merge: simpler RateLimitService, might help with the leaks (!627)

View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/627 Approved-by: Julia <julia@insertdomain.name> Approved-by: Marie <github@yuugi.dev> Approved-by: Tess K <me@thvxl.se> Approved-by: fEmber <acomputerdog@gmail.com>
2024-09-23 16:51:39 +00:00 · 2024-09-23 16:51:39 +00:00 · 30c1c7c24d
commit 30c1c7c24d
parent 7c157408af 8a982c61c0
4 changed files with 36 additions and 79 deletions
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@ -120,9 +120,9 @@
 		"file-type": "19.3.0",
 		"fluent-ffmpeg": "2.1.3",
 		"form-data": "4.0.0",
-		"glob": "10.3.10",
+		"glob": "11.0.0",
 		"got": "14.4.2",
-		"happy-dom": "15.6.1",
+		"happy-dom": "15.7.4",
 		"hpagent": "1.2.0",
 		"htmlescape": "1.1.1",
 		"http-link-header": "1.1.3",
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@ -64,15 +64,6 @@ export class ApiCallService implements OnApplicationShutdown {
 		let statusCode = err.httpStatusCode;
 		if (err.httpStatusCode === 401) {
 			reply.header('WWW-Authenticate', 'Bearer realm="Misskey"');
-		} else if (err.kind === 'client') {
-			reply.header('WWW-Authenticate', `Bearer realm="Misskey", error="invalid_request", error_description="${err.message}"`);
-			statusCode = statusCode ?? 400;
-		} else if (err.kind === 'permission') {
-			// (ROLE_PERMISSION_DENIEDは関係ない)
-			if (err.code === 'PERMISSION_DENIED') {
-				reply.header('WWW-Authenticate', `Bearer realm="Misskey", error="insufficient_scope", error_description="${err.message}"`);
-			}
-			statusCode = statusCode ?? 403;
 		} else if (err.code === 'RATE_LIMIT_EXCEEDED') {
 			const info: unknown = err.info;
 			const unixEpochInSeconds = Date.now();
@ -83,6 +74,15 @@ export class ApiCallService implements OnApplicationShutdown {
 			} else {
 				this.logger.warn(`rate limit information has unexpected type ${typeof(err.info?.reset)}`);
 			}
+		} else if (err.kind === 'client') {
+			reply.header('WWW-Authenticate', `Bearer realm="Misskey", error="invalid_request", error_description="${err.message}"`);
+			statusCode = statusCode ?? 400;
+		} else if (err.kind === 'permission') {
+			// (ROLE_PERMISSION_DENIEDは関係ない)
+			if (err.code === 'PERMISSION_DENIED') {
+				reply.header('WWW-Authenticate', `Bearer realm="Misskey", error="insufficient_scope", error_description="${err.message}"`);
+			}
+			statusCode = statusCode ?? 403;
 		} else if (!statusCode) {
 			statusCode = 500;
 		}
--- a/packages/backend/src/server/api/RateLimiterService.ts
+++ b/packages/backend/src/server/api/RateLimiterService.ts
@ -32,18 +32,11 @@ export class RateLimiterService {

 	@bindThis
 	public limit(limitation: IEndpointMeta['limit'] & { key: NonNullable<string> }, actor: string, factor = 1) {
-		{
-			if (this.disabled) {
-				return Promise.resolve();
-			}
-
-			// those lines with the "wrong" brace style / indentation are
-			// done that way so that the *other* lines stay identical to
-			// Misskey, simplifying merges
+		return new Promise<void>((ok, reject) => {
+			if (this.disabled) ok();

 			// Short-term limit
-			// eslint-disable-next-line brace-style
-			const minP = () => { return new Promise<void>((ok, reject) => {
+			const minP = (): void => {
 				const minIntervalLimiter = new Limiter({
 					id: `${actor}:${limitation.key}:min`,
 					duration: limitation.minInterval! * factor,
@ -62,18 +55,16 @@ export class RateLimiterService {
 						return reject({ code: 'BRIEF_REQUEST_INTERVAL', info });
 					} else {
 						if (hasLongTermLimit) {
-							return maxP().then(ok, reject);
+							return maxP();
 						} else {
 							return ok();
 						}
 					}
 				});
-			// eslint-disable-next-line brace-style
-			}); };
+			};

 			// Long term limit
-			// eslint-disable-next-line brace-style
-			const maxP = () => { return new Promise<void>((ok, reject) => {
+			const maxP = (): void => {
 				const limiter = new Limiter({
 					id: `${actor}:${limitation.key}`,
 					duration: limitation.duration! * factor,
@ -94,8 +85,7 @@ export class RateLimiterService {
 						return ok();
 					}
 				});
-			// eslint-disable-next-line brace-style
-			}); };
+			};

 			const hasShortTermLimit = typeof limitation.minInterval === 'number';

@ -104,12 +94,12 @@ export class RateLimiterService {
 				typeof limitation.max === 'number';

 			if (hasShortTermLimit) {
-				return minP();
+				minP();
 			} else if (hasLongTermLimit) {
-				return maxP();
+				maxP();
 			} else {
-				return Promise.resolve();
+				ok();
 			}
-		}
+		});
 	}
 }