Merge pull request #101 from CAUCSE/feat/#87

[HOTFIX] Reject user 무한 api 해결, 보안 해결책 추가

package.json

@@ -18,13 +18,15 @@
     "@mui/icons-material": "^5.15.4",
     "@mui/material": "^5.15.4",
     "axios": "^1.6.5",
+    "axios-rate-limit": "^1.3.0",
     "date-fns": "^3.2.0",
     "emotion-normalize": "^11.0.1",
     "mobx": "^6.12.0",
     "mobx-react-lite": "^4.0.5",
     "quill-image-uploader": "^1.3.0",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
+    "react-ga": "^3.3.1",
     "react-hook-form": "^7.12.1",
     "react-quill": "^2.0.0",
     "react-responsive-carousel": "^3.2.23",

src/Tracker.ts

@@ -0,0 +1,23 @@
+import { useEffect, useState } from 'react';
+import ReactGA from 'react-ga';
+import { useLocation } from 'react-router-dom';
+
+const Tracker = () => {
+  const location = useLocation();
+  const [initialized, setInitialized] = useState(false);
+
+  useEffect(() => {
+    if (!window.location.href.includes('localhost')) {
+      ReactGA.initialize(import.meta.env.VITE_APP_GA_TRACKING_ID);
+    }
+    setInitialized(true);
+  }, []);
+
+  useEffect(() => {
+    if (initialized) {
+      ReactGA.pageview(location.pathname + location.search);
+    }
+  }, [initialized, location]);
+};
+
+export default Tracker;

src/configs/axios.ts

@@ -1,13 +1,17 @@
 import axios, { AxiosResponse } from 'axios';
+import rateLimit from 'axios-rate-limit';
 
 import { PAGE_URL } from './path';
 
-export const API = axios.create({
-  baseURL:
-    process.env.NODE_ENV === 'production'
-      ? import.meta.env.VITE_PROD_SERVER_URL
-      : import.meta.env.VITE_DEV_SERVER_URL,
-});
+export const API = rateLimit(
+  axios.create({
+    baseURL:
+      process.env.NODE_ENV === 'production'
+        ? import.meta.env.VITE_PROD_SERVER_URL
+        : import.meta.env.VITE_DEV_SERVER_URL,
+  }),
+  { maxRequests: 3, perMilliseconds: 1000 },
+);
 
 //Auth
 export const setAccess = (token: string): unknown =>
@@ -40,12 +44,23 @@ API.interceptors.response.use(
         response: { data },
         config,
       } = error;
-
       if (
         (!localStorage.getItem(storageRefreshKey) &&
           config.url !== '/api/v1/users/password/find' &&
           config.url !== '/api/v1/users/sign-up') ||
-        config.url === '/api/v1/users/token/update'
+        config.url === '/api/v1/users/token/update' ||
+        data.errorCode === '4101' ||
+        data.errorCode === 4101 ||
+        data.errorCode === '4102' ||
+        data.errorCode === 4102 ||
+        data.errorCode === '4103' ||
+        data.errorCode === 4103 ||
+        data.errorCode === '4104' ||
+        data.errorCode === 4104 ||
+        data.errorCode === '4012' ||
+        data.errorCode === 4012 ||
+        data.errorCode === '4109' ||
+        data.errorCode === 4109
       ) {
         removeRefresh();
         if (location.pathname !== PAGE_URL.SignIn) location.href = PAGE_URL.SignIn;

yarn.lock

@@ -367,10 +367,10 @@
   resolved "https://registry.npmjs.org/@emotion/weak-memoize/-/weak-memoize-0.3.1.tgz"
   integrity sha512-EsBwpc7hBUJWAsNPBmJy4hxWx12v6bshQsldrVmjxJoc3isbxhOrF2IcCpaXxfvq03NwkI7sbsOLXbYuqF/8Ww==
 
-"@esbuild/darwin-arm64@0.19.11":
+"@esbuild/win32-x64@0.19.11":
   version "0.19.11"
-  resolved "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.11.tgz"
-  integrity sha512-ETp87DRWuSt9KdDVkqSoKoLFHYTrkyz2+65fj9nfXsaV3bMhTCjtQfw3y+um88vGRKRiF7erPrh/ZuIdLUIVxQ==
+  resolved "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.11.tgz"
+  integrity sha512-vfkhltrjCAb603XaFhqhAF4LGDi2M4OrCRrFusyQ+iTLQ/o60QQXxc9cZC/FFpihBI9N1Grn6SMKVJ4KP7Fuiw==
 
 "@eslint-community/eslint-utils@^4.2.0", "@eslint-community/eslint-utils@^4.4.0":
   version "4.4.0"
@@ -681,10 +681,10 @@
     estree-walker "^2.0.2"
     picomatch "^2.3.1"
 
-"@rollup/rollup-darwin-arm64@4.9.4":
+"@rollup/rollup-win32-x64-msvc@4.9.4":
   version "4.9.4"
-  resolved "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.9.4.tgz"
-  integrity sha512-1fzh1lWExwSTWy8vJPnNbNM02WZDS8AW3McEOb7wW+nPChLKf3WG2aG7fhaUmfX5FKw9zhsF5+MBwArGyNM7NA==
+  resolved "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.9.4.tgz"
+  integrity sha512-LfdGXCV9rdEify1oxlN9eamvDSjv9md9ZVMAbNHA87xqIfFCxImxan9qZ8+Un54iK2nnqPlbnSi4R54ONtbWBw==
 
 "@svgr/[email protected]":
   version "8.0.0"
@@ -1371,7 +1371,12 @@ available-typed-arrays@^1.0.5:
   resolved "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz"
   integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw==
 
-axios@^1.6.5:
+axios-rate-limit@^1.3.0:
+  version "1.3.0"
+  resolved "https://registry.npmjs.org/axios-rate-limit/-/axios-rate-limit-1.3.0.tgz"
+  integrity sha512-cKR5wTbU/CeeyF1xVl5hl6FlYsmzDVqxlN4rGtfO5x7J83UxKDckudsW0yW21/ZJRcO0Qrfm3fUFbhEbWTLayw==
+
+axios@*, axios@^1.6.5:
   version "1.6.5"
   resolved "https://registry.npmjs.org/axios/-/axios-1.6.5.tgz"
   integrity sha512-Ii012v05KEVuUoFWmMW/UQv9aRIc3ZwkWDcM+h5Il8izZCtRVpDUfwpoFf7eOtajT3QiGR4yDUx7lPqHJULgbg==
@@ -2288,16 +2293,6 @@ fs.realpath@^1.0.0:
   resolved "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz"
   integrity sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==
 
-fsevents@~2.3.2, fsevents@~2.3.3:
-  version "2.3.3"
-  resolved "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz"
-  integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==
-
-[email protected]:
-  version "2.3.2"
-  resolved "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz"
-  integrity sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==
-
 function-bind@^1.1.2:
   version "1.1.2"
   resolved "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz"
@@ -3415,6 +3410,11 @@ react-event-listener@^0.6.0:
     prop-types "^15.6.0"
     warning "^4.0.1"
 
+react-ga@^3.3.1:
+  version "3.3.1"
+  resolved "https://registry.npmjs.org/react-ga/-/react-ga-3.3.1.tgz"
+  integrity sha512-4Vc0W5EvXAXUN/wWyxvsAKDLLgtJ3oLmhYYssx+YzphJpejtOst6cbIHCIyF50Fdxuf5DDKqRYny24yJ2y7GFQ==
+
 react-hook-form@^7.12.1:
   version "7.12.1"
   resolved "https://registry.npmjs.org/react-hook-form/-/react-hook-form-7.12.1.tgz"
@@ -3553,7 +3553,7 @@ react-virtuoso@^4.6.2:
   resolved "https://registry.npmjs.org/react-virtuoso/-/react-virtuoso-4.6.2.tgz"
   integrity sha512-vvlqvzPif+MvBrJ09+hJJrVY0xJK9yran+A+/1iwY78k0YCVKsyoNPqoLxOxzYPggspNBNXqUXEcvckN29OxyQ==
 
-"react@^0.14.0 || ^15.0.0 || ^16.0.0 || ^17.0.0", "react@^15.3.0 || ^16.0.0 || ^17.0.0", "react@^16 || ^17 || ^18", "react@^16.0.0 || ^17.0.0 || ^18.0.0", "react@^16.8.0 || ^17", "react@^16.8.0 || ^17 || ^18", "react@^16.8.0 || ^17.0.0 || ^18.0.0", react@^17.0.0, "react@^17.0.0 || ^18.0.0", react@^17.0.2, react@>=15, "react@>=16 || >=17 || >= 18", react@>=16.3.0, react@>=16.6.0, react@>=16.8.0, [email protected]:
+"react@^0.14.0 || ^15.0.0 || ^16.0.0 || ^17.0.0", "react@^15.3.0 || ^16.0.0 || ^17.0.0", "react@^15.6.2 || ^16.0 || ^17 || ^18", "react@^16 || ^17 || ^18", "react@^16.0.0 || ^17.0.0 || ^18.0.0", "react@^16.8.0 || ^17", "react@^16.8.0 || ^17 || ^18", "react@^16.8.0 || ^17.0.0 || ^18.0.0", react@^17.0.0, "react@^17.0.0 || ^18.0.0", react@^17.0.2, react@>=15, "react@>=16 || >=17 || >= 18", react@>=16.3.0, react@>=16.6.0, react@>=16.8.0, [email protected]:
   version "17.0.2"
   resolved "https://registry.npmjs.org/react/-/react-17.0.2.tgz"
   integrity sha512-gnhPt75i/dq/z3/6q/0asP78D0u592D5L1pd7M8P+dck6Fu/jJeL6iVVK23fptSUZj8Vjf++7wXA8UNclGQcbA==