From 859e14a96e1885b814eb99f1c5a9beb8adfdb591 Mon Sep 17 00:00:00 2001
From: mat <27899617+mat-1@users.noreply.github.com>
Date: Wed, 24 Mar 2021 22:29:45 -0500
Subject: add ratelimits to skyblock-api

---
 src/index.ts | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/index.ts b/src/index.ts
index edef374..fbab327 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,19 +1,23 @@
 import { fetchMemberProfile, fetchUser } from './hypixel'
 import express from 'express'
 import { fetchAllLeaderboardsCategorized, fetchMemberLeaderboard } from './database'
+import rateLimit from 'express-rate-limit'
 
 const app = express()
 
 export const debug = false
 
-
-app.use((req: express.Request, res, next) => {
-	if (process.env.key && req.headers.key !== process.env.key)
-		// if a key is set in process.env and the header doesn't match return an error
-		return res.status(401).json({ error: 'Key in header must match key in env' })
-	next()
+// 250 requests over 5 minutes
+const limiter = rateLimit({
+	windowMs: 60 * 1000 * 5,
+	max: 250,
+	skip: (req: express.Request, res) => {
+		return req.headers.key === process.env.key
+	}
 })
 
+app.use(limiter)
+
 app.get('/', async(req, res) => {
 	res.json({ ok: true })
 })
-- 
cgit