3pp-mirror/rallly
1
0
Fork 0
mirror of https://github.com/lukevella/rallly.git synced 2025-06-12 23:51:51 +02:00
Code Issues Projects Releases Packages Wiki Activity

🔒️ Rate limit registration endpoint (#1153)

Browse source
This commit is contained in:
Luke Vella 2024-06-17 21:42:16 +01:00 committed by GitHub
parent 05d1e56805
commit 491af5c71b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 75 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
packages/backend/trpc/routers/auth.ts
View file

@ -1,4 +1,5 @@
import { prisma } from "@rallly/database";
import { TRPCError } from "@trpc/server";
import { z } from "zod";
import { createToken, decryptToken } from "../../session";
@ -23,6 +24,16 @@ export const auth = router({
| { ok: true; token: string }
| { ok: false; reason: "userAlreadyExists" | "emailNotAllowed" }
> => {
if (process.env.KV_REST_API_URL) {
const { success } = await ctx.ratelimit(ctx.user.id);
if (!success) {
throw new TRPCError({
code: "TOO_MANY_REQUESTS",
message: "Too many requests",
});
}
}
if (ctx.isEmailBlocked?.(input.email)) {
return { ok: false, reason: "emailNotAllowed" };
}
@ -50,10 +61,9 @@ export const auth = router({
await ctx.emailClient.sendTemplate("RegisterEmail", {
to: input.email,
subject: `${input.name}, please verify your email address`,
subject: "Please verify your email address",
props: {
code,
name: input.name,
},
});