From 35ae49c6145b3f29704b0f184ddb142b003f82a0 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Thu, 17 Sep 2020 22:01:48 +0200
Subject: Added rate limiting

---
 motto/index.js     | 13 +++++++++++--
 motto/package.json |  1 +
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/motto/index.js b/motto/index.js
index eb1acab..423a19a 100644
--- a/motto/index.js
+++ b/motto/index.js
@@ -1,7 +1,14 @@
 const express = require("express");
 const sqlite3 = require("sqlite3");
-const fs = require("fs");
+const rateLimit = require("express-rate-limit");
 const app = express();
+// const fs = require("fs");
+
+const apiLimiter = rateLimit({
+    windowMs: 10 * 60 * 1000,
+    max: 100,
+    message: "Access overflow!",
+});
 
 app.use(express.urlencoded({ extended: true }));
 app.use(express.json());
@@ -50,6 +57,8 @@ function insert(main, description, votes) {
 
 app.use("/", express.static(__dirname + "/public"));
 
+app.use("/api/", apiLimiter);
+
 app.get("/api/list", (req, res) => {
     db.all("SELECT * FROM theme ORDER BY votes DESC", (err, all) => {
         if (err) {
@@ -91,5 +100,5 @@ app.on("close", () => {
 });
 
 create_db();
-console.log("Listening on port 3000");
+console.log("Listening on port 5005");
 app.listen(5005);
diff --git a/motto/package.json b/motto/package.json
index 80807c3..01f2bc6 100644
--- a/motto/package.json
+++ b/motto/package.json
@@ -10,6 +10,7 @@
   "license": "MIT",
   "dependencies": {
     "express": "^4.17.1",
+    "express-rate-limit": "^5.1.3",
     "sqlite3": "^5.0.0"
   },
   "devDependencies": {
-- 
cgit v1.2.3