nutomic/lemmy
Archived
2
0
Fork 1
Code Issues Pull requests Releases Wiki Activity

Externalizing rate limits. Upgrading to Rust 1.38

Browse source 
- Fixes #290
This commit is contained in:
Dessalines 2019-10-13 12:06:18 -07:00
parent 27f566ed95
commit b6046f707e
8 changed files with 75 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
docker/dev/.env vendored
View file

@ -2,3 +2,9 @@ DOMAIN=my_domain
DATABASE_PASSWORD=password DATABASE_PASSWORD=password
DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
JWT_SECRET=changeme JWT_SECRET=changeme
RATE_LIMIT_MESSAGE=30
RATE_LIMIT_MESSAGE_PER_SECOND=60
RATE_LIMIT_POST=3
RATE_LIMIT_POST_PER_SECOND=600
RATE_LIMIT_REGISTER=1
RATE_LIMIT_REGISTER_PER_SECOND=3600

2
docker/dev/Dockerfile vendored
View file

@ -10,7 +10,7 @@ RUN yarn install --pure-lockfile
COPY ui /app/ui COPY ui /app/ui
RUN yarn build RUN yarn build
FROM rust:1.37 as rust FROM rust:1.38 as rust
# Install musl # Install musl
RUN apt-get update RUN apt-get update

6
docker/dev/docker-compose.yml vendored
View file

@ -20,6 +20,12 @@ services:
- DATABASE_URL=${DATABASE_URL} - DATABASE_URL=${DATABASE_URL}
- JWT_SECRET=${JWT_SECRET} - JWT_SECRET=${JWT_SECRET}
- HOSTNAME=${DOMAIN} - HOSTNAME=${DOMAIN}
- RATE_LIMIT_MESSAGE=${RATE_LIMIT_MESSAGE}
- RATE_LIMIT_MESSAGE_PER_SECOND=${RATE_LIMIT_MESSAGE_PER_SECOND}
- RATE_LIMIT_POST=${RATE_LIMIT_POST}
- RATE_LIMIT_POST_PER_SECOND=${RATE_LIMIT_POST_PER_SECOND}
- RATE_LIMIT_REGISTER=${RATE_LIMIT_REGISTER}
- RATE_LIMIT_REGISTER_PER_SECOND=${RATE_LIMIT_REGISTER_PER_SECOND}
restart: always restart: always
depends_on: depends_on:
- lemmy_db - lemmy_db

6
docker/prod/.env vendored
View file

@ -2,3 +2,9 @@ DOMAIN=my_domain
DATABASE_PASSWORD=password DATABASE_PASSWORD=password
DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy DATABASE_URL=postgres://lemmy:password@lemmy_db:5432/lemmy
JWT_SECRET=changeme JWT_SECRET=changeme
RATE_LIMIT_MESSAGE=30
RATE_LIMIT_MESSAGE_PER_SECOND=60
RATE_LIMIT_POST=3
RATE_LIMIT_POST_PER_SECOND=600
RATE_LIMIT_REGISTER=1
RATE_LIMIT_REGISTER_PER_SECOND=3600

6
docker/prod/docker-compose.yml vendored
View file

@ -18,6 +18,12 @@ services:
- DATABASE_URL=${DATABASE_URL} - DATABASE_URL=${DATABASE_URL}
- JWT_SECRET=${JWT_SECRET} - JWT_SECRET=${JWT_SECRET}
- HOSTNAME=${DOMAIN} - HOSTNAME=${DOMAIN}
- RATE_LIMIT_MESSAGE=${RATE_LIMIT_MESSAGE}
- RATE_LIMIT_MESSAGE_PER_SECOND=${RATE_LIMIT_MESSAGE_PER_SECOND}
- RATE_LIMIT_POST=${RATE_LIMIT_POST}
- RATE_LIMIT_POST_PER_SECOND=${RATE_LIMIT_POST_PER_SECOND}
- RATE_LIMIT_REGISTER=${RATE_LIMIT_REGISTER}
- RATE_LIMIT_REGISTER_PER_SECOND=${RATE_LIMIT_REGISTER_PER_SECOND}
restart: always restart: always
depends_on: depends_on:
- lemmy_db - lemmy_db

4
server/src/api/site.rs
View file

@ -297,7 +297,7 @@ impl Perform<GetSiteResponse> for Oper<GetSite> {
site: site_view, site: site_view,
admins: admins, admins: admins,
banned: banned, banned: banned,
online: 0 online: 0,
}) })
} }
} }
@ -488,7 +488,7 @@ impl Perform<GetSiteResponse> for Oper<TransferSite> {
site: Some(site_view), site: Some(site_view),
admins: admins, admins: admins,
banned: banned, banned: banned,
online: 0 online: 0,
}) })
} }
} }

34
server/src/lib.rs
View file

@ -34,6 +34,12 @@ pub struct Settings {
db_url: String, db_url: String,
hostname: String, hostname: String,
jwt_secret: String, jwt_secret: String,
rate_limit_message: i32,
rate_limit_message_per_second: i32,
rate_limit_post: i32,
rate_limit_post_per_second: i32,
rate_limit_register: i32,
rate_limit_register_per_second: i32,
} }
impl Settings { impl Settings {
@ -43,6 +49,30 @@ impl Settings {
db_url: env::var("DATABASE_URL").expect("DATABASE_URL must be set"), db_url: env::var("DATABASE_URL").expect("DATABASE_URL must be set"),
hostname: env::var("HOSTNAME").unwrap_or("rrr".to_string()), hostname: env::var("HOSTNAME").unwrap_or("rrr".to_string()),
jwt_secret: env::var("JWT_SECRET").unwrap_or("changeme".to_string()), jwt_secret: env::var("JWT_SECRET").unwrap_or("changeme".to_string()),
rate_limit_message: env::var("RATE_LIMIT_MESSAGE")
.unwrap_or("30".to_string())
.parse()
.unwrap(),
rate_limit_message_per_second: env::var("RATE_LIMIT_MESSAGE_PER_SECOND")
.unwrap_or("60".to_string())
.parse()
.unwrap(),
rate_limit_post: env::var("RATE_LIMIT_POST")
.unwrap_or("3".to_string())
.parse()
.unwrap(),
rate_limit_post_per_second: env::var("RATE_LIMIT_POST_PER_SECOND")
.unwrap_or("600".to_string())
.parse()
.unwrap(),
rate_limit_register: env::var("RATE_LIMIT_REGISTER")
.unwrap_or("1".to_string())
.parse()
.unwrap(),
rate_limit_register_per_second: env::var("RATE_LIMIT_REGISTER_PER_SECOND")
.unwrap_or("3600".to_string())
.parse()
.unwrap(),
} }
} }
fn api_endpoint(&self) -> String { fn api_endpoint(&self) -> String {
@ -90,7 +120,8 @@ mod tests {
#[test] #[test]
fn test_slur_filter() { fn test_slur_filter() {
let test = "coons test dindu ladyboy tranny retardeds. This is a bunch of other safe text.".to_string(); let test =
"coons test dindu ladyboy tranny retardeds. This is a bunch of other safe text.".to_string();
let slur_free = "No slurs here"; let slur_free = "No slurs here";
assert_eq!( assert_eq!(
remove_slurs(&test), remove_slurs(&test),
@ -100,7 +131,6 @@ mod tests {
assert!(has_slurs(&test)); assert!(has_slurs(&test));
assert!(!has_slurs(slur_free)); assert!(!has_slurs(slur_free));
} }
} }
lazy_static! { lazy_static! {

26
server/src/websocket/server.rs
View file

@ -17,13 +17,7 @@ use crate::api::post::*;
use crate::api::site::*; use crate::api::site::*;
use crate::api::user::*; use crate::api::user::*;
use crate::api::*; use crate::api::*;
use crate::Settings;
const RATE_LIMIT_MESSAGE: i32 = 30;
const RATE_LIMIT_MESSAGES_PER_SECOND: i32 = 60;
const RATE_LIMIT_POST: i32 = 3;
const RATE_LIMIT_POSTS_PER_SECOND: i32 = 60 * 10;
const RATE_LIMIT_REGISTER: i32 = 1;
const RATE_LIMIT_REGISTER_PER_SECOND: i32 = 60 * 60;
/// Chat server sends this messages to session /// Chat server sends this messages to session
#[derive(Message)] #[derive(Message)]
@ -163,15 +157,27 @@ impl ChatServer {
} }
fn check_rate_limit_register(&mut self, id: usize) -> Result<(), Error> { fn check_rate_limit_register(&mut self, id: usize) -> Result<(), Error> {
self.check_rate_limit_full(id, RATE_LIMIT_REGISTER, RATE_LIMIT_REGISTER_PER_SECOND) self.check_rate_limit_full(
id,
Settings::get().rate_limit_register,
Settings::get().rate_limit_register_per_second,
)
} }
fn check_rate_limit_post(&mut self, id: usize) -> Result<(), Error> { fn check_rate_limit_post(&mut self, id: usize) -> Result<(), Error> {
self.check_rate_limit_full(id, RATE_LIMIT_POST, RATE_LIMIT_POSTS_PER_SECOND) self.check_rate_limit_full(
id,
Settings::get().rate_limit_post,
Settings::get().rate_limit_post_per_second,
)
} }
fn check_rate_limit_message(&mut self, id: usize) -> Result<(), Error> { fn check_rate_limit_message(&mut self, id: usize) -> Result<(), Error> {
self.check_rate_limit_full(id, RATE_LIMIT_MESSAGE, RATE_LIMIT_MESSAGES_PER_SECOND) self.check_rate_limit_full(
id,
Settings::get().rate_limit_message,
Settings::get().rate_limit_message_per_second,
)
} }
fn check_rate_limit_full(&mut self, id: usize, rate: i32, per: i32) -> Result<(), Error> { fn check_rate_limit_full(&mut self, id: usize, rate: i32, per: i32) -> Result<(), Error> {