verify email workflow working

2026-02-24 05:46:39 +00:00 · 2024-10-04 23:14:40 -04:00
parent e176295593
commit 76eeb335a3
23 changed files with 16363 additions and 15802 deletions
--- a/server/middlewares/rateLimit.ts
+++ b/server/middlewares/rateLimit.ts
@@ -3,19 +3,47 @@ import createHttpError from "http-errors";
 import { NextFunction, Request, Response } from "express";
 import logger from "@server/logger";
 import HttpCode from "@server/types/HttpCode";
-import environment from "@server/environment";

-const limit = environment.RATE_LIMIT_MAX;
-const minutes = environment.RATE_LIMIT_WINDOW_MIN;
-
-export const rateLimitMiddleware = rateLimit({
-    windowMs: minutes * 60 * 1000,
-    limit,
-    handler: (req: Request, res: Response, next: NextFunction) => {
-        const message = `Rate limit exceeded. You can make ${limit} requests every ${minutes} minute(s).`;
-        logger.warn(`Rate limit exceeded for IP ${req.ip}`);
-        return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));
-    },
-});
+export function rateLimitMiddleware({
+    windowMin,
+    max,
+    type,
+    skipCondition,
+}: {
+    windowMin: number;
+    max: number;
+    type: "IP_ONLY" | "IP_AND_PATH";
+    skipCondition?: (req: Request, res: Response) => boolean;
+}) {
+    if (type === "IP_AND_PATH") {
+        return rateLimit({
+            windowMs: windowMin * 60 * 1000,
+            max,
+            skip: skipCondition,
+            keyGenerator: (req: Request) => {
+                return `${req.ip}-${req.path}`;
+            },
+            handler: (req: Request, res: Response, next: NextFunction) => {
+                const message = `Rate limit exceeded. You can make ${max} requests every ${windowMin} minute(s).`;
+                logger.warn(
+                    `Rate limit exceeded for IP ${req.ip} on path ${req.path}`,
+                );
+                return next(
+                    createHttpError(HttpCode.TOO_MANY_REQUESTS, message),
+                );
+            },
+        });
+    }
+    return rateLimit({
+        windowMs: windowMin * 60 * 1000,
+        max,
+        skip: skipCondition,
+        handler: (req: Request, res: Response, next: NextFunction) => {
+            const message = `Rate limit exceeded. You can make ${max} requests every ${windowMin} minute(s).`;
+            logger.warn(`Rate limit exceeded for IP ${req.ip}`);
+            return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message));
+        },
+    });
+}

 export default rateLimitMiddleware;