2019-12-19 21:50:50 -08:00
|
|
|
var express = require('express')
|
|
|
|
var router = express.Router()
|
2020-07-22 22:00:20 -07:00
|
|
|
const rateLimit = require('express-rate-limit')
|
|
|
|
|
|
|
|
const Note = require('@models/Note')
|
|
|
|
const User = require('@models/User')
|
|
|
|
|
|
|
|
|
2019-12-19 21:50:50 -08:00
|
|
|
|
|
|
|
|
2020-06-07 13:57:35 -07:00
|
|
|
//
|
|
|
|
// Public Note action
|
|
|
|
//
|
2020-07-22 22:00:20 -07:00
|
|
|
const sharedNoteLimiter = rateLimit({
|
|
|
|
windowMs: 30 * 60 * 1000, //30 min window
|
|
|
|
max: 50, // start blocking after 50 requests
|
|
|
|
message:'Unable to open that many shared notes'
|
|
|
|
})
|
|
|
|
router.post('/opensharednote', sharedNoteLimiter, function (req, res) {
|
2020-06-07 13:57:35 -07:00
|
|
|
|
|
|
|
Note.getShared(req.body.noteId, req.body.sharedKey)
|
|
|
|
.then(results => res.send(results))
|
2019-12-19 21:50:50 -08:00
|
|
|
})
|
|
|
|
|
2020-07-22 22:00:20 -07:00
|
|
|
//
|
|
|
|
// Login User
|
|
|
|
//
|
|
|
|
const loginLimiter = rateLimit({
|
|
|
|
windowMs: 30 * 60 * 1000, // 30 min window
|
|
|
|
max: 25, // start blocking after 25 requests
|
|
|
|
message:'Please try to login again later'
|
|
|
|
})
|
|
|
|
router.post('/login', loginLimiter, function (req, res) {
|
|
|
|
|
|
|
|
User.login(req.body.username, req.body.password, req.body.authToken)
|
|
|
|
.then( returnData => {
|
|
|
|
|
|
|
|
res.send(returnData)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
//
|
|
|
|
// Register User
|
|
|
|
//
|
|
|
|
const registerLimiter = rateLimit({
|
|
|
|
windowMs: 60 * 60 * 1000, // 1 hour window
|
|
|
|
max: 5, // start blocking after 5 requests
|
|
|
|
message:'Please try again to create an acount in an hour'
|
|
|
|
})
|
|
|
|
router.post('/register', registerLimiter, function (req, res) {
|
|
|
|
|
|
|
|
User.register(req.body.username, req.body.password)
|
|
|
|
.then( returnData => {
|
|
|
|
|
|
|
|
res.send(returnData)
|
|
|
|
})
|
|
|
|
})
|
2019-12-19 21:50:50 -08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
module.exports = router
|