martin/databag
1
0
Fork 0
mirror of https://github.com/balzack/databag.git synced 2025-02-15 04:59:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

throttle requests on failed token

Browse Source
This commit is contained in:
Roland Osborne 2022-09-10 02:20:32 -07:00
parent 0f00fc1c4a
commit 22e58c9c0e
4 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/server/internal/api_addAccount.go
View File

@ -5,6 +5,7 @@ import (
"databag/internal/store" "databag/internal/store"
"encoding/hex" "encoding/hex"
"errors" "errors"
"time"
"gorm.io/gorm" "gorm.io/gorm"
"net/http" "net/http"
"os" "os"
@ -19,6 +20,7 @@ func AddAccount(w http.ResponseWriter, r *http.Request) {
if r.FormValue("token") != "" { if r.FormValue("token") != "" {
token, _, res = AccessToken(r) token, _, res = AccessToken(r)
if res != nil || token.TokenType != APPTokenCreate { if res != nil || token.TokenType != APPTokenCreate {
time.Sleep(APPUsernameWait * time.Millisecond);
ErrResponse(w, http.StatusUnauthorized, res) ErrResponse(w, http.StatusUnauthorized, res)
return return
} }

3
net/server/internal/api_getAccountUsername.go
View File

@ -15,11 +15,10 @@ type accountUsername struct {
//GetAccountUsername determines if username is assignable //GetAccountUsername determines if username is assignable
func GetAccountUsername(w http.ResponseWriter, r *http.Request) { func GetAccountUsername(w http.ResponseWriter, r *http.Request) {
time.Sleep(APPUsernameWait * time.Millisecond);
if r.FormValue("token") != "" { if r.FormValue("token") != "" {
token, _, res := AccessToken(r) token, _, res := AccessToken(r)
if res != nil || token.TokenType != APPTokenCreate { if res != nil || token.TokenType != APPTokenCreate {
time.Sleep(APPUsernameWait * time.Second);
ErrResponse(w, http.StatusUnauthorized, res) ErrResponse(w, http.StatusUnauthorized, res)
return return
} }

2
net/server/internal/api_setAccountAccess.go
View File

@ -4,6 +4,7 @@ import (
"databag/internal/store" "databag/internal/store"
"encoding/hex" "encoding/hex"
"errors" "errors"
"time"
"github.com/theckman/go-securerandom" "github.com/theckman/go-securerandom"
"gorm.io/gorm" "gorm.io/gorm"
"net/http" "net/http"
@ -14,6 +15,7 @@ func SetAccountAccess(w http.ResponseWriter, r *http.Request) {
token, _, res := AccessToken(r) token, _, res := AccessToken(r)
if res != nil || token.TokenType != APPTokenReset { if res != nil || token.TokenType != APPTokenReset {
time.Sleep(APPUsernameWait * time.Millisecond);
ErrResponse(w, http.StatusUnauthorized, res) ErrResponse(w, http.StatusUnauthorized, res)
return return
} }

4
net/server/internal/appValues.go
View File

@ -96,8 +96,8 @@ const APPTokenReset = "reset"
//APPNotifyBuffer config for size of channel reciving notifications //APPNotifyBuffer config for size of channel reciving notifications
const APPNotifyBuffer = 4096 const APPNotifyBuffer = 4096
//APPUsernameWait milliseconds to delay response //APPUsernameWait seconds to delay response
const APPUsernameWait = 333 const APPUsernameWait = 1
//APPTopicUnconfirmed config for status name for unconfirmed //APPTopicUnconfirmed config for status name for unconfirmed
const APPTopicUnconfirmed = "unconfirmed" const APPTopicUnconfirmed = "unconfirmed"