Skip to content

C
canifa_note
Commit d5c1706e authored by Steven's avatar Steven
Browse files
Options

chore: update api middlewares

parent 3a1f82ef
Hide whitespace changes
Inline Side-by-side
Showing with 16 additions and 9 deletions
server/server.go
View file @ d5c1706e
...@@ -67,17 +67,24 @@ func NewServer(ctx context.Context, profile *profile.Profile, store *store.Store ...@@ -67,17 +67,24 @@ func NewServer(ctx context.Context, profile *profile.Profile, store *store.Store
e.Use(middleware.CORS()) e.Use(middleware.CORS())
e.Use(middleware.SecureWithConfig(middleware.SecureConfig{ e.Use(middleware.TimeoutWithConfig(middleware.TimeoutConfig{
Skipper: defaultGetRequestSkipper, Timeout: 30 * time.Second,
XSSProtection: "1; mode=block",
ContentTypeNosniff: "nosniff",
XFrameOptions: "SAMEORIGIN",
HSTSPreloadEnabled: false,
})) }))
e.Use(middleware.TimeoutWithConfig(middleware.TimeoutConfig{ e.Use(middleware.RateLimiterWithConfig(middleware.RateLimiterConfig{
ErrorMessage: "Request timeout", Store: middleware.NewRateLimiterMemoryStoreWithConfig(
Timeout: 30 * time.Second, middleware.RateLimiterMemoryStoreConfig{Rate: 30, Burst: 60, ExpiresIn: 3 * time.Minute},
),
IdentifierExtractor: func(ctx echo.Context) (string, error) {
id := ctx.RealIP()
return id, nil
},
ErrorHandler: func(context echo.Context, err error) error {
return context.JSON(http.StatusForbidden, nil)
},
DenyHandler: func(context echo.Context, identifier string, err error) error {
return context.JSON(http.StatusTooManyRequests, nil)
},
})) }))
serverID, err := s.getSystemServerID(ctx) serverID, err := s.getSystemServerID(ctx)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment