diff --git a/packages/api/src/routers/export_router.ts b/packages/api/src/routers/export_router.ts index aac22e172..fd7052ece 100644 --- a/packages/api/src/routers/export_router.ts +++ b/packages/api/src/routers/export_router.ts @@ -2,7 +2,11 @@ import cors from 'cors' import express, { Router } from 'express' import { TaskState } from '../generated/graphql' import { jobStateToTaskState } from '../queue-processor' -import { countExportsWithin24Hours, saveExport } from '../services/export' +import { + countExportsWithin24Hours, + countExportsWithinMinute, + saveExport, +} from '../services/export' import { getClaimsByToken, getTokenByRequest } from '../utils/auth' import { corsConfig } from '../utils/corsConfig' import { queueExportJob } from '../utils/createTask' @@ -27,6 +31,17 @@ export function exportRouter() { const userId = claims.uid try { + const exportsWithinMinute = await countExportsWithinMinute(userId) + if (exportsWithinMinute >= 1) { + logger.error('User has reached the limit of exports within minute', { + userId, + exportsWithinMinute, + }) + return res.status(400).send({ + error: 'EXPORT_LIMIT_REACHED', + }) + } + const exportsWithin24Hours = await countExportsWithin24Hours(userId) if (exportsWithin24Hours >= 3) { logger.error('User has reached the limit of exports within 24 hours', { diff --git a/packages/api/src/services/export.ts b/packages/api/src/services/export.ts index f1d71cfe4..70e88f55d 100644 --- a/packages/api/src/services/export.ts +++ b/packages/api/src/services/export.ts @@ -13,6 +13,16 @@ export const saveExport = async ( }) } +export const countExportsWithinMinute = async ( + userId: string +): Promise => { + return getRepository(Export).countBy({ + userId, + createdAt: MoreThan(new Date(Date.now() - 60 * 1000)), + state: In([TaskState.Pending, TaskState.Running, TaskState.Succeeded]), + }) +} + export const countExportsWithin24Hours = async ( userId: string ): Promise => {