From cf4b74c4f4e32971bc8cc2a66b31da6dc9c27720 Mon Sep 17 00:00:00 2001 From: derrickmehaffy Date: Fri, 7 Oct 2022 07:50:26 -0700 Subject: [PATCH] pr feedback Signed-off-by: Derrick Mehaffy --- packages/core/admin/server/middlewares/rateLimit.js | 6 ++++-- packages/core/strapi/lib/services/errors.js | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/packages/core/admin/server/middlewares/rateLimit.js b/packages/core/admin/server/middlewares/rateLimit.js index e7632e7fac..40cc5e0428 100644 --- a/packages/core/admin/server/middlewares/rateLimit.js +++ b/packages/core/admin/server/middlewares/rateLimit.js @@ -9,10 +9,12 @@ module.exports = async (ctx, next) => { const ratelimit = require('koa2-ratelimit').RateLimit; + const userEmail = ctx.request.body.email || 'unknownEmail'; + return ratelimit.middleware({ - interval: { min: 15 }, + interval: { min: 5 }, max: 5, - prefixKey: `${ctx.request.path}:${ctx.request.ip}`, + prefixKey: `${userEmail}${ctx.request.path}:${ctx.request.ip}`, handler() { throw new RateLimitError(); }, diff --git a/packages/core/strapi/lib/services/errors.js b/packages/core/strapi/lib/services/errors.js index b930f1307d..536529b781 100644 --- a/packages/core/strapi/lib/services/errors.js +++ b/packages/core/strapi/lib/services/errors.js @@ -1,7 +1,7 @@ 'use strict'; const createError = require('http-errors'); -const { NotFoundError, UnauthorizedError, ForbiddenError, PayloadTooLargeError, PolicyError } = +const { NotFoundError, UnauthorizedError, ForbiddenError, PayloadTooLargeError, RateLimitError } = require('@strapi/utils').errors; const mapErrorsAndStatus = [ @@ -22,7 +22,7 @@ const mapErrorsAndStatus = [ status: 413, }, { - classError: PolicyError, + classError: RateLimitError, status: 429, }, ];