MyFavMirrors/lc-core
1
0
Fork 0
mirror of https://github.com/librecaptcha/lc-core.git synced 2025-02-05 08:18:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add rate limiter

Browse Source 
Add user validation for every request

Signed-off-by: Rahul Rudragoudar <rr83019@gmail.com>
This commit is contained in:
Rahul Rudragoudar 2019-06-17 00:20:18 +05:30
parent 1a57942a0b
commit a63cf3976d
No known key found for this signature in database
GPG Key ID: EC2AAF721D545305
1 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/main/scala/lc/Main.scala
View File

@ -175,20 +175,48 @@ case class Secret(token: Int)
class RateLimiter extends DBConn { class RateLimiter extends DBConn {
val stmt = getConn() val stmt = getConn()
val userActive = collection.mutable.Map[Int, Int]() val userLastActive = collection.mutable.Map[Int, Long]()
val userAllowance = collection.mutable.Map[Int, Double]()
val rate = 2.0
val per = 45.0
val allowance = rate
def validateUser(user: Int) : Boolean = { def validateUser(user: Int) : Boolean = {
validatePstmt.setInt(1, user) val allow = if(userLastActive.contains(user)){
val rs = validatePstmt.executeQuery()
val validated = if(rs.next()){
val hash = rs.getInt("hash")
userActive(hash) = 0
true true
} else { } else {
false validatePstmt.setInt(1, user)
val rs = validatePstmt.executeQuery()
val validated = if(rs.next()){
val hash = rs.getInt("hash")
userLastActive(hash) = System.currentTimeMillis()
userAllowance(hash) = allowance
true
} else {
false
}
validated
} }
validated allow
} }
def checkLimit(user: Int): Boolean = {
synchronized {
val current = System.currentTimeMillis()
val time_passed = (current - userLastActive(user)) / 1000000000
userLastActive(user) = current
userAllowance(user) += time_passed * (rate/per)
if(userAllowance(user) > rate){ userAllowance(user) = rate }
val allow = if(userAllowance(user) < 1.0){
false
} else {
userAllowance(user) -= 1.0
true
}
allow
}
}
} }
class Server(port: Int){ class Server(port: Int){
@ -203,13 +231,13 @@ class Server(port: Int){
val accessToken = if(req.getHeaders().get("access-token") != null){ val accessToken = if(req.getHeaders().get("access-token") != null){
req.getHeaders().get("access-token").toInt req.getHeaders().get("access-token").toInt
} else 0 } else 0
val id = if(true == rateLimiter.validateUser(accessToken)){ val id = if(true == rateLimiter.validateUser(accessToken) && true == rateLimiter.checkLimit(accessToken)){
val body = req.getJson() val body = req.getJson()
val json = parse(body) val json = parse(body)
val param = json.extract[Parameters] val param = json.extract[Parameters]
captcha.getChallenge(param) captcha.getChallenge(param)
} else { } else {
"Not a valid user! Please register." "Not a valid user or rate limit reached!"
} }
resp.getHeaders().add("Content-Type","application/json") resp.getHeaders().add("Content-Type","application/json")
resp.send(200, write(id)) resp.send(200, write(id))