Merge pull request #2955 from omnivore-app/fix/rate-limit

log x-forwarded-for header for debugging purpose
This commit is contained in:
Hongbo Wu
2023-10-18 13:10:59 +08:00
committed by GitHub
2 changed files with 6 additions and 0 deletions

View File

@ -58,6 +58,9 @@ export const createApp = (): {
app.use(json({ limit: '100mb' }))
app.use(urlencoded({ limit: '100mb', extended: true }))
// set to true if behind a reverse proxy/load balancer
app.set('trust proxy', env.server.trustProxy)
const apiLimiter = rateLimit({
windowMs: 60 * 1000, // 1 minute
max: async (req) => {

View File

@ -21,6 +21,7 @@ interface BackendEnv {
gateway_url: string
apiEnv: string
instanceId: string
trustProxy: boolean
}
client: {
url: string
@ -159,6 +160,7 @@ const nullableEnvVars = [
'RSS_FEED_TASK_HANDLER_URL',
'SENDGRID_VERIFICATION_TEMPLATE_ID',
'REMINDER_TASK_HANDLER_URL',
'TRUST_PROXY',
] // Allow some vars to be null/empty
/* If not in GAE and Prod/QA/Demo env (f.e. on localhost/dev env), allow following env vars to be null */
@ -207,6 +209,7 @@ export function getEnv(): BackendEnv {
apiEnv: parse('API_ENV'),
instanceId:
parse('GAE_INSTANCE') || `x${os.userInfo().username}_${os.hostname()}`,
trustProxy: parse('TRUST_PROXY') === 'true',
}
const client = {
url: parse('CLIENT_URL'),