UNPKG

@universis/janitor

Version:

Universis api plugin for handling user authorization and rate limiting

gitlab.com/universis/janitor

101 lines (99 loc) 5.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import { ApplicationService, TraceUtils } from '@themost/common'; import { rateLimit } from 'express-rate-limit'; import express from 'express'; import path from 'path'; export class RateLimitService extends ApplicationService { /** * @param {import('@themost/express').ExpressDataApplication} app */ constructor(app) { super(app); app.serviceRouter.subscribe(serviceRouter => { if (serviceRouter == null) { return; } try { const addRouter = express.Router(); let serviceConfiguration = app.getConfiguration().getSourceAt('settings/universis/janitor/rateLimit') || { profiles: [], paths: [] }; if (serviceConfiguration.extends) { // get additional configuration const configurationPath = app.getConfiguration().getConfigurationPath(); const extendsPath = path.resolve(configurationPath, serviceConfiguration.extends); TraceUtils.log(`@universis/janitor#RateLimitService will try to extend service configuration from ${extendsPath}`); serviceConfiguration = require(extendsPath); } const pathsArray = serviceConfiguration.paths || []; const profilesArray = serviceConfiguration.profiles || []; // create maps const paths = new Map(pathsArray); const profiles = new Map(profilesArray); if (paths.size === 0) { TraceUtils.warn('@universis/janitor#RateLimitService is being started but the collection of paths is empty.'); } // get proxy address forwarding option let proxyAddressForwarding = app.getConfiguration().getSourceAt('settings/universis/api/proxyAddressForwarding'); if (typeof proxyAddressForwarding !== 'boolean') { proxyAddressForwarding = false; } paths.forEach((value, path) => { let profile; // get profile if (value.profile) { profile = profiles.get(value.profile); } else { // or options defined inline profile = value } if (profile != null) { const rateLimitOptions = Object.assign({ windowMs: 5 * 60 * 1000, // 5 minutes limit: 50, // 50 requests legacyHeaders: true // send headers }, profile, { keyGenerator: (req) => { let remoteAddress; if (proxyAddressForwarding) { // get proxy headers or remote address remoteAddress = req.headers['x-real-ip'] || req.headers['x-forwarded-for'] || (req.connection ? req.connection.remoteAddress : req.socket.remoteAddress); } else { // get remote address remoteAddress = (req.connection ? req.connection.remoteAddress : req.socket.remoteAddress); } return `${path}:${remoteAddress}`; } }); if (typeof rateLimitOptions.store === 'string') { // load store const store = rateLimitOptions.store.split('#'); let StoreClass; if (store.length === 2) { const storeModule = require(store[0]); if (Object.prototype.hasOwnProperty.call(storeModule, store[1])) { StoreClass = storeModule[store[1]]; rateLimitOptions.store = new StoreClass(this, rateLimitOptions); } else { throw new Error(`${store} cannot be found or is inaccessible`); } } else { StoreClass = require(store[0]); // create store rateLimitOptions.store = new StoreClass(this, rateLimitOptions); } } addRouter.use(path, rateLimit(rateLimitOptions)); } }); if (addRouter.stack.length) { serviceRouter.stack.unshift.apply(serviceRouter.stack, addRouter.stack); } } catch (err) { TraceUtils.error('An error occurred while validating rate limit configuration.'); TraceUtils.error(err); TraceUtils.warn('Rate limit service is inactive due to an error occured while loading configuration.') } }); } }