Spaces:

Ditzzy
/

api

Running

App Files Files Community

OhMyDitzzy commited on 26 days ago

Commit

1dbfa1e

1 Parent(s): 496dca4

feat: rate limit

Browse files

Files changed (4) hide show

src/lib/api-url.ts +2 -2
src/server/index.ts +27 -23
src/server/lib/stats-tracker.ts +54 -4
src/server/plugins/data.js +1 -1

src/lib/api-url.ts CHANGED Viewed

@@ -4,11 +4,11 @@ export function getBaseUrl(): string {
     /*if (window.location.hostname !== 'localhost' && window.location.hostname !== '127.0.0.1') {
       return process.env.DOMAIN_URL;
     }*/
-    return `${window.location.protocol}//${window.location.host}`;
   }
   return process.env.NODE_ENV === 'production'
-    ? `${window.location.protocol}//${window.location.host}`
     : 'http://localhost:5000';
 }

     /*if (window.location.hostname !== 'localhost' && window.location.hostname !== '127.0.0.1') {
       return process.env.DOMAIN_URL;
     }*/
+    return `${(window as any).location.protocol}//${(window as any).location.host}`;
   }
   return process.env.NODE_ENV === 'production'
+    ? `${(window as any).location.protocol}//${(window as any).location.host}`
     : 'http://localhost:5000';
 }

src/server/index.ts CHANGED Viewed

@@ -101,7 +101,7 @@ app.use((req, res, next) => {
   let capturedJsonResponse: Record<string, any> | undefined = undefined;
   const originalResJson = res.json;
-  res.json = function (bodyJson, ...args) {
     capturedJsonResponse = bodyJson;
     return originalResJson.apply(res, [bodyJson, ...args]);
   };
@@ -115,19 +115,23 @@ app.use((req, res, next) => {
       }
       log(logLine);
       const excludedPaths = [
         '/api/plugins',
-        '/api/stats',
         '/api/categories',
         '/docs'
       ];
       const isPluginEndpoint = !excludedPaths.some(excluded => path.startsWith(excluded));
       if (isPluginEndpoint) {
         const clientIp = req.ip || req.socket.remoteAddress || "unknown";
-        getStatsTracker().trackRequest(path, res.statusCode, clientIp);
       }
     }
   });
@@ -138,14 +142,14 @@ app.use((req, res, next) => {
 (async () => {
   initStatsTracker();
   log("Stats tracker initialized");
   const pluginsDir = join(process.cwd(), "src/server/plugins");
   const pluginLoader = initPluginLoader(pluginsDir);
   const isDev = process.env.NODE_ENV === "development";
   await pluginLoader.loadPlugins(app, isDev);
-  app.get("/api/plugins", (req, res) => {
     const metadata = getPluginLoader().getPluginMetadata();
     res.json({
       success: true,
@@ -157,10 +161,10 @@ app.use((req, res, next) => {
   app.get("/api/plugins/category/:category", (req, res) => {
     const { category } = req.params;
     const allPlugins = getPluginLoader().getPluginMetadata();
-    const filtered = allPlugins.filter(p =>
       p.category.includes(category)
     );
     res.json({
       success: true,
       category,
@@ -168,11 +172,11 @@ app.use((req, res, next) => {
       plugins: filtered,
     });
   });
-  app.get("/api/stats", (req, res) => {
     const globalStats = getStatsTracker().getGlobalStats();
     const topEndpoints = getStatsTracker().getTopEndpoints(5);
     res.json({
       success: true,
       stats: {
@@ -181,17 +185,17 @@ app.use((req, res, next) => {
       },
     });
   });
-  app.get("/api/stats/visitors", (req, res) => {
     const chartData = getStatsTracker().getVisitorChartData();
     res.json({
       success: true,
       data: chartData,
     });
   });
-  app.get("/api/categories", (req, res) => {
     const allPlugins = getPluginLoader().getPluginMetadata();
     const categoriesMap = new Map<string, number>();
@@ -210,7 +214,7 @@ app.use((req, res, next) => {
       success: true,
       categories,
     });
-  });
   app.use((err: any, _req: Request, res: Response, _next: NextFunction) => {
     const status = err.status || err.statusCode || 500;
@@ -226,7 +230,7 @@ app.use((req, res, next) => {
     const { setupVite } = await import("./vite");
     await setupVite(httpServer, app);
   }
   app.use((req: Request, res: Response, next: NextFunction) => {
     if (req.path.startsWith("/api")) {
       return res.status(404).json({
@@ -248,7 +252,7 @@ app.use((req, res, next) => {
       log(`serving on port ${port}`);
     },
   );
   process.on('uncaughtException', (error: Error) => {
     log(`Uncaught Exception: ${error.message}`, 'error');
     console.error(error.stack);
@@ -258,4 +262,4 @@ app.use((req, res, next) => {
     log(`Unhandled Rejection at: ${promise}, reason: ${reason}`, 'error');
     console.error(reason);
   });
-})();

   let capturedJsonResponse: Record<string, any> | undefined = undefined;
   const originalResJson = res.json;
+  res.json = function(bodyJson, ...args) {
     capturedJsonResponse = bodyJson;
     return originalResJson.apply(res, [bodyJson, ...args]);
   };
       }
       log(logLine);
       const excludedPaths = [
         '/api/plugins',
+        '/api/stats',
         '/api/categories',
         '/docs'
       ];
       const isPluginEndpoint = !excludedPaths.some(excluded => path.startsWith(excluded));
       if (isPluginEndpoint) {
         const clientIp = req.ip || req.socket.remoteAddress || "unknown";
+        const tracked = getStatsTracker().trackRequest(path, res.statusCode, clientIp);
+        if (!tracked) {
+          log(`Failed request from ${clientIp} not tracked (limit exceeded)`, "stats");
+        }
       }
     }
   });
 (async () => {
   initStatsTracker();
   log("Stats tracker initialized");
   const pluginsDir = join(process.cwd(), "src/server/plugins");
   const pluginLoader = initPluginLoader(pluginsDir);
   const isDev = process.env.NODE_ENV === "development";
   await pluginLoader.loadPlugins(app, isDev);
+  app.get("/api/plugins", (_req, res) => {
     const metadata = getPluginLoader().getPluginMetadata();
     res.json({
       success: true,
   app.get("/api/plugins/category/:category", (req, res) => {
     const { category } = req.params;
     const allPlugins = getPluginLoader().getPluginMetadata();
+    const filtered = allPlugins.filter(p =>
       p.category.includes(category)
     );
     res.json({
       success: true,
       category,
       plugins: filtered,
     });
   });
+  app.get("/api/stats", (_req, res) => {
     const globalStats = getStatsTracker().getGlobalStats();
     const topEndpoints = getStatsTracker().getTopEndpoints(5);
     res.json({
       success: true,
       stats: {
       },
     });
   });
+  app.get("/api/stats/visitors", (_req, res) => {
     const chartData = getStatsTracker().getVisitorChartData();
     res.json({
       success: true,
       data: chartData,
     });
   });
+  app.get("/api/categories", (_req, res) => {
     const allPlugins = getPluginLoader().getPluginMetadata();
     const categoriesMap = new Map<string, number>();
       success: true,
       categories,
     });
+  });
   app.use((err: any, _req: Request, res: Response, _next: NextFunction) => {
     const status = err.status || err.statusCode || 500;
     const { setupVite } = await import("./vite");
     await setupVite(httpServer, app);
   }
   app.use((req: Request, res: Response, next: NextFunction) => {
     if (req.path.startsWith("/api")) {
       return res.status(404).json({
       log(`serving on port ${port}`);
     },
   );
   process.on('uncaughtException', (error: Error) => {
     log(`Uncaught Exception: ${error.message}`, 'error');
     console.error(error.stack);
     log(`Unhandled Rejection at: ${promise}, reason: ${reason}`, 'error');
     console.error(reason);
   });
+})();

src/server/lib/stats-tracker.ts CHANGED Viewed

@@ -10,6 +10,11 @@ interface VisitorData {
   count: number;
 }
 interface GlobalStats {
   totalRequests: number;
   totalSuccess: number;
@@ -22,6 +27,9 @@ interface GlobalStats {
 class StatsTracker {
   private stats: GlobalStats;
   constructor() {
     this.stats = {
@@ -33,13 +41,52 @@ class StatsTracker {
       startTime: Date.now(),
       visitorsByHour: new Map(),
     };
   }
-  trackRequest(endpoint: string, statusCode: number, clientIp: string) {
     this.stats.totalRequests++;
     this.stats.uniqueVisitors.add(clientIp);
-    const currentHour = Math.floor(Date.now() / (1000 * 60 * 60));
     if (!this.stats.visitorsByHour.has(currentHour)) {
       this.stats.visitorsByHour.set(currentHour, new Set());
     }
@@ -63,19 +110,21 @@ class StatsTracker {
         totalRequests: 0,
         successRequests: 0,
         failedRequests: 0,
-        lastAccessed: Date.now(),
       });
     }
     const endpointStats = this.stats.endpoints.get(endpoint)!;
     endpointStats.totalRequests++;
-    endpointStats.lastAccessed = Date.now();
     if (statusCode >= 200 && statusCode < 400) {
       endpointStats.successRequests++;
     } else {
       endpointStats.failedRequests++;
     }
   }
   getGlobalStats() {
@@ -149,6 +198,7 @@ class StatsTracker {
       startTime: Date.now(),
       visitorsByHour: new Map(),
     };
   }
 }

   count: number;
 }
+interface IPFailureTracking {
+  count: number;
+  resetTime: number;
+}
 interface GlobalStats {
   totalRequests: number;
   totalSuccess: number;
 class StatsTracker {
   private stats: GlobalStats;
+  private ipFailures: Map<string, IPFailureTracking>;
+  private readonly MAX_FAILS_PER_IP = 1;
+  private readonly FAIL_WINDOW_MS = 12 * 60 * 60 * 1000;
   constructor() {
     this.stats = {
       startTime: Date.now(),
       visitorsByHour: new Map(),
     };
+    this.ipFailures = new Map();
+    setInterval(() => {
+      const now = Date.now();
+      this.ipFailures.forEach((tracking, ip) => {
+        if (now > tracking.resetTime) {
+          this.ipFailures.delete(ip);
+        }
+      });
+    }, 5 * 60 * 1000);
   }
+  trackRequest(endpoint: string, statusCode: number, clientIp: string): boolean {
+    const now = Date.now();
+    const isFailed = statusCode >= 400;
+    if (isFailed) {
+      const ipTracking = this.ipFailures.get(clientIp);
+      if (!ipTracking) {
+        this.ipFailures.set(clientIp, {
+          count: 1,
+          resetTime: now + this.FAIL_WINDOW_MS,
+        });
+      } else {
+        if (now > ipTracking.resetTime) {
+          ipTracking.count = 1;
+          ipTracking.resetTime = now + this.FAIL_WINDOW_MS;
+        } else {
+          if (ipTracking.count >= this.MAX_FAILS_PER_IP) {
+            return false;
+          }
+          ipTracking.count++;
+        }
+      }
+    } else {
+      const ipTracking = this.ipFailures.get(clientIp);
+      if (ipTracking && ipTracking.count > 0) {
+        ipTracking.count--;
+      }
+    }
     this.stats.totalRequests++;
     this.stats.uniqueVisitors.add(clientIp);
+    const currentHour = Math.floor(now / (1000 * 60 * 60));
     if (!this.stats.visitorsByHour.has(currentHour)) {
       this.stats.visitorsByHour.set(currentHour, new Set());
     }
         totalRequests: 0,
         successRequests: 0,
         failedRequests: 0,
+        lastAccessed: now,
       });
     }
     const endpointStats = this.stats.endpoints.get(endpoint)!;
     endpointStats.totalRequests++;
+    endpointStats.lastAccessed = now;
     if (statusCode >= 200 && statusCode < 400) {
       endpointStats.successRequests++;
     } else {
       endpointStats.failedRequests++;
     }
+    return true;
   }
   getGlobalStats() {
       startTime: Date.now(),
       visitorsByHour: new Map(),
     };
+    this.ipFailures.clear();
   }
 }

src/server/plugins/data.js CHANGED Viewed

@@ -7,7 +7,7 @@ const handler = {
   exec: async (req, res) => {
     res.json({
       status: 200,
-      message: "Welcome to DitzzyAPI, Lets get started by visit our documentation on: https://ditzzy-api.hf.space/docs"
     })
   }
 }

   exec: async (req, res) => {
     res.json({
       status: 200,
+      message: "Welcome to DitzzyAPI, Lets get started by visit our documentation on: https://api.ditzzy.my.id/docs"
     })
   }
 }