From d362d020ef1210929a8186250b0bb6aa6873d636 Mon Sep 17 00:00:00 2001 From: Dev Singh Date: Wed, 26 Mar 2025 13:23:23 -0500 Subject: [PATCH 1/2] add ratelimiter to protected route --- src/api/routes/protected.ts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/api/routes/protected.ts b/src/api/routes/protected.ts index e369d4df..c7beb586 100644 --- a/src/api/routes/protected.ts +++ b/src/api/routes/protected.ts @@ -1,5 +1,6 @@ import { FastifyPluginAsync } from "fastify"; import fastifyCaching from "@fastify/caching"; +import rateLimiter from "api/plugins/rateLimiter.js"; const protectedRoute: FastifyPluginAsync = async (fastify, _options) => { fastify.register(fastifyCaching, { @@ -7,6 +8,11 @@ const protectedRoute: FastifyPluginAsync = async (fastify, _options) => { serverExpiresIn: 0, expiresIn: 60 * 60 * 2, }); + await fastify.register(rateLimiter, { + limit: 15, + duration: 30, + rateLimitIdentifier: "protected", + }); fastify.get("/", async (request, reply) => { const roles = await fastify.authorize(request, reply, []); reply.send({ username: request.username, roles: Array.from(roles) }); From bcecf9407ea5e0bb6e2c045252bc4d80bac3c2fd Mon Sep 17 00:00:00 2001 From: Dev Singh Date: Wed, 26 Mar 2025 13:23:56 -0500 Subject: [PATCH 2/2] remove server-side cache from protected route --- src/api/routes/protected.ts | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/api/routes/protected.ts b/src/api/routes/protected.ts index c7beb586..86a3d044 100644 --- a/src/api/routes/protected.ts +++ b/src/api/routes/protected.ts @@ -1,13 +1,7 @@ import { FastifyPluginAsync } from "fastify"; -import fastifyCaching from "@fastify/caching"; import rateLimiter from "api/plugins/rateLimiter.js"; const protectedRoute: FastifyPluginAsync = async (fastify, _options) => { - fastify.register(fastifyCaching, { - privacy: fastifyCaching.privacy.PRIVATE, - serverExpiresIn: 0, - expiresIn: 60 * 60 * 2, - }); await fastify.register(rateLimiter, { limit: 15, duration: 30,