aboutsummaryrefslogtreecommitdiffhomepage
path: root/backend
diff options
context:
space:
mode:
authorMiodec <[email protected]>2024-08-27 22:50:20 +0200
committerMiodec <[email protected]>2024-08-27 22:50:20 +0200
commit6e43e1c4dc6cf9dfe2a2a79fa44aa36c2070f64a (patch)
treea99de9e2a71c7359273613bf5b04d5dfb7d95e42 /backend
parenta6232beea505125cec528cfe0d2c4c882f97d1b6 (diff)
downloadmonkeytype-6e43e1c4dc6cf9dfe2a2a79fa44aa36c2070f64a.tar.gz
monkeytype-6e43e1c4dc6cf9dfe2a2a79fa44aa36c2070f64a.zip
fix(sever): wrong rate limiter being used for result post
also lowers limit slightly to 300 and updates the generic message to be more clear
Diffstat (limited to 'backend')
-rw-r--r--backend/src/api/routes/results.ts2
-rw-r--r--backend/src/middlewares/rate-limit.ts4
2 files changed, 3 insertions, 3 deletions
diff --git a/backend/src/api/routes/results.ts b/backend/src/api/routes/results.ts
index d8d8dfaa0..5edfb731e 100644
--- a/backend/src/api/routes/results.ts
+++ b/backend/src/api/routes/results.ts
@@ -22,7 +22,7 @@ export default s.router(resultsContract, {
handler: async (r) => callController(ResultController.getResults)(r),
},
add: {
- middleware: [validateResultSavingEnabled, RateLimit.resultsTagsUpdate],
+ middleware: [validateResultSavingEnabled, RateLimit.resultsAdd],
handler: async (r) => callController(ResultController.addResult)(r),
},
updateTags: {
diff --git a/backend/src/middlewares/rate-limit.ts b/backend/src/middlewares/rate-limit.ts
index 49736e344..660f5db24 100644
--- a/backend/src/middlewares/rate-limit.ts
+++ b/backend/src/middlewares/rate-limit.ts
@@ -29,7 +29,7 @@ export const customHandler = (
_next: NextFunction,
_options: Options
): void => {
- throw new MonkeyError(429, "Too many attempts, please try again later.");
+ throw new MonkeyError(429, "Request limit reached, please try again later.");
};
const ONE_HOUR_SECONDS = 60 * 60;
@@ -277,7 +277,7 @@ export const resultsGetApe = rateLimit({
export const resultsAdd = rateLimit({
windowMs: ONE_HOUR_MS,
- max: 500 * REQUEST_MULTIPLIER,
+ max: 300 * REQUEST_MULTIPLIER,
keyGenerator: getKeyWithUid,
handler: customHandler,
});