2023-07-27 07:31:52 +02:00
|
|
|
/*
|
2024-02-13 16:59:27 +01:00
|
|
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
2023-07-27 07:31:52 +02:00
|
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
*/
|
|
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
import { Inject, Injectable } from '@nestjs/common';
|
|
|
|
|
import Limiter from 'ratelimiter';
|
2023-04-14 06:50:05 +02:00
|
|
|
import * as Redis from 'ioredis';
|
2022-09-17 20:27:08 +02:00
|
|
|
import { DI } from '@/di-symbols.js';
|
2022-09-18 16:07:41 +02:00
|
|
|
import type Logger from '@/logger.js';
|
|
|
|
|
import { LoggerService } from '@/core/LoggerService.js';
|
2022-12-04 07:03:09 +01:00
|
|
|
import { bindThis } from '@/decorators.js';
|
2023-01-01 03:58:16 +01:00
|
|
|
import type { IEndpointMeta } from './endpoints.js';
|
2022-09-17 20:27:08 +02:00
|
|
|
|
|
|
|
|
@Injectable()
|
|
|
|
|
export class RateLimiterService {
|
2022-09-18 20:11:50 +02:00
|
|
|
private logger: Logger;
|
2023-01-01 03:58:16 +01:00
|
|
|
private disabled = false;
|
2022-09-18 16:07:41 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
constructor(
|
|
|
|
|
@Inject(DI.redis)
|
|
|
|
|
private redisClient: Redis.Redis,
|
2022-09-18 16:07:41 +02:00
|
|
|
|
|
|
|
|
private loggerService: LoggerService,
|
2022-09-17 20:27:08 +02:00
|
|
|
) {
|
2022-09-18 20:11:50 +02:00
|
|
|
this.logger = this.loggerService.getLogger('limiter');
|
2023-01-01 03:58:16 +01:00
|
|
|
|
|
|
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
|
|
|
this.disabled = true;
|
|
|
|
|
}
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
|
2022-12-04 07:03:09 +01:00
|
|
|
@bindThis
|
2023-01-15 08:52:12 +01:00
|
|
|
public limit(limitation: IEndpointMeta['limit'] & { key: NonNullable<string> }, actor: string, factor = 1) {
|
2024-09-20 09:35:45 +02:00
|
|
|
return new Promise<void>((ok, reject) => {
|
|
|
|
|
if (this.disabled) ok();
|
2024-08-22 14:55:22 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
// Short-term limit
|
2024-09-20 09:35:45 +02:00
|
|
|
const minP = (): void => {
|
2022-09-17 20:27:08 +02:00
|
|
|
const minIntervalLimiter = new Limiter({
|
|
|
|
|
id: `${actor}:${limitation.key}:min`,
|
2023-02-09 02:55:15 +01:00
|
|
|
duration: limitation.minInterval! * factor,
|
2022-09-17 20:27:08 +02:00
|
|
|
max: 1,
|
|
|
|
|
db: this.redisClient,
|
|
|
|
|
});
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
minIntervalLimiter.get((err, info) => {
|
|
|
|
|
if (err) {
|
2024-06-13 03:56:26 +02:00
|
|
|
return reject({ code: 'ERR', info });
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-18 20:11:50 +02:00
|
|
|
this.logger.debug(`${actor} ${limitation.key} min remaining: ${info.remaining}`);
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
if (info.remaining === 0) {
|
2024-06-13 03:56:26 +02:00
|
|
|
return reject({ code: 'BRIEF_REQUEST_INTERVAL', info });
|
2022-09-17 20:27:08 +02:00
|
|
|
} else {
|
|
|
|
|
if (hasLongTermLimit) {
|
2024-09-20 09:35:45 +02:00
|
|
|
return maxP();
|
2022-09-17 20:27:08 +02:00
|
|
|
} else {
|
2024-06-13 03:56:26 +02:00
|
|
|
return ok();
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
2024-09-20 09:35:45 +02:00
|
|
|
};
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
// Long term limit
|
2024-09-20 09:35:45 +02:00
|
|
|
const maxP = (): void => {
|
2022-09-17 20:27:08 +02:00
|
|
|
const limiter = new Limiter({
|
|
|
|
|
id: `${actor}:${limitation.key}`,
|
2023-02-09 02:55:15 +01:00
|
|
|
duration: limitation.duration! * factor,
|
|
|
|
|
max: limitation.max! / factor,
|
2022-09-17 20:27:08 +02:00
|
|
|
db: this.redisClient,
|
|
|
|
|
});
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
limiter.get((err, info) => {
|
|
|
|
|
if (err) {
|
2024-06-13 03:56:26 +02:00
|
|
|
return reject({ code: 'ERR', info });
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-18 20:11:50 +02:00
|
|
|
this.logger.debug(`${actor} ${limitation.key} max remaining: ${info.remaining}`);
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
if (info.remaining === 0) {
|
2024-06-13 03:56:26 +02:00
|
|
|
return reject({ code: 'RATE_LIMIT_EXCEEDED', info });
|
2022-09-17 20:27:08 +02:00
|
|
|
} else {
|
2024-06-13 03:56:26 +02:00
|
|
|
return ok();
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
});
|
2024-09-20 09:35:45 +02:00
|
|
|
};
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
const hasShortTermLimit = typeof limitation.minInterval === 'number';
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
const hasLongTermLimit =
|
|
|
|
|
typeof limitation.duration === 'number' &&
|
|
|
|
|
typeof limitation.max === 'number';
|
2023-07-08 00:08:16 +02:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
if (hasShortTermLimit) {
|
2024-09-20 09:35:45 +02:00
|
|
|
minP();
|
2022-09-17 20:27:08 +02:00
|
|
|
} else if (hasLongTermLimit) {
|
2024-09-20 09:35:45 +02:00
|
|
|
maxP();
|
2022-09-17 20:27:08 +02:00
|
|
|
} else {
|
2024-09-20 09:35:45 +02:00
|
|
|
ok();
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
2024-09-20 09:35:45 +02:00
|
|
|
});
|
2022-09-17 20:27:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
