// limiter.js // Copyright (C) 2021 Digital Telepresence, LLC // License: Apache-2.0 'use strict'; const ONE_SECOND = 1000; const ONE_MINUTE = ONE_SECOND * 60; // const ONE_HOUR = ONE_MINUTE * 60; module.exports = { /* * AuthController */ auth: { postOtpEnable: { total: 5, expire: ONE_MINUTE * 30, message: 'You are enabling One-Time Passwords too quickly. Please try again later', }, postOtpAuthenticate: { total: 5, expire: ONE_MINUTE, message: 'You are trying One-Time Passwords too quickly. Please try again later', }, postLogin: { total: 10, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getPersonalApiToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getSocketToken: { total: 20, expire: ONE_MINUTE, message: 'You are logging in too quickly', }, getLogout: { total: 10, expire: ONE_MINUTE, message: 'You are logging out too quickly', }, }, /* * DashboardController */ dashboard: { getLinkView: { total: 20, expire: ONE_MINUTE, message: 'You are loading the link analyzer too quickly', }, getDashboardView: { total: 20, expire: ONE_MINUTE, message: 'You are loading the analytics dashboard too quickly', }, }, /* * HomeController */ home: { getPublicProfile: { total: 20, expire: ONE_MINUTE, message: 'You are feteching profiles too quickly', }, getHome: { total: 20, expire: ONE_MINUTE, message: 'You are loading the home page too quickly', } }, /* * ImageController */ image: { postCreateImage: { total: 5, expire: ONE_MINUTE, message: 'You are uploading images too quickly', }, getImage: { // 50 per second on a 10-second scale // it simply *is* a limit instead of not having one at all, // and will help mitigate severe attacks total: 500, expire: ONE_SECOND * 10, message: 'You are requesting images too quickly', }, }, link: { getCreateLinkVisit: { total: 30, expire: ONE_MINUTE, message: 'You are visiting links too quickly', }, postUpdateLink: { total: 20, expire: ONE_MINUTE, message: 'You are editing links too quickly', }, postSortLinksList: { total: 40, expire: ONE_MINUTE, message: 'You are sorting links too quickly', }, postCreateLink: { total: 10, expire: ONE_MINUTE, message: 'You are creating links too quickly', }, }, /* * ManifestController */ manifest: { getManifest: { total: 5, expire: ONE_SECOND, message: 'You are fetching application manifests too quickly', } }, /* * NewsletterController */ newsletter: { getView: { total: 5, expire: ONE_MINUTE, message: 'You are reading newsletters too quickly', }, getIndex: { total: 60, expire: ONE_MINUTE, message: 'You are fetching newsletters too quickly', }, }, /* * UserController */ user: { postCreate: { total: 4, expire: ONE_MINUTE, message: 'You are creating accounts too quickly', }, postProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are updating your profile photo too quickly', }, postHeaderImage: { total: 5, expire: ONE_MINUTE * 5, message: 'You are updating your header image too quickly', }, postUpdateSettings: { total: 4, expire: ONE_MINUTE, message: 'You are updating account settings too quickly', }, getSettings: { total: 8, expire: ONE_MINUTE, message: 'You are requesting user settings too quickly', }, getUserProfile: { total: 12, expire: ONE_MINUTE, message: 'You are requesting user profiles too quickly', }, deleteProfilePhoto: { total: 5, expire: ONE_MINUTE * 5, message: 'You are deleting your profile photo too quickly', }, deleteHeaderImage: { total: 5, expire: ONE_MINUTE * 5, message: 'You are deleting your header images too quickly', }, }, welcome: { total: 12, expire: ONE_MINUTE, message: 'You are loading these pages too quickly', }, };