simplified check for user access

1. Make fields private as much as possible 2. single public function to check if user is valid and is within limit. Advantage is that only a single call to synchronisation() is required. 3. Bumped up the rate limit
2025-07-15 20:01:48 -04:00 · 2020-07-16 17:36:05 +05:30 · 2020-07-16 17:36:05 +05:30 · 7bfde4eddb
commit 7bfde4eddb
parent f08f6041ec
1 changed files with 42 additions and 37 deletions
--- a/src/main/scala/lc/Server.scala
+++ b/src/main/scala/lc/Server.scala
@ -10,14 +10,13 @@ import lc.HTTPServer._
 case class Secret(token: Int)

 class RateLimiter extends DBConn {
-  val userLastActive = collection.mutable.Map[Int, Long]()
-  val userAllowance = collection.mutable.Map[Int, Double]()
-  val rate = 8.0
-  val per = 45.0
-  val allowance = rate
+  private val userLastActive = collection.mutable.Map[Int, Long]()
+  private val userAllowance = collection.mutable.Map[Int, Double]()
+  private val rate = 800000.0
+  private val per = 45.0
+  private val allowance = rate

-  def validateUser(user: Int) : Boolean = {
-    synchronized {
+  private def validateUser(user: Int) : Boolean = {
    val allow = if(userLastActive.contains(user)){
      true
    } else {
@ -35,10 +34,8 @@ class RateLimiter extends DBConn {
    }
    allow
  }
-  }

-  def checkLimit(user: Int): Boolean = {
-    synchronized {
+  private def checkLimit(user: Int): Boolean = {
    val current = System.currentTimeMillis()
    val time_passed = (current - userLastActive(user)) / 1000
    userLastActive(user) = current
@ -52,8 +49,16 @@ class RateLimiter extends DBConn {
    }
    allow
  }
-  }

+  def checkUserAccess(token: Int) : Boolean = {
+    synchronized {
+      if (validateUser(token)) {
+        return checkLimit(token)
+      } else {
+        return false
+      }
+    }
+  }
 }

 class Server(port: Int){
@ -66,7 +71,7 @@ class Server(port: Int){

 	host.addContext("/v1/captcha",(req, resp) => {
      val accessToken = Option(req.getHeaders().get("access-token")).map(_.toInt)
-      val access = accessToken.map(t => rateLimiter.validateUser(t) && rateLimiter.checkLimit(t)).getOrElse(false)
+      val access = accessToken.map(rateLimiter.checkUserAccess).getOrElse(false)
      if(access){
        val body = req.getJson()
      	val json = parse(body)