From 9a11f73392928c81d4a478191e126d3ec754f781 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Tue, 4 Feb 2020 10:52:05 +0100 Subject: [PATCH] Upgrade express-rate-limit --- package.json | 2 +- server/controllers/api/index.ts | 4 +--- server/controllers/api/users/index.ts | 2 -- yarn.lock | 8 ++++---- 4 files changed, 6 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 0a5484d2a..cec311a18 100644 --- a/package.json +++ b/package.json @@ -95,7 +95,7 @@ "deep-object-diff": "^1.1.0", "express": "^4.12.4", "express-oauth-server": "^2.0.0", - "express-rate-limit": "^4.0.4", + "express-rate-limit": "^5.0.0", "express-validator": "^6.4.0", "flat": "^5.0.0", "fluent-ffmpeg": "^2.1.0", diff --git a/server/controllers/api/index.ts b/server/controllers/api/index.ts index 6138a32de..7bec6c527 100644 --- a/server/controllers/api/index.ts +++ b/server/controllers/api/index.ts @@ -1,5 +1,4 @@ import * as express from 'express' -import * as RateLimit from 'express-rate-limit' import { configRouter } from './config' import { jobsRouter } from './jobs' import { oauthClientsRouter } from './oauth-clients' @@ -15,6 +14,7 @@ import { overviewsRouter } from './overviews' import { videoPlaylistRouter } from './video-playlist' import { CONFIG } from '../../initializers/config' import { pluginRouter } from './plugins' +import * as RateLimit from 'express-rate-limit' const apiRouter = express.Router() @@ -24,8 +24,6 @@ apiRouter.use(cors({ credentials: true })) -// FIXME: https://github.com/nfriedly/express-rate-limit/issues/138 -// @ts-ignore const apiRateLimiter = RateLimit({ windowMs: CONFIG.RATES_LIMIT.API.WINDOW_MS, max: CONFIG.RATES_LIMIT.API.MAX diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index b960e80c1..0b7012537 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts @@ -53,8 +53,6 @@ import { Hooks } from '@server/lib/plugins/hooks' const auditLogger = auditLoggerFactory('users') -// FIXME: https://github.com/nfriedly/express-rate-limit/issues/138 -// @ts-ignore const loginRateLimiter = RateLimit({ windowMs: CONFIG.RATES_LIMIT.LOGIN.WINDOW_MS, max: CONFIG.RATES_LIMIT.LOGIN.MAX diff --git a/yarn.lock b/yarn.lock index 6e75dab9a..68f281e45 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2282,10 +2282,10 @@ express-oauth-server@^2.0.0: express "^4.13.3" oauth2-server "3.0.0" -express-rate-limit@^4.0.4: - version "4.0.4" - resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-4.0.4.tgz#a495338ae9e58c856b66d1346ec0d86f43ba2e43" - integrity sha512-DLRj2vMO7Xgai8qWKU9O6ZztF2bdDmfFNFi9k3G9BPzJ+7MG7eWaaBikbe0eBpNGSxU8JziwW0PQKG78aNWa6g== +express-rate-limit@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-5.0.0.tgz#9a6f4cacc388c1a1da7ba2f65db69f7395e9b04e" + integrity sha512-dhT57wqxfqmkOi4HM7NuT4Gd7gbUgSK2ocG27Y6lwm8lbOAw9XQfeANawGq8wLDtlGPO1ZgDj0HmKsykTxfFAg== express-validator@^6.4.0: version "6.4.0" -- 2.25.1