From d7da8f133146de4fba1db13bfbc63242c917f817 Mon Sep 17 00:00:00 2001 From: Arda Serdar Pektezol <1669855+pektezol@users.noreply.github.com> Date: Thu, 31 Oct 2024 22:37:31 +0300 Subject: backend: add rate limiting --- backend/api/routes.go | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'backend/api/routes.go') diff --git a/backend/api/routes.go b/backend/api/routes.go index ecfb54b..c3124f9 100644 --- a/backend/api/routes.go +++ b/backend/api/routes.go @@ -18,29 +18,29 @@ func InitRoutes(router *gin.Engine) { c.File("docs/index.html") }) // Tokens, login - v1.GET("/token", handlers.GetCookie) - v1.DELETE("/token", handlers.DeleteCookie) - v1.GET("/login", handlers.Login) + v1.GET("/token", RateLimit, handlers.GetCookie) + v1.DELETE("/token", RateLimit, handlers.DeleteCookie) + v1.GET("/login", RateLimit, handlers.Login) // Users, profiles - v1.GET("/profile", IsAuthenticated, handlers.Profile) + v1.GET("/profile", RateLimit, IsAuthenticated, handlers.Profile) v1.PUT("/profile", IsAuthenticated, handlers.UpdateCountryCode) v1.POST("/profile", IsAuthenticated, handlers.UpdateUser) v1.GET("/users/:userid", IsAuthenticated, handlers.FetchUser) // Maps // - Summary - v1.GET("/maps/:mapid/summary", handlers.FetchMapSummary) + v1.GET("/maps/:mapid/summary", RateLimit, handlers.FetchMapSummary) v1.POST("/maps/:mapid/summary", IsAuthenticated, handlers.CreateMapSummary) v1.PUT("/maps/:mapid/summary", IsAuthenticated, handlers.EditMapSummary) v1.DELETE("/maps/:mapid/summary", IsAuthenticated, handlers.DeleteMapSummary) v1.PUT("/maps/:mapid/image", IsAuthenticated, handlers.EditMapImage) // - Leaderboards - v1.GET("/maps/:mapid/leaderboards", handlers.FetchMapLeaderboards) + v1.GET("/maps/:mapid/leaderboards", RateLimit, handlers.FetchMapLeaderboards) v1.POST("/maps/:mapid/record", IsAuthenticated, handlers.CreateRecordWithDemo) v1.DELETE("/maps/:mapid/record/:recordid", IsAuthenticated, handlers.DeleteRecord) - v1.GET("/demos", handlers.DownloadDemoWithID) + v1.GET("/demos", RateLimit, handlers.DownloadDemoWithID) // - Discussions - v1.GET("/maps/:mapid/discussions", handlers.FetchMapDiscussions) - v1.GET("/maps/:mapid/discussions/:discussionid", handlers.FetchMapDiscussion) + v1.GET("/maps/:mapid/discussions", RateLimit, handlers.FetchMapDiscussions) + v1.GET("/maps/:mapid/discussions/:discussionid", RateLimit, handlers.FetchMapDiscussion) v1.POST("/maps/:mapid/discussions", IsAuthenticated, handlers.CreateMapDiscussion) v1.POST("/maps/:mapid/discussions/:discussionid", IsAuthenticated, handlers.CreateMapDiscussionComment) v1.PUT("/maps/:mapid/discussions/:discussionid", IsAuthenticated, handlers.EditMapDiscussion) @@ -50,12 +50,12 @@ func InitRoutes(router *gin.Engine) { v1.GET("/rankings/steam", handlers.RankingsSteam) v1.GET("/search", handlers.SearchWithQuery) // Games, chapters, maps - v1.GET("/games", handlers.FetchGames) - v1.GET("/games/:gameid", handlers.FetchChapters) - v1.GET("/chapters/:chapterid", handlers.FetchChapterMaps) - v1.GET("/games/:gameid/maps", handlers.FetchMaps) + v1.GET("/games", RateLimit, handlers.FetchGames) + v1.GET("/games/:gameid", RateLimit, handlers.FetchChapters) + v1.GET("/chapters/:chapterid", RateLimit, handlers.FetchChapterMaps) + v1.GET("/games/:gameid/maps", RateLimit, handlers.FetchMaps) // Logs - v1.GET("/logs/score", handlers.ScoreLogs) + v1.GET("/logs/score", RateLimit, handlers.ScoreLogs) // v1.GET("/logs/mod", IsAuthenticated, handlers.ModLogs) } } -- cgit v1.2.3