♻️ Use internal interceptor, decorator

staart · Nov 17, 2020 · 58971f0 · 58971f0
1 parent 56455ac
commit 58971f0
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 67 deletions.
diff --git a/src/app.module.ts b/src/app.module.ts
@@ -7,9 +7,9 @@ import {
 import { ConfigModule } from '@nestjs/config';
 import { APP_GUARD, APP_INTERCEPTOR } from '@nestjs/core';
 import { ScheduleModule } from '@nestjs/schedule';
-import { RateLimiterInterceptor, RateLimiterModule } from 'nestjs-rate-limiter';
 import configuration from './config/configuration';
 import { AuditLogger } from './interceptors/audit-log.interceptor';
+import { RateLimitInterceptor } from './interceptors/rate-limit.interceptor';
 import { ApiLoggerMiddleware } from './middleware/api-logger.middleware';
 import { JsonBodyMiddleware } from './middleware/json-body.middleware';
 import { RawBodyMiddleware } from './middleware/raw-body.middleware';
@@ -53,10 +53,6 @@ import { TasksModule } from './providers/tasks/tasks.module';
     TasksModule,
     UsersModule,
     AuthModule,
-    RateLimiterModule.register({
-      points: 100,
-      duration: 60,
-    }),
     MailModule,
     SessionsModule,
     EmailsModule,
@@ -84,7 +80,7 @@ import { TasksModule } from './providers/tasks/tasks.module';
   providers: [
     {
       provide: APP_INTERCEPTOR,
-      useClass: RateLimiterInterceptor,
+      useClass: RateLimitInterceptor,
     },
     {
       provide: APP_GUARD,

diff --git a/src/interceptors/rate-limit.interceptor.ts b/src/interceptors/rate-limit.interceptor.ts
@@ -0,0 +1,24 @@
+import {
+  CallHandler,
+  ExecutionContext,
+  Injectable,
+  Logger,
+  NestInterceptor,
+} from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { Observable } from 'rxjs';
+import { STAART_AUDIT_LOG_DATA } from '../modules/audit-logs/audit-log.constants';
+
+@Injectable()
+export class RateLimitInterceptor implements NestInterceptor {
+  logger = new Logger(RateLimitInterceptor.name);
+
+  constructor(private readonly reflector: Reflector) {}
+
+  intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
+    let auditLog = this.reflector.get<string | string[]>(
+      STAART_AUDIT_LOG_DATA,
+      context.getHandler(),
+    );
+  }
+}
diff --git a/src/modules/auth/auth.controller.ts b/src/modules/auth/auth.controller.ts
@@ -1,6 +1,5 @@
 import { Body, Controller, Headers, Ip, Post } from '@nestjs/common';
 import { users } from '@prisma/client';
-import { RateLimit } from 'nestjs-rate-limiter';
 import { Expose } from '../../providers/prisma/prisma.interface';
 import {
   ForgotPasswordDto,
@@ -14,18 +13,15 @@ import {
 import { TokenResponse, TotpTokenResponse } from './auth.interface';
 import { AuthService } from './auth.service';
 import { Public } from './public.decorator';
+import { RateLimit } from './rate-limit.decorator';
 
 @Controller('auth')
 @Public()
 export class AuthController {
   constructor(private authService: AuthService) {}
 
   @Post('login')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to login again',
-  })
+  @RateLimit(10)
   async login(
     @Body() data: LoginDto,
     @Ip() ip: string,
@@ -41,11 +37,7 @@ export class AuthController {
   }
 
   @Post('register')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to create an account',
-  })
+  @RateLimit(10)
   async register(
     @Ip() ip: string,
     @Body() data: RegisterDto,
@@ -54,11 +46,7 @@ export class AuthController {
   }
 
   @Post('refresh')
-  @RateLimit({
-    points: 5,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to login again',
-  })
+  @RateLimit(5)
   async refresh(
     @Ip() ip: string,
     @Headers('User-Agent') userAgent: string,
@@ -68,21 +56,13 @@ export class AuthController {
   }
 
   @Post('logout')
-  @RateLimit({
-    points: 5,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to logout again',
-  })
+  @RateLimit(5)
   async logout(@Body('token') refreshToken: string): Promise<void> {
     return this.authService.logout(refreshToken);
   }
 
   @Post('approve-subnet')
-  @RateLimit({
-    points: 5,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to logout again',
-  })
+  @RateLimit(5)
   async approveSubnet(
     @Ip() ip: string,
     @Headers('User-Agent') userAgent: string,
@@ -92,11 +72,7 @@ export class AuthController {
   }
 
   @Post('resend-email-verification')
-  @RateLimit({
-    points: 1,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before requesting another email',
-  })
+  @RateLimit(10)
   async resendVerify(@Body() data: ResendEmailVerificationDto) {
     return this.authService.sendEmailVerification(data.email, true);
   }
@@ -111,21 +87,13 @@ export class AuthController {
   }
 
   @Post('forgot-password')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before resetting another password',
-  })
+  @RateLimit(10)
   async forgotPassword(@Body() data: ForgotPasswordDto) {
     return this.authService.requestPasswordReset(data.email);
   }
 
   @Post('reset-password')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before resetting another password',
-  })
+  @RateLimit(10)
   async resetPassword(
     @Ip() ip: string,
     @Headers('User-Agent') userAgent: string,
@@ -141,11 +109,7 @@ export class AuthController {
   }
 
   @Post('login/totp')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to login again',
-  })
+  @RateLimit(10)
   async totpLogin(
     @Body() data: TotpLoginDto,
     @Ip() ip: string,
@@ -155,11 +119,7 @@ export class AuthController {
   }
 
   @Post('login/token')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to login again',
-  })
+  @RateLimit(10)
   async emailTokenLoginPost(
     @Body('token') token: string,
     @Ip() ip: string,
@@ -169,11 +129,7 @@ export class AuthController {
   }
 
   @Post('merge-accounts')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to merge accounts again',
-  })
+  @RateLimit(10)
   async merge(@Body('token') token: string): Promise<{ success: true }> {
     return this.authService.mergeUsers(token);
   }

diff --git a/src/modules/auth/rate-limit.decorator.ts b/src/modules/auth/rate-limit.decorator.ts
@@ -0,0 +1,4 @@
+import { SetMetadata } from '@nestjs/common';
+
+export const RateLimit = (rateLimit: number) =>
+  SetMetadata('rateLimit', rateLimit);
diff --git a/src/modules/users/users.controller.ts b/src/modules/users/users.controller.ts
@@ -61,11 +61,7 @@ export class UserController {
 
   @Post(':userId/merge-request')
   @Scopes('user-{userId}:merge')
-  @RateLimit({
-    points: 10,
-    duration: 60,
-    errorMessage: 'Wait for 60 seconds before trying to merge again',
-  })
+  @RateLimit(10)
   async mergeRequest(
     @Param('userId', ParseIntPipe) id: number,
     @Body('email') email: string,