subdomain change rate limit check

bluecherrydvr · Jul 8, 2021 · b5f6416 · b5f6416
1 parent 46ae922
commit b5f6416
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 2 deletions.
diff --git a/.env.dist b/.env.dist
@@ -8,4 +8,6 @@ REDIS_URL=redis://db
 CRYPTLEX_API_BASE_URL=https://api.cryptlex.com
 CRYPTLEX_API_ACCESS_TOKEN=
 CRYPTLEX_API_CACHE_SECONDS=300
+SUBDOMAIN_CHANGE_RATE_LIMIT_COUNT=5
+SUBDOMAIN_CHANGE_RATE_LIMIT_RELEASE_SECONDS=1800
 LOGS_DIR=logs
diff --git a/index.js b/index.js
@@ -8,7 +8,9 @@ const {
     ADMIN_TOKEN,
     SUB_DOMAIN_TTL,
     ROOT_DOMAIN,
-    APP_PORT
+    APP_PORT,
+    SUBDOMAIN_CHANGE_RATE_LIMIT_COUNT,
+    SUBDOMAIN_CHANGE_RATE_LIMIT_RELEASE_SECONDS
 } = process.env;
 
 const redis = require('redis');
@@ -161,10 +163,32 @@ async function destroyActualClientConfig(authToken) {
     await redisClient.hdel('client_subdomains_last', authToken);
 }
 
+async function subdomainRateLimitCheck(subdomain, authToken) {
+
+    const actualSubdomain = await redisClient.hget('client_subdomains_last', authToken);
+
+    if (actualSubdomain && actualSubdomain === subdomain) {
+        return;
+    }
+
+    const key = 'client_rate_limit:' + authToken;
+
+    if (!await redisClient.exists(key)) {
+        await redisClient.setex(key, SUBDOMAIN_CHANGE_RATE_LIMIT_RELEASE_SECONDS, 0);
+    }
+
+    const currentLimit = parseInt(await redisClient.incr(key));
+
+    if (currentLimit > SUBDOMAIN_CHANGE_RATE_LIMIT_COUNT) {
+        throw new Error('Subdomain name change rate limit is exceeded');
+    }
+}
+
 async function applySubdomainRecord(type, authToken, subdomain, data, prefix = '') {
     const lock = await redlock.lock('subdomain_record_attempt:' + subdomain, 50000);
 
     try {
+        await subdomainRateLimitCheck(subdomain, authToken);
         await isSubdomainAvailable(subdomain, authToken)
         await updateSubdomainRecord(type, authToken, subdomain, data, prefix);
         await updateLatestSubdomainBook(type, authToken, subdomain);

diff --git a/lib/redis-promise.js b/lib/redis-promise.js
@@ -1,7 +1,8 @@
 
 const { promisify } = require('util');
 
-const methods = ['get', 'set', 'exists', 'sadd', 'sismember', 'hexists', 'hget', 'hgetall', 'hset', 'hsetnx', 'hdel', 'smembers'];
+const methods = ['get', 'set', 'exists', 'sadd', 'sismember', 'hexists', 'hget',
+    'hgetall', 'hset', 'hsetnx', 'hdel', 'smembers', 'incr', 'expire', 'setex'];
 
 class RedisPromise {
     constructor(redisClient) {