diff --git a/tunnel-server/package.json b/tunnel-server/package.json index 1dd831db..dc375dc2 100644 --- a/tunnel-server/package.json +++ b/tunnel-server/package.json @@ -9,6 +9,7 @@ "license": "Apache-2.0", "dependencies": { "@fastify/cors": "^8.3.0", + "@fastify/rate-limit": "^9.1.0", "@fastify/request-context": "^5.0.0", "@sindresorhus/fnv1a": "^3.0.0", "content-type": "^1.0.5", diff --git a/tunnel-server/src/app/index.ts b/tunnel-server/src/app/index.ts index c46a5e1b..af02832d 100644 --- a/tunnel-server/src/app/index.ts +++ b/tunnel-server/src/app/index.ts @@ -1,5 +1,6 @@ import fastify, { FastifyServerFactory, RawServerDefault } from 'fastify' import { fastifyRequestContext } from '@fastify/request-context' +import { fastifyRateLimit } from '@fastify/rate-limit' import http from 'http' import { Logger } from 'pino' import { KeyObject } from 'crypto' @@ -78,6 +79,10 @@ export const createApp = async ({ app.setSerializerCompiler(serializerCompiler) app.withTypeProvider() await app.register(fastifyRequestContext) + await app.register(fastifyRateLimit, { + max: 100, + timeWindow: '1 minute', + }) app.get(HEALTZ_URL, { logLevel: 'warn' }, async () => 'OK') diff --git a/tunnel-server/yarn.lock b/tunnel-server/yarn.lock index ee2f13d8..a85af51b 100644 --- a/tunnel-server/yarn.lock +++ b/tunnel-server/yarn.lock @@ -543,6 +543,15 @@ dependencies: fast-json-stringify "^5.7.0" +"@fastify/rate-limit@^9.1.0": + version "9.1.0" + resolved "https://registry.npmjs.org/@fastify/rate-limit/-/rate-limit-9.1.0.tgz#c70f30e8be904c31986e09f262ba0f5ea1ef64b9" + integrity sha512-h5dZWCkuZXN0PxwqaFQLxeln8/LNwQwH9popywmDCFdKfgpi4b/HoMH1lluy6P+30CG9yzzpSpwTCIPNB9T1JA== + dependencies: + "@lukeed/ms" "^2.0.1" + fastify-plugin "^4.0.0" + toad-cache "^3.3.1" + "@fastify/request-context@^5.0.0": version "5.0.0" resolved "https://registry.yarnpkg.com/@fastify/request-context/-/request-context-5.0.0.tgz#f821c98ff5a930da9d26b2dce831420d86f5db14" @@ -833,6 +842,11 @@ "@jridgewell/resolve-uri" "^3.1.0" "@jridgewell/sourcemap-codec" "^1.4.14" +"@lukeed/ms@^2.0.1": + version "2.0.2" + resolved "https://registry.npmjs.org/@lukeed/ms/-/ms-2.0.2.tgz#07f09e59a74c52f4d88c6db5c1054e819538e2a8" + integrity sha512-9I2Zn6+NJLfaGoz9jN3lpwDgAYvfGeNYdbAIjJOqzs4Tpc+VU3Jqq4IofSUBKajiDS8k9fZIg18/z13mpk1bsA== + "@nodelib/fs.scandir@2.1.5": version "2.1.5" resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" @@ -3738,6 +3752,11 @@ toad-cache@^3.3.0: resolved "https://registry.yarnpkg.com/toad-cache/-/toad-cache-3.3.0.tgz#5b7dc67b36bc8b960567eb77bdf9ac6c26f204a1" integrity sha512-3oDzcogWGHZdkwrHyvJVpPjA7oNzY6ENOV3PsWJY9XYPZ6INo94Yd47s5may1U+nleBPwDhrRiTPMIvKaa3MQg== +toad-cache@^3.3.1: + version "3.7.0" + resolved "https://registry.npmjs.org/toad-cache/-/toad-cache-3.7.0.tgz#b9b63304ea7c45ec34d91f1d2fa513517025c441" + integrity sha512-/m8M+2BJUpoJdgAHoG+baCwBT+tf2VraSfkBgl0Y00qIWt41DJ8R5B8nsEw0I58YwF5IZH6z24/2TobDKnqSWw== + touch@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/touch/-/touch-3.1.0.tgz#fe365f5f75ec9ed4e56825e0bb76d24ab74af83b"