From 659d91a2c345f748dde02eaa32f2a8d27871bbdb Mon Sep 17 00:00:00 2001 From: Andrea Suisani Date: Wed, 23 Aug 2023 11:53:19 +0200 Subject: [PATCH] Add a temporary rate limit to /address views That view rendering could pretty resource consuming when the address we are looking for has a very long transaction history. I'm going to temporarely add a rate limit for that view that take into account the number of requests for a given time interval by the same IP address. Once pagination would be provided by Eletrum servers (eg Rostrum) for the used methods (eg get_history) we could use it to reduce the amount of load anda data involved and we will be able to remove the rate limit on the page. --- package.json | 1 + routes/baseActionsRouter.js | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 99ce19365..0b6248be9 100644 --- a/package.json +++ b/package.json @@ -37,6 +37,7 @@ "dotenv": "^8.2.0", "electrum-client": "github:janoside/electrum-client", "express": "^4.17.1", + "express-rate-limit": "^6.6.0", "express-session": "^1.17.1", "jstransformer-markdown-it": "^2.1.0", "lru-cache": "^5.1.1", diff --git a/routes/baseActionsRouter.js b/routes/baseActionsRouter.js index 4f538ac70..59e78f1b5 100644 --- a/routes/baseActionsRouter.js +++ b/routes/baseActionsRouter.js @@ -2,6 +2,7 @@ var debug = require("debug"); var debugLog = debug("bchexp:router"); var express = require('express'); +const rateLimit = require('express-rate-limit'); var csurf = require('csurf'); var router = express.Router(); var util = require('util'); @@ -979,7 +980,15 @@ router.get("/tx/:transactionId", function(req, res, next) { }); }); -router.get("/address/:address", async (req, res) => { +const addressLimiter = rateLimit({ + windowMs: 1 * 60 * 1000, + max: 1, + standardHeaders: true, + legacyHeaders: false, +}); + + +router.get("/address/:address", addressLimiter, async (req, res) => { var limit = config.site.addressTxPageSize; var offset = 0; var sort = "desc";