fix(csrf): fixes csrf error + adds 30 character limit

Artlfmj · Oct 9, 2023 · a1a436b · a1a436b
1 parent 5b5e95b
commit a1a436b
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 6 deletions.
diff --git a/src/app.js b/src/app.js
@@ -51,8 +51,6 @@ app.use(
   })
 );       
 
-app.use(csrf());
-app.use(addCSRF)
 
 app.use(flash());
 // Initialize Passport and session middleware

diff --git a/src/utils/limiter.js b/src/utils/limiter.js
@@ -2,8 +2,8 @@ const rateLimit = require("express-rate-limit");
 
 
 const limiter = rateLimit({
-    windowMs: 15 * 60 * 1000, // 15 minutes
-    max: 5, // 5 requests per windowMs
+    windowMs: 1 * 60 * 1000, // 15 minutes
+    max: 30, // 5 requests per windowMs
     message: "Too many requests from this IP, please try again later.",
   });
 

diff --git a/src/views/course-create.ejs b/src/views/course-create.ejs
@@ -48,10 +48,10 @@
                                 <div class="wizard-form-error"></div>
                             </div>
                             <div class="form-group">
-                                <textarea type="text" class="form-control" id="shortDescription" name="shortDescription"></textarea>
+                                <textarea type="text" class="form-control" id="shortDescription" name="shortDescription" oninput="limitShortDescription(this, 30)"></textarea>
                                 <label for="shortDescription" class="wizard-form-text-label">Short Description</label>
                                 <div class="wizard-form-error"></div>
-                            </div>
+                            </div>                            
                             <div class="form-group">
                                 <textarea type="text" class="form-control" id="longDescription" name="longDescription"></textarea>
                                 <label for="longDescription" class="wizard-form-text-label">Long Description</label>
@@ -122,6 +122,12 @@
         </div>
     </section>
     <script>
+        function limitShortDescription(element, maxLength) {
+            const inputValue = element.value;
+            if (inputValue.length > maxLength) {
+                element.value = inputValue.slice(0, maxLength);
+            }
+        }
         jQuery(document).ready(function() {
             // click on next button
             jQuery('.form-wizard-next-btn').click(function() {