Add IP limit

app.js

@@ -3,7 +3,17 @@ var bodyParser = require("body-parser");
 var routes = require("./routes/routes.js");
 var app = express();
 require('dotenv').config();
+var RateLimit = require('express-rate-limit');
 
+app.enable('trust proxy'); // only if you're behind a reverse proxy (Heroku, Bluemix, AWS if you use an ELB, custom Nginx setup, etc)
+
+var limiter = new RateLimit({
+  windowMs: 60*1000, // 1 minute
+  max: 20, // limit each IP to 20 requests per windowMs
+  delayMs: 0 // disable delaying - full speed until the max limit is reached
+});
+//  apply to all requests
+app.use(limiter);
 
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: true }));

package.json

@@ -7,6 +7,7 @@
     "body-parser": "^1.18.2",
     "dotenv": "^5.0.1",
     "express": "^4.16.3",
+    "express-rate-limit": "^2.11.0",
     "mssql": "^4.1.0"
   },
   "devDependencies": {},

routes/routes.js

@@ -58,6 +58,22 @@ app.get("/api/get-witnesses-rank", function(req, res){
   sql.close();});
 });
 
+app.get("/api/get-incoming-witness-votes/:username", function(req, res){
+  console.log(config.config_api);
+  sql.connect(config.config_api).then(pool => {
+    console.log("connected");
+    return pool.request()
+    .input("username",req.params.username)
+    .query('Select Witnesses.name, rank\
+  from Witnesses (NOLOCK)\
+  LEFT JOIN (SELECT ROW_NUMBER() OVER (ORDER BY (SELECT votes) DESC) AS rank, * FROM Witnesses (NOLOCK) WHERE signing_key != \'STM1111111111111111111111111111111114T1Anm\') AS rankedTable ON Witnesses.name = rankedTable.name;')
+  }).then(result => {
+    res.status(200).send(result.recordsets[0]);
+    sql.close();
+  }).catch(error => {console.log(error);
+  sql.close();});
+});
+
 }
 
 module.exports = appRouter;