From 5a9bf504248323117bf47a30f37545c56d87491a Mon Sep 17 00:00:00 2001 From: Hazelnoot Date: Thu, 3 Jul 2025 18:30:05 -0400 Subject: [PATCH] increase rate limit for import endpoints to 1 per minute --- .../backend/src/server/api/endpoints/i/import-antennas.ts | 7 ++++--- .../backend/src/server/api/endpoints/i/import-blocking.ts | 7 ++++--- .../src/server/api/endpoints/i/import-following.ts | 7 +++++-- .../backend/src/server/api/endpoints/i/import-muting.ts | 7 ++++--- .../backend/src/server/api/endpoints/i/import-notes.ts | 8 +++++--- .../src/server/api/endpoints/i/import-user-lists.ts | 8 +++++--- 6 files changed, 27 insertions(+), 17 deletions(-) diff --git a/packages/backend/src/server/api/endpoints/i/import-antennas.ts b/packages/backend/src/server/api/endpoints/i/import-antennas.ts index ccec96ffbb..9b45923e92 100644 --- a/packages/backend/src/server/api/endpoints/i/import-antennas.ts +++ b/packages/backend/src/server/api/endpoints/i/import-antennas.ts @@ -4,7 +4,6 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; import type { AntennasRepository, DriveFilesRepository, UsersRepository, MiAntenna as _Antenna } from '@/models/_.js'; @@ -19,9 +18,11 @@ export const meta = { requiredRolePolicy: 'canImportAntennas', prohibitMoved: true, + // 1 per minute limit: { - duration: ms('1hour'), - max: 1, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/i/import-blocking.ts b/packages/backend/src/server/api/endpoints/i/import-blocking.ts index 2fa450558b..78678f33e5 100644 --- a/packages/backend/src/server/api/endpoints/i/import-blocking.ts +++ b/packages/backend/src/server/api/endpoints/i/import-blocking.ts @@ -4,7 +4,6 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; import { AccountMoveService } from '@/core/AccountMoveService.js'; @@ -18,9 +17,11 @@ export const meta = { requiredRolePolicy: 'canImportBlocking', prohibitMoved: true, + // 1 per minute limit: { - duration: ms('1hour'), - max: 1, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/i/import-following.ts b/packages/backend/src/server/api/endpoints/i/import-following.ts index 9186fca162..2d45ff2c8a 100644 --- a/packages/backend/src/server/api/endpoints/i/import-following.ts +++ b/packages/backend/src/server/api/endpoints/i/import-following.ts @@ -17,9 +17,12 @@ export const meta = { requireCredential: true, requiredRolePolicy: 'canImportFollowing', prohibitMoved: true, + + // 1 per minute limit: { - duration: ms('1hour'), - max: 1, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/i/import-muting.ts b/packages/backend/src/server/api/endpoints/i/import-muting.ts index b6dbacd371..1af9cc6263 100644 --- a/packages/backend/src/server/api/endpoints/i/import-muting.ts +++ b/packages/backend/src/server/api/endpoints/i/import-muting.ts @@ -4,7 +4,6 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; import { AccountMoveService } from '@/core/AccountMoveService.js'; @@ -18,9 +17,11 @@ export const meta = { requiredRolePolicy: 'canImportMuting', prohibitMoved: true, + // 1 per minute limit: { - duration: ms('1hour'), - max: 1, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/i/import-notes.ts b/packages/backend/src/server/api/endpoints/i/import-notes.ts index 91ef12c3e3..b46e038b50 100644 --- a/packages/backend/src/server/api/endpoints/i/import-notes.ts +++ b/packages/backend/src/server/api/endpoints/i/import-notes.ts @@ -4,7 +4,6 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; import type { DriveFilesRepository } from '@/models/_.js'; @@ -16,9 +15,12 @@ export const meta = { secure: true, requireCredential: true, prohibitMoved: true, + + // 1 per minute limit: { - duration: ms('1hour'), - max: 2, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/i/import-user-lists.ts b/packages/backend/src/server/api/endpoints/i/import-user-lists.ts index 5de0a70bbb..509483be3f 100644 --- a/packages/backend/src/server/api/endpoints/i/import-user-lists.ts +++ b/packages/backend/src/server/api/endpoints/i/import-user-lists.ts @@ -4,7 +4,6 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; import { AccountMoveService } from '@/core/AccountMoveService.js'; @@ -17,9 +16,12 @@ export const meta = { requireCredential: true, requiredRolePolicy: 'canImportUserLists', prohibitMoved: true, + + // 1 per minute limit: { - duration: ms('1hour'), - max: 1, + type: 'bucket', + size: 1, + dripRate: 1000 * 60, }, errors: {