Skip to content

Commit

Permalink
chore: add rate limiting on unlock endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
@rolznz
rolznz committed Jan 31, 2024
1 parent 31beb23 commit 6f84eb5
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions http_service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,9 +57,11 @@ func (httpSvc *HttpService) RegisterSharedRoutes(e *echo.Echo) {
e.GET("/api/info", httpSvc.infoHandler)
e.POST("/api/logout", httpSvc.logoutHandler)
e.POST("/api/setup", httpSvc.setupHandler)
e.POST("/api/start", httpSvc.startHandler)
// TODO: add rate limiter
e.POST("/api/unlock", httpSvc.unlockHandler)

// allow one unlock request per second
unlockRateLimiter := middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(1))
e.POST("/api/start", httpSvc.startHandler, unlockRateLimiter)
e.POST("/api/unlock", httpSvc.unlockHandler, unlockRateLimiter)

frontend.RegisterHandlers(e)
}
Expand Down

0 comments on commit 6f84eb5

Please sign in to comment.