| | const rateLimit = require('express-rate-limit'); |
| | const { limiterCache } = require('@librechat/api'); |
| | const { ViolationTypes } = require('librechat-data-provider'); |
| | const denyRequest = require('~/server/middleware/denyRequest'); |
| | const { logViolation } = require('~/cache'); |
| |
|
| | const { |
| | MESSAGE_IP_MAX = 40, |
| | MESSAGE_IP_WINDOW = 1, |
| | MESSAGE_USER_MAX = 40, |
| | MESSAGE_USER_WINDOW = 1, |
| | MESSAGE_VIOLATION_SCORE: score, |
| | } = process.env; |
| |
|
| | const ipWindowMs = MESSAGE_IP_WINDOW * 60 * 1000; |
| | const ipMax = MESSAGE_IP_MAX; |
| | const ipWindowInMinutes = ipWindowMs / 60000; |
| |
|
| | const userWindowMs = MESSAGE_USER_WINDOW * 60 * 1000; |
| | const userMax = MESSAGE_USER_MAX; |
| | const userWindowInMinutes = userWindowMs / 60000; |
| |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | const createHandler = (ip = true) => { |
| | return async (req, res) => { |
| | const type = ViolationTypes.MESSAGE_LIMIT; |
| | const errorMessage = { |
| | type, |
| | max: ip ? ipMax : userMax, |
| | limiter: ip ? 'ip' : 'user', |
| | windowInMinutes: ip ? ipWindowInMinutes : userWindowInMinutes, |
| | }; |
| |
|
| | await logViolation(req, res, type, errorMessage, score); |
| | return await denyRequest(req, res, errorMessage); |
| | }; |
| | }; |
| |
|
| | |
| | |
| | |
| | const ipLimiterOptions = { |
| | windowMs: ipWindowMs, |
| | max: ipMax, |
| | handler: createHandler(), |
| | store: limiterCache('message_ip_limiter'), |
| | }; |
| |
|
| | const userLimiterOptions = { |
| | windowMs: userWindowMs, |
| | max: userMax, |
| | handler: createHandler(false), |
| | keyGenerator: function (req) { |
| | return req.user?.id; |
| | }, |
| | store: limiterCache('message_user_limiter'), |
| | }; |
| |
|
| | |
| | |
| | |
| | const messageIpLimiter = rateLimit(ipLimiterOptions); |
| |
|
| | |
| | |
| | |
| | const messageUserLimiter = rateLimit(userLimiterOptions); |
| |
|
| | module.exports = { |
| | messageIpLimiter, |
| | messageUserLimiter, |
| | }; |
| |
|
