From 190b9020902d37a8c2eec3c59d269e606d5ca2d8 Mon Sep 17 00:00:00 2001 From: lllllllillllllillll Date: Mon, 8 Jan 2024 13:29:06 -0800 Subject: [PATCH] Added rate limiter --- app.js | 31 ++++++++++++++++++++----------- controllers/dashboard.js | 1 - controllers/images.js | 23 ++++++++++++++++++----- package-lock.json | 15 +++++++++++++++ package.json | 1 + 5 files changed, 54 insertions(+), 17 deletions(-) diff --git a/app.js b/app.js index 69383a0..22477e6 100644 --- a/app.js +++ b/app.js @@ -5,6 +5,7 @@ import helmet from 'helmet'; import Docker from 'dockerode'; import cors from 'cors'; import { Readable } from 'stream'; +import { rateLimit } from 'express-rate-limit'; import { instrument } from '@socket.io/admin-ui' import { router } from './router/index.js'; import { createServer } from 'node:http'; @@ -23,7 +24,7 @@ let metricsInterval, cardsInterval, graphsInterval; let cardList = ''; const statsArray = {}; -// socket.io admin ui +// Socket.io admin ui export const io = new Server(server, { connectionStateRecovery: {}, cors: { @@ -48,8 +49,18 @@ const sessionMiddleware = session({ maxAge:3600000 * 8 // Session max age in milliseconds. 3600000 = 1 hour. } }); + +// Make session data available to socket.io io.engine.use(sessionMiddleware); +// Rate limiter +const limiter = rateLimit({ + windowMs: 5 * 60 * 1000, // 5 minutes + limit: 30, // Limit each IP to 30 requests per `window`. + standardHeaders: 'draft-7', + legacyHeaders: false, +}) + // Express middleware app.set('view engine', 'ejs'); app.use([ @@ -67,19 +78,17 @@ app.use([ server.listen(port, () => { async function init() { try { - await sequelize.authenticate(); - console.log('[Connected to DB]'); - } catch (error) { - console.log('[Could not connect to DB]', error); + await sequelize.authenticate().then(() => { console.log('[Connected to DB]') }); + } catch { + console.log('[Could not connect to DB]'); } try { - await sequelize.sync(); - console.log('[Models Synced]'); - hidden = await Container.findAll({ where: {visibility:false}}); - containerCards(); - } catch (error) { - console.log('[Could not Sync Models]', error); + await sequelize.sync().then(() => { console.log('[Models Synced]') }); + } catch { + console.log('[Could not Sync Models]', error); } + getHidden(); + containerCards(); console.log(`\nServer listening on http://localhost:${port}`); } init(); diff --git a/controllers/dashboard.js b/controllers/dashboard.js index 6ba90d6..6645ab6 100644 --- a/controllers/dashboard.js +++ b/controllers/dashboard.js @@ -2,7 +2,6 @@ export const Dashboard = (req, res) => { - res.render("dashboard", { name: req.session.user, role: req.session.role, diff --git a/controllers/images.js b/controllers/images.js index 8b6c242..494f141 100644 --- a/controllers/images.js +++ b/controllers/images.js @@ -1,13 +1,26 @@ import { docker } from '../app.js'; +import { dockerImages } from 'systeminformation'; export const Images = async function(req, res) { - const allImages = await docker.listImages({ all: true }); + const data1 = await dockerImages({ all: true }); - for (let i = 0; i < allImages.length; i++) { - console.log(`Image ${i}:`) - console.log(`repoTags: ${allImages[i].repoTags}`) - } + const data2 = await docker.listImages({ all: true }); + + // for ( i = 0; i < data.length; i++) { + // console.log(`Image ${i}:`) + // console.log(`repoTags: ${data[i].repoTags}`) + // } + + console.log(`data1: ${data1}`); + + console.log(`data2: ${data2}`); + + + // for (let i = 0; i < allImages.length; i++) { + // console.log(`Image ${i}:`) + // console.log(`repoTags: ${allImages[i].repoTags}`) + // } res.render("images", { name: req.session.user, diff --git a/package-lock.json b/package-lock.json index 228d68c..0a5b78b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -19,6 +19,7 @@ "dockerode": "^4.0.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-rate-limit": "^7.1.5", "express-session": "^1.17.3", "helmet": "^7.1.0", "mocha": "^10.2.0", @@ -1883,6 +1884,20 @@ "node": ">= 0.10.0" } }, + "node_modules/express-rate-limit": { + "version": "7.1.5", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.1.5.tgz", + "integrity": "sha512-/iVogxu7ueadrepw1bS0X0kaRC/U0afwiYRSLg68Ts+p4Dc85Q5QKsOnPS/QUjPMHvOJQtBDrZgvkOzf8ejUYw==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://github.com/sponsors/express-rate-limit" + }, + "peerDependencies": { + "express": "4 || 5 || ^5.0.0-beta.1" + } + }, "node_modules/express-session": { "version": "1.17.3", "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", diff --git a/package.json b/package.json index 02bd1b1..5f4f1a6 100644 --- a/package.json +++ b/package.json @@ -21,6 +21,7 @@ "dockerode": "^4.0.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-rate-limit": "^7.1.5", "express-session": "^1.17.3", "helmet": "^7.1.0", "mocha": "^10.2.0",