Skip to content

Commit

Permalink
route limiter
Browse files Browse the repository at this point in the history
  • Loading branch information
@aliffazfar
aliffazfar committed Feb 14, 2022
1 parent 2a13d62 commit de2ff4f
Show file tree
Hide file tree
Showing 5 changed files with 98 additions and 5 deletions.
1 change: 0 additions & 1 deletion middleware/error-handler.js
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { StatusCodes } from 'http-status-codes'

const errorHandlerMiddleware = (err, req, res, next) => {
console.log(err)
const defaultError = {
statusCode: err.statusCode || StatusCodes.INTERNAL_SERVER_ERROR,
msg: err.message || 'Something went wrong, try again later',
Expand Down
75 changes: 74 additions & 1 deletion package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 5 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,15 @@
"dotenv": "^14.2.0",
"express": "^4.17.2",
"express-async-errors": "^3.1.1",
"express-mongo-sanitize": "^2.2.0",
"express-rate-limit": "^6.2.1",
"helmet": "^5.0.2",
"http-status-codes": "^2.2.0",
"jsonwebtoken": "^8.5.1",
"moment": "^2.29.1",
"mongoose": "^6.1.7",
"morgan": "^1.10.0",
"validator": "^13.7.0"
"validator": "^13.7.0",
"xss-clean": "^0.1.1"
}
}
12 changes: 10 additions & 2 deletions routes/authRoutes.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,19 @@
import express from 'express'
const router = express.Router()

import rateLimiter from 'express-rate-limit'

const apiLimiter = rateLimiter({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 10,
message: 'Too many requests from this IP, please try again after 15 minutes',
})

import { register, login, updateUser } from '../controllers/authController.js'
import authenticateUser from '../middleware/auth.js'

router.route('/register').post(register)
router.route('/login').post(login)
router.route('/register').post(apiLimiter, register)
router.route('/login').post(apiLimiter, login)
router.route('/updateUser').patch(authenticateUser, updateUser)

export default router
9 changes: 9 additions & 0 deletions server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ import { dirname } from 'path'
import { fileURLToPath } from 'url'
import path from 'path'

import helmet from 'helmet'
import xss from 'xss-clean'
import mongoSanitize from 'express-mongo-sanitize'

// db and authenticateUser
import connectDB from './db/connect.js'

Expand All @@ -28,6 +32,11 @@ const __dirname = dirname(fileURLToPath(import.meta.url))
app.use(express.static(path.resolve(__dirname, './client/build')))
app.use(express.json())

app.use(express.json())
app.use(helmet())
app.use(xss())
app.use(mongoSanitize())

app.use('/api/v1/auth', authRouter)
app.use('/api/v1/jobs', authenticateUser, jobsRouter)

Expand Down

0 comments on commit de2ff4f

Please sign in to comment.