Skip to content

Commit

Permalink
fix(ratelimit): use ip hash instead of ip
Browse files Browse the repository at this point in the history
  • Loading branch information
@AmitMY
AmitMY committed Oct 21, 2024
1 parent fe0d732 commit b6867d1
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions functions/src/middlewares/unkey-ratelimit.middleware.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import * as httpErrors from 'http-errors';
import * as requestIp from 'request-ip';
import {NextFunction, Request, Response} from 'express';
import {defineString} from 'firebase-functions/params';
import {createHash} from 'crypto';

export function rateLimitHeaders(res: Response, ratelimitResponse: RatelimitResponse, duration?: Duration) {
res.setHeader('X-RateLimit-Limit', ratelimitResponse.limit.toString());
Expand All @@ -14,13 +15,15 @@ export function rateLimitHeaders(res: Response, ratelimitResponse: RatelimitResp
}

export function unkeyRatelimit(namespace: string, limit: number, duration: Duration) {
const unkeyRootKey = defineString('UNKEY_ROOT_KEY');
const unkeyRootKey = defineString('UNKEY_ROOT_KEY').value();

return async function (req: Request, res: Response, next: NextFunction) {
const identifier = requestIp.getClientIp(req) ?? 'unknown';
const rawIdentifier = requestIp.getClientIp(req) ?? 'unknown';
const saltedIdentifier = rawIdentifier + unkeyRootKey;
const identifier = createHash('sha256').update(saltedIdentifier).digest('hex');

const rateLimit = new Ratelimit({
rootKey: unkeyRootKey.value(),
rootKey: unkeyRootKey,
namespace,
limit,
duration,
Expand Down

0 comments on commit b6867d1

Please sign in to comment.