Skip to content

Add rate limiting based on IP addresses - don't allow someone to post more than 10 times in 10 seconds #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wenever wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add rate limiting based on IP addresses - don't allow someone to post more than 10 times in 10 seconds #8

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8467870
added 10 second post limiting change
wenever Mar 12, 2015
fde9cbb
merged changes for timestamp order by
wenever Mar 12, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 19 additions & 8 deletions app.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ app.get('/', function (req, res) {
//get all messages in a type's channel
app.get('/:type_token/:channel_token', function (req, res) {
console.log(db);
db.query("SELECT type_token, channel_token, user_name, message_text, message_timestamp FROM messages WHERE type_token = $1 AND channel_token = $2 ORDER BY message_timestamp", [req.params.type_token, req.params.channel_token], function(err, result) {
db.query("SELECT type_token, channel_token, user_name, user_ip, message_text, message_timestamp FROM messages WHERE type_token = $1 AND channel_token = $2 ORDER BY message_timestamp", [req.params.type_token, req.params.channel_token], function(err, result) {
if (err) {
res.status(500).send(err);
} else {
Expand All @@ -48,14 +48,25 @@ app.get('/:type_token', function (req, res) {

//Create a new message
app.post('/:type_token/:channel_token', function(req, res){
db.query("INSERT INTO messages (type_token, channel_token, user_name, message_text) VALUES ($1, $2, $3, $4)", [req.params.type_token, req.params.channel_token, req.body.user_name, req.body.message_text], function(err, result) {
if (err) {
if (err.code == "23502") {
err.explanation = "Didn't get all of the parameters in the request body. Send user_name and message_text in the request body (remember this is a POST request)."
var ipAddress = req.connection.remoteAddress;
db.query("SELECT COUNT(*) from messages WHERE user_ip = ($1) and message_timestamp >= now() - interval '10 second'", [ipAddress], function(err, result) {
if (err) { console.log(err) ; }
else {
if (result.rows[0].count <= 10){
db.query("INSERT INTO messages (type_token, channel_token, user_name, user_ip, message_text) VALUES ($1, $2, $3, $4, $5)", [req.params.type_token, req.params.channel_token, req.body.user_name, req.connection.remoteAddress, req.body.message_text], function(err, result) {
if (err) {
if (err.code == "23502") {
err.explanation = "Didn't get all of the parameters in the request body. Send user_name and message_text in the request body (remember this is a POST request)."
}
res.status(500).send(err);
} else {
res.send(result);
}
});
}
else{
res.send("can't post");
}
res.status(500).send(err);
} else {
res.send(result);
}
});
});
Expand Down