apps/api/src/middlewares/rateLimiter.ts at main

yoginth.com / hey

fork atom

Hey is a decentralized and permissionless social media app built with Lens Protocol 🌿

fork atom

hey / apps / api / src / middlewares / rateLimiter.ts

at main 34 lines 857 B view raw

wrap content

yoginth.com fix: stabilize rate limiter key (#6020) 7mo ago

77cdbe4a

 1import { rateLimiter as rateLimit } from "hono-rate-limiter";
 2import sha256 from "../utils/sha256";
 3
 4const getIp = (req: Request): string => {
 5  const ips = (
 6    req.headers.get("cf-connecting-ip") ||
 7    req.headers.get("x-real-ip") ||
 8    req.headers.get("x-forwarded-for") ||
 9    "unknown"
10  ).split(",");
11
12  return ips[0].trim();
13};
14
15const hashedIp = (req: Request): string => sha256(getIp(req)).slice(0, 25);
16
17interface RateLimiterOptions {
18  requests: number;
19}
20
21const rateLimiter = ({ requests }: RateLimiterOptions) => {
22  return rateLimit({
23    keyGenerator: (c) => {
24      const pathHash = sha256(c.req.path).slice(0, 25);
25      const key = `rate-limit:${pathHash}:${hashedIp(c.req.raw)}`;
26      return key;
27    }, // 1 minute
28    limit: requests,
29    standardHeaders: "draft-6",
30    windowMs: 1 * 60 * 1000
31  });
32};
33
34export default rateLimiter;