Merge branch '1094-relation-actions-rate-limiting' into 'develop'

[#1094] Rate-limited follow & unfollow actions.

Closes #1094

See merge request pleroma/pleroma!1436
This commit is contained in:
kaniini 2019-07-16 21:35:12 +00:00
commit 4ac269a2c3
3 changed files with 12 additions and 0 deletions

View file

@ -528,6 +528,8 @@
config :pleroma, :rate_limit, config :pleroma, :rate_limit,
search: [{1000, 10}, {1000, 30}], search: [{1000, 10}, {1000, 30}],
app_account_creation: {1_800_000, 25}, app_account_creation: {1_800_000, 25},
relations_actions: {10_000, 10},
relation_id_action: {60_000, 2},
statuses_actions: {10_000, 15}, statuses_actions: {10_000, 15},
status_id_action: {60_000, 3} status_id_action: {60_000, 3}

View file

@ -647,5 +647,7 @@ Supported rate limiters:
* `:search` for the search requests (account & status search etc.) * `:search` for the search requests (account & status search etc.)
* `:app_account_creation` for registering user accounts from the same IP address * `:app_account_creation` for registering user accounts from the same IP address
* `:relations_actions` for actions on relations with all users (follow, unfollow)
* `:relation_id_action` for actions on relation with a specific user (follow, unfollow)
* `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses * `:statuses_actions` for create / delete / fav / unfav / reblog / unreblog actions on any statuses
* `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user * `:status_id_action` for fav / unfav or reblog / unreblog actions on the same status by the same user

View file

@ -47,6 +47,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
require Logger require Logger
@rate_limited_relations_actions ~w(follow unfollow)a
@rate_limited_status_actions ~w(reblog_status unreblog_status fav_status unfav_status @rate_limited_status_actions ~w(reblog_status unreblog_status fav_status unfav_status
post_status delete_status)a post_status delete_status)a
@ -62,6 +64,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
when action in ~w(fav_status unfav_status)a when action in ~w(fav_status unfav_status)a
) )
plug(
RateLimiter,
{:relations_id_action, params: ["id", "uri"]} when action in @rate_limited_relations_actions
)
plug(RateLimiter, :relations_actions when action in @rate_limited_relations_actions)
plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions) plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)
plug(RateLimiter, :app_account_creation when action == :account_register) plug(RateLimiter, :app_account_creation when action == :account_register)
plug(RateLimiter, :search when action in [:search, :search2, :account_search]) plug(RateLimiter, :search when action in [:search, :search2, :account_search])