiting middleware to the /update endpoint to prevent abuse.

Install the express-rate-limit package.

Import the express-rate-limit package in the dashboard/src/server/index.js file.

Configure the rate limiter with appropriate settings (e.g., maximum number of requests and time window).

Apply the rate limiter middleware to the /update endpoint.

wojciechos added 13 commits November 14, 2024 13:04

Add p2p testing dashboard

cbe4ac9

Remove generating mocked data

9cc0dc8

Store data in db

839887a

Require ssl connections

ec1dd57

Add compatibility matrix to main page

8edd234

Revers displaying scenarios

33b313b

Fix order in compatibility dashboard

326a449

Improve visibility of the dashboard

e2cf98e

Add madara and papyrus to compatibility matrix

04b05a3

Change title of compatibility table

1b77a63

feat: reverse node display direction in TestDetails

e00dd55

Changed arrow direction from -> to <- and swapped node positions to show target <- source instead of source -> target

feat(ui): add directional indicators to P2P sync matrix

5ec30f4

Add 'dashboard/' from commit '5ec30f4679778d79dfb5e0278ed95336f822200f'

94a26ca

git-subtree-dir: dashboard git-subtree-mainline: 59f539a git-subtree-split: 5ec30f4

github-advanced-security bot found potential problems Nov 27, 2024

View reviewed changes

wojciechos closed this Nov 27, 2024

wojciechos deleted the dashboard branch December 17, 2024 09:45

@@ -5,2 +5,3 @@
             import dotenv from 'dotenv';
+            import rateLimit from 'express-rate-limit';
@@ -76,2 +77,8 @@
+            // Set up rate limiter: maximum of 100 requests per 15 minutes
+            const limiter = rateLimit({
+              windowMs: 15 * 60 * 1000, // 15 minutes
+              max: 100, // max 100 requests per windowMs
+            });
             const clients = new Set();
@@ -92,3 +99,3 @@
             // Modified SSE endpoint
-            app.get('/events', async (req, res) => {
+            app.get('/events', limiter, async (req, res) => {
               res.setHeader('Content-Type', 'text/event-stream');

@@ -19,3 +19,4 @@
                 "react": "^18.3.1",
-                "react-dom": "^18.3.1"
+                "react-dom": "^18.3.1",
+                "express-rate-limit": "^7.4.1"
               },

Package	Version	Security advisories
express-rate-limit (npm)	7.4.1	None

@@ -5,2 +5,3 @@
             import dotenv from 'dotenv';
+            import rateLimit from 'express-rate-limit';
@@ -74,2 +75,9 @@
             const app = express();
+            // Set up rate limiter: maximum of 100 requests per 15 minutes
+            const limiter = rateLimit({
+              windowMs: 15 * 60 * 1000, // 15 minutes
+              max: 100, // max 100 requests per windowMs
+            });
             const PORT = 3322;
@@ -110,3 +118,3 @@
             // Serve index.html for all routes
-            app.get('*', (req, res) => {
+            app.get('*', limiter, (req, res) => {
               res.sendFile(join(__dirname, '../../dist/index.html'));

@@ -19,3 +19,4 @@
                 "react": "^18.3.1",
-                "react-dom": "^18.3.1"
+                "react-dom": "^18.3.1",
+                "express-rate-limit": "^7.4.1"
               },

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add p2p test result dashboard #12

Add p2p test result dashboard #12

wojciechos commented Nov 27, 2024

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Add p2p test result dashboard #12

Add p2p test result dashboard #12

Conversation

wojciechos commented Nov 27, 2024