adminbruno
/
docuseal
mirror of https://github.com/docusealco/docuseal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add rate limit

Browse Source
pull/220/head^2
Pete Matsyburka 2 years ago
parent 265b668cb4
commit 749722a9df
4 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File

6
app/controllers/api/api_base_controller.rb
Unescape View File

@ -19,6 +19,12 @@ module Api
render json: { error: e.message }, status: :unprocessable_entity
end
rescue_from RateLimit::LimitApproached do |e|
Rollbar.error(e) if defined?(Rollbar)
render json: { error: 'Too many requests' }, status: :too_many_requests
end
if Rails.env.production?
rescue_from CanCan::AccessDenied do |e|
Rollbar.warning(e) if defined?(Rollbar)

6
app/controllers/application_controller.rb
Unescape View File

@ -22,6 +22,12 @@ class ApplicationController < ActionController::Base
redirect_to request.path
end
rescue_from RateLimit::LimitApproached do |e|
Rollbar.error(e) if defined?(Rollbar)
redirect_to request.referer, alert: 'Too many requests', status: :too_many_requests
end
if Rails.env.production?
rescue_from CanCan::AccessDenied do |e|
Rollbar.warning(e) if defined?(Rollbar)

2
app/controllers/send_submission_email_controller.rb
Unescape View File

@ -21,6 +21,8 @@ class SendSubmissionEmailController < ApplicationController
Submitter.find_by!(slug: params[:submitter_slug])
end
RateLimit.call("send-email-#{@submitter.id}", limit: 2, ttl: 5.minutes)
SubmitterMailer.documents_copy_email(@submitter, sig: true).deliver_later!
respond_to do |f|

19
lib/rate_limit.rb
Unescape View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
module RateLimit
LimitApproached = Class.new(StandardError)
STORE = ActiveSupport::Cache::MemoryStore.new
module_function
def call(key, limit:, ttl:, enabled: Docuseal.multitenant?)
return true unless enabled
value = STORE.increment(key, 1, expires_in: ttl)
raise LimitApproached if value > limit
true
end
end
Write Preview
Loading…
Cancel
Save