Adds Configurable Rate Limit

forksx · Jul 22, 2020 · 411faae · 411faae
1 parent 3500eb4
commit 411faae
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 2 deletions.
diff --git a/config.example.js b/config.example.js
@@ -42,6 +42,12 @@ module.exports = {
     'allowed_regex_origins': [
         'https://.*\\.steamcommunity\\.com'
     ],
+    // Optionally configure a global rate limit across all endpoints
+    'rate_limit': {
+        'enable': false,
+        'window_ms': 60 * 60 * 1000, // 60 min
+        'max': 10000
+    },
     // Logging Level (error, warn, info, verbose, debug, silly)
     'logLevel': 'debug',
     // Max amount of simultaneous requests from the same IP  (incl. WS and HTTP/HTTPS), -1 for unlimited

diff --git a/errors.js b/errors.js
@@ -28,7 +28,8 @@ module.exports = {
     GenericBad: new Error('Something went wrong on our end, please try again', 6, 500),
     BadBody: new Error('Improper body format', 7, 400),
     BadSecret: new Error('Bad Secret', 8, 400),
-    NoBotsAvailable: new Error('No bots available to fulfill this request', 9, 500)
+    NoBotsAvailable: new Error('No bots available to fulfill this request', 9, 500),
+    RateLimit: new Error('Rate limit exceeded, too many requests', 10, 429)
 };
 
 
diff --git a/index.js b/index.js
@@ -8,6 +8,7 @@ const optionDefinitions = [
 const winston = require('winston'),
     args = require('command-line-args')(optionDefinitions),
     bodyParser = require('body-parser'),
+    rateLimit = require('express-rate-limit'),
     utils = require('./lib/utils'),
     queue = new (require('./lib/queue'))(),
     InspectURL = require('./lib/inspect_url'),
@@ -116,6 +117,17 @@ app.use(function (req, res, next) {
     next()
 });
 
+if (CONFIG.rate_limit && CONFIG.rate_limit.enable) {
+    app.use(rateLimit({
+        windowMs: CONFIG.rate_limit.window_ms,
+        max: CONFIG.rate_limit.max,
+        headers: false,
+        handler: function (req, res) {
+            errors.RateLimit.respond(res);
+        }
+    }))
+}
+
 app.get('/', function(req, res) {
     // Get and parse parameters
     let link;

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -24,7 +24,8 @@
     "steam-totp": "^1.5.0",
     "steam-user": "^4.16.1",
     "winston": "^2.4.4",
-    "body-parser": "^1.19.0"
+    "body-parser": "^1.19.0",
+    "express-rate-limit": "^5.1.3"
   },
   "devDependencies": {
     "eslint": "^4.18.2",