From 1cfa1075dbf0e534fae306f31998478a0fd515ca Mon Sep 17 00:00:00 2001
From: Stoodkev <quentin.correa@gmail.com>
Date: Tue, 17 Apr 2018 11:35:00 +0800
Subject: [PATCH] Add IP limit

---
 app.js            | 10 ++++++++++
 package-lock.json | 21 +++++++++++++++++++++
 package.json      |  1 +
 routes/routes.js  | 16 ++++++++++++++++
 4 files changed, 48 insertions(+)

diff --git a/app.js b/app.js
index 2994dec..a460151 100644
--- a/app.js
+++ b/app.js
@@ -3,7 +3,17 @@ var bodyParser = require("body-parser");
 var routes = require("./routes/routes.js");
 var app = express();
 require('dotenv').config();
+var RateLimit = require('express-rate-limit');
 
+app.enable('trust proxy'); // only if you're behind a reverse proxy (Heroku, Bluemix, AWS if you use an ELB, custom Nginx setup, etc)
+
+var limiter = new RateLimit({
+  windowMs: 60*1000, // 1 minute
+  max: 20, // limit each IP to 20 requests per windowMs
+  delayMs: 0 // disable delaying - full speed until the max limit is reached
+});
+//  apply to all requests
+app.use(limiter);
 
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: true }));
diff --git a/package-lock.json b/package-lock.json
index 77c32c9..534ce1c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -63,6 +63,11 @@
       "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz",
       "integrity": "sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg="
     },
+    "clone": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz",
+      "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4="
+    },
     "content-disposition": {
       "version": "0.5.2",
       "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.2.tgz",
@@ -101,6 +106,14 @@
         "ms": "2.0.0"
       }
     },
+    "defaults": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.3.tgz",
+      "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=",
+      "requires": {
+        "clone": "1.0.4"
+      }
+    },
     "depd": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
@@ -173,6 +186,14 @@
         "vary": "1.1.2"
       }
     },
+    "express-rate-limit": {
+      "version": "2.11.0",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-2.11.0.tgz",
+      "integrity": "sha512-KMZayDxj3Wr7zYuwTuDZj5hMW0nhnyJVBVCwMEVKwMdW6CkYh4vnfnUbRJYhKC0v6UuIbPerwKY0dqWmEzFjKA==",
+      "requires": {
+        "defaults": "1.0.3"
+      }
+    },
     "finalhandler": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz",
diff --git a/package.json b/package.json
index 4f198e2..4cdf108 100644
--- a/package.json
+++ b/package.json
@@ -7,6 +7,7 @@
     "body-parser": "^1.18.2",
     "dotenv": "^5.0.1",
     "express": "^4.16.3",
+    "express-rate-limit": "^2.11.0",
     "mssql": "^4.1.0"
   },
   "devDependencies": {},
diff --git a/routes/routes.js b/routes/routes.js
index 18251a0..8d8ca40 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -58,6 +58,22 @@ app.get("/api/get-witnesses-rank", function(req, res){
   sql.close();});
 });
 
+app.get("/api/get-incoming-witness-votes/:username", function(req, res){
+  console.log(config.config_api);
+  sql.connect(config.config_api).then(pool => {
+    console.log("connected");
+    return pool.request()
+    .input("username",req.params.username)
+    .query('Select Witnesses.name, rank\
+  from Witnesses (NOLOCK)\
+  LEFT JOIN (SELECT ROW_NUMBER() OVER (ORDER BY (SELECT votes) DESC) AS rank, * FROM Witnesses (NOLOCK) WHERE signing_key != \'STM1111111111111111111111111111111114T1Anm\') AS rankedTable ON Witnesses.name = rankedTable.name;')
+  }).then(result => {
+    res.status(200).send(result.recordsets[0]);
+    sql.close();
+  }).catch(error => {console.log(error);
+  sql.close();});
+});
+
 }
 
 module.exports = appRouter;