preservetube
/
backend
mirror of https://github.com/preservetube/backend.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add ratelimiting per /48, add ratelimiting for channel saving

This commit is contained in:
localhost 2026-02-21 11:01:59 +01:00
parent b03650f08c
commit ae003628bc
1 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/router/websocket.ts
View File

@ -21,9 +21,9 @@ const limiter = new RedisRateLimiter({
maxInInterval: 50 maxInInterval: 50
}) })
const sendError = (ws: any, message: string) => { const sendError = (ws: any, message: string, close: boolean = true) => {
ws.send(`ERROR - ${message}`); ws.send(`ERROR - ${message}`);
ws.close(); if (close) ws.close();
}; };
const cleanup = async (ws: any, videoId: string) => { const cleanup = async (ws: any, videoId: string) => {
@ -65,6 +65,18 @@ const handleUpload = async (ws: any, videoId: string, isChannel: boolean = false
} }
}; };
const getRateLimitKey = (ip: string): string => {
if (!ip || ip === '0.0.0.0') return ip;
if (ip.includes(':')) {
const parts = ip.split(':');
if (parts.length >= 3) {
return `${parts[0]}:${parts[1]}:${parts[2]}`;
}
return ip;
}
return ip;
};
app.ws('/save', { app.ws('/save', {
query: t.Object({ query: t.Object({
url: t.String() url: t.String()
@ -87,7 +99,7 @@ app.ws('/save', {
ws.send(`DONE - ${process.env.FRONTEND}/watch?v=${videoId}`) ws.send(`DONE - ${process.env.FRONTEND}/watch?v=${videoId}`)
ws.close() ws.close()
} else { } else {
const hash = Bun.hash(ws.data.headers['cf-connecting-ip'] || '0.0.0.0') const hash = Bun.hash(getRateLimitKey(ws.data.headers['cf-connecting-ip'] || '0.0.0.0'))
const isLimited = await limiter.limit(hash.toString()) const isLimited = await limiter.limit(hash.toString())
if (isLimited) { if (isLimited) {
return sendError(ws, 'You have been ratelimited. </br>Is this an urgent archive? Please email me: admin@preservetube.com'); return sendError(ws, 'You have been ratelimited. </br>Is this an urgent archive? Please email me: admin@preservetube.com');
@ -182,6 +194,13 @@ app.ws('/savechannel', {
.executeTakeFirst() .executeTakeFirst()
if (already) continue if (already) continue
const hash = Bun.hash(getRateLimitKey(ws.data.headers['cf-connecting-ip'] || '0.0.0.0'))
const isLimited = await limiter.limit(hash.toString())
if (isLimited) {
sendError(ws, 'You have been ratelimited. </br>Is this an urgent archive? Please email me: admin@preservetube.com', false);
break;
}
ws.send(`DATA - Processing video: ${video.title.text}`); ws.send(`DATA - Processing video: ${video.title.text}`);
await redis.set(video.video_id, 'downloading', 'EX', 300); await redis.set(video.video_id, 'downloading', 'EX', 300);