feat(mangadex): server-side rate-limit 5/s

author: Fuwn <[email protected]> 2023-12-24 00:59:14 -0800
committer: Fuwn <[email protected]> 2023-12-24 00:59:14 -0800
commit: 31ea88d915e27d15efd7c110f8189130338c759b (patch)
tree: df6fce79682d33890505857084adf52d13d60063 /src
parent: fix(subtiteld): lessen subtitled match (diff)
download: due.moe-31ea88d915e27d15efd7c110f8189130338c759b.tar.xz
due.moe-31ea88d915e27d15efd7c110f8189130338c759b.zip
4 files changed, 36 insertions, 4 deletions
diff --git a/src/lib/rateLimit.ts b/src/lib/rateLimit.ts
new file mode 100644
index 00000000..98e726a2
--- /dev/null
+++ b/src/lib/rateLimit.ts
@@ -0,0 +1,12 @@
+import type { RequestEvent } from '@sveltejs/kit';
+import { RateLimiter } from 'sveltekit-rate-limiter/server';
+
+export const checkRateLimit = async (event: RequestEvent) => {
+	const limiter = new RateLimiter({ rates: { IP: [5, 's'] } });
+
+	await limiter.cookieLimiter?.preflight(event);
+
+	if (await limiter.isLimited(event)) return new Response('rate-limited');
+
+	return null;
+};
diff --git a/src/routes/api/mangadex/chapter/+server.ts b/src/routes/api/mangadex/chapter/+server.ts
index 68e125bd..ad291e42 100644
--- a/src/routes/api/mangadex/chapter/+server.ts
+++ b/src/routes/api/mangadex/chapter/+server.ts
@@ -1,4 +1,11 @@
-export const GET = async ({ url }) => {
+import { checkRateLimit } from '$lib/rateLimit.js';
+
+export const GET = async (event) => {
+	const limit = await checkRateLimit(event);
+	const { url } = event;
+
+	if (limit) return limit;
+
 	try {
 		return Response.json(
 			await (
diff --git a/src/routes/api/mangadex/feed/+server.ts b/src/routes/api/mangadex/feed/+server.ts
index ebfdd094..458d3914 100644
--- a/src/routes/api/mangadex/feed/+server.ts
+++ b/src/routes/api/mangadex/feed/+server.ts
@@ -1,9 +1,15 @@
-export const GET = async ({ url }) => {
+import { checkRateLimit } from '$lib/rateLimit.js';
+
+export const GET = async (event) => {
+	const limit = await checkRateLimit(event);
+
+	if (limit) return limit;
+
 	try {
 		return Response.json(
 			await (
 				await fetch(
-					`https://api.mangadex.org/manga/${url.searchParams.get(
+					`https://api.mangadex.org/manga/${event.url.searchParams.get(
 						'id'
 					)}/feed?order[chapter]=desc&translatedLanguage[]=en&limit=1&contentRating[]=safe&contentRating[]=suggestive&contentRating[]=erotica&contentRating[]=pornographic`
 				)
diff --git a/src/routes/api/mangadex/manga/+server.ts b/src/routes/api/mangadex/manga/+server.ts
index 521bde6c..73c15481 100644
--- a/src/routes/api/mangadex/manga/+server.ts
+++ b/src/routes/api/mangadex/manga/+server.ts
@@ -1,4 +1,11 @@
-export const GET = async ({ url }) => {
+import { checkRateLimit } from '$lib/rateLimit.js';
+
+export const GET = async (event) => {
+	const limit = await checkRateLimit(event);
+	const { url } = event;
+
+	if (limit) return limit;
+
 	let status = '';
 	let error = false;
author	Fuwn <[email protected]>	2023-12-24 00:59:14 -0800
committer	Fuwn <[email protected]>	2023-12-24 00:59:14 -0800
commit	31ea88d915e27d15efd7c110f8189130338c759b (patch)
tree	df6fce79682d33890505857084adf52d13d60063 /src
parent	fix(subtiteld): lessen subtitled match (diff)
download	due.moe-31ea88d915e27d15efd7c110f8189130338c759b.tar.xz due.moe-31ea88d915e27d15efd7c110f8189130338c759b.zip