72 lines
1.7 KiB
TypeScript
72 lines
1.7 KiB
TypeScript
/**
|
|
* Simple in-memory rate limiter for upload attempts
|
|
* Tracks by IP address
|
|
*/
|
|
|
|
interface RateLimitEntry {
|
|
count: number;
|
|
resetAt: number; // Unix timestamp
|
|
}
|
|
|
|
// In-memory store (use Redis for production multi-instance setups)
|
|
const rateLimitStore = new Map<string, RateLimitEntry>();
|
|
|
|
/**
|
|
* Check if IP address is rate limited
|
|
* @returns { allowed: boolean, remaining: number }
|
|
*/
|
|
export function checkUploadRateLimit(ipAddress: string): { allowed: boolean; remaining: number; resetIn: number } {
|
|
|
|
const maxUploads = parseInt(process.env.UPLOAD_RATE_LIMIT_PER_IP || '5', 10);
|
|
const windowMs = parseInt(process.env.UPLOAD_RATE_LIMIT_WINDOW_MS || '3600000', 10); // 1 hour
|
|
|
|
const now = Date.now();
|
|
const key = `upload:${ipAddress}`;
|
|
|
|
let entry = rateLimitStore.get(key);
|
|
|
|
// Clean up expired entry or create new one
|
|
if (!entry || now > entry.resetAt) {
|
|
entry = {
|
|
count: 0,
|
|
resetAt: now + windowMs
|
|
};
|
|
rateLimitStore.set(key, entry);
|
|
}
|
|
|
|
// Check if limit exceeded
|
|
if (entry.count >= maxUploads) {
|
|
return {
|
|
allowed: false,
|
|
remaining: 0,
|
|
resetIn: Math.ceil((entry.resetAt - now) / 1000) // seconds
|
|
};
|
|
}
|
|
|
|
// Increment counter
|
|
entry.count++;
|
|
rateLimitStore.set(key, entry);
|
|
|
|
return {
|
|
allowed: true,
|
|
remaining: maxUploads - entry.count,
|
|
resetIn: Math.ceil((entry.resetAt - now) / 1000)
|
|
};
|
|
}
|
|
|
|
/**
|
|
* Periodic cleanup of expired entries (prevent memory leak)
|
|
* Call this occasionally (e.g., every hour)
|
|
*/
|
|
export function cleanupRateLimitStore() {
|
|
const now = Date.now();
|
|
rateLimitStore.forEach((entry, key) => {
|
|
if (now > entry.resetAt) {
|
|
rateLimitStore.delete(key);
|
|
}
|
|
});
|
|
}
|
|
|
|
// Auto-cleanup every 10 minutes
|
|
setInterval(cleanupRateLimitStore, 10 * 60 * 1000);
|