ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2026-05-07 01:02:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1cc412e1d07dfd2f13bf04927c9329badaaeb9d0
FastGPT/packages/service/common/middle/reqFrequencyLimit.ts
T
xqvvu 1cc412e1d0 feat(security): account+IP login failure lockout and IP limit fail-closed 
- Add loginLockout helpers on frequency_limit collection (assert, record, clear, audit log)
- Wire loginByPassword: lock before auth, count auth/password failures, clear on success
- useIPFrequencyLimit failClosed + authFrequencyLimit strict for Mongo errors
- Centralize PASSWORD_LOGIN_LOCK_SECONDS / LOGIN_FAIL_* in env.ts; slim type/env ProcessEnv
- Extend loginByPassword API tests (lockout via stubEnv + resetModules)

Made-with: Cursor
2026-04-15 14:13:00 +08:00

50 lines
1.5 KiB
TypeScript
Raw Blame History

import { type ApiRequestProps } from '../../type/next';
import requestIp from 'request-ip';
import { authFrequencyLimit } from '../system/frequencyLimit/utils';
import { addSeconds } from 'date-fns';
import { type NextApiResponse } from 'next';
import { jsonRes } from '../response';
import { ERROR_ENUM } from '@fastgpt/global/common/error/errorCode';
// unit: times/s
// how to use?
// export default NextAPI(useQPSLimit(10), handler); // limit 10 times per second for a ip
export function useIPFrequencyLimit({
id,
seconds,
limit,
force = false,
failClosed = false
}: {
id: string;
seconds: number;
limit: number;
force?: boolean;
/** When true, Mongo errors reject with tooManyRequest instead of failing open. */
failClosed?: boolean;
}) {
return async (req: ApiRequestProps, res: NextApiResponse) => {
const ip = requestIp.getClientIp(req);
if (!ip || (process.env.USE_IP_LIMIT !== 'true' && !force)) {
return;
}
try {
await authFrequencyLimit({
eventId: `ip-qps-limit-${id}-` + ip,
maxAmount: limit,
expiredTime: addSeconds(new Date(), seconds),
strict: failClosed
});
} catch (err) {
const isLimitExceeded = err && typeof err === 'object' && 'amount' in err;
jsonRes(res, {
code: 429,
error:
failClosed && !isLimitExceeded
? ERROR_ENUM.tooManyRequest
: `Too many request, request ${limit} times every ${seconds} seconds`
});
}
};
}
Reference in New Issue View Git Blame Copy Permalink