wisecolt/q-buffer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(api): rate limiting sistemini basitleştir ve sadece login endpoint'inde tut

Browse Source 
Merkezi rate limiting middleware dosyasını kaldırıp rate limiting'i sadece
login endpoint'ine özel hale getirildi. Diğer API endpoint'lerindeki rate
limiting kısıtlamaları (loop, timer, torrent) kaldırıldı. Login rate limiter
artık auth.routes.ts dosyasında inline olarak tanımlanıyor.
This commit is contained in:
wisecolt
2026-01-05 19:43:41 +03:00
parent 377971411a
commit 9f3b2cbb24
5 changed files with 24 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
apps/server/src/torrent/torrent.routes.ts
View File

@@ -7,22 +7,14 @@ import { getArchiveStatus, setArchiveStatus } from "./torrent.archive";
import { nowIso } from "../utils/time";
import { appendAuditLog, logger } from "../utils/logger";
import { config } from "../config";
import { apiLimiter, uploadLimiter } from "../middleware/rate-limiter";
const router = Router();
const upload = multer({ dest: "/tmp" });
// qBittorrent hash'leri 40 karakter hexadecimal (SHA-1)
const VALID_HASH_REGEX = /^[a-f0-9]{40}$/i;
function isValidHash(hash: string): boolean {
return VALID_HASH_REGEX.test(hash);
}
router.post("/select", apiLimiter, async (req, res) => {
router.post("/select", async (req, res) => {
const { hash } = req.body ?? {};
if (!hash || !isValidHash(hash)) {
return res.status(400).json({ error: "Geçersiz hash formatı" });
if (!hash) {
return res.status(400).json({ error: "Missing hash" });
}
const existing = await getArchiveStatus(hash);
if (existing?.status === "READY") {
@@ -44,10 +36,10 @@ router.post("/select", apiLimiter, async (req, res) => {
res.json({ ok: true, hash, archive: { status: "MISSING" } });
});
router.post("/archive/from-selected", apiLimiter, async (req, res) => {
router.post("/archive/from-selected", async (req, res) => {
const { hash } = req.body ?? {};
if (!hash || !isValidHash(hash)) {
return res.status(400).json({ error: "Geçersiz hash formatı" });
if (!hash) {
return res.status(400).json({ error: "Missing hash" });
}
const existing = await getArchiveStatus(hash);
if (existing?.status === "READY") {
@@ -67,10 +59,10 @@ router.post("/archive/from-selected", apiLimiter, async (req, res) => {
return res.status(400).json({ error: "Magnet export disabled; upload .torrent manually." });
});
router.post("/archive/upload", uploadLimiter, upload.single("file"), async (req, res) => {
router.post("/archive/upload", upload.single("file"), async (req, res) => {
const { hash } = req.body ?? {};
if (!hash || !req.file || !isValidHash(hash)) {
return res.status(400).json({ error: "Geçersiz hash formatı veya dosya eksik" });
if (!hash || !req.file) {
return res.status(400).json({ error: "Missing hash or file" });
}
const inputHash = String(hash).toLowerCase();
const buffer = await fs.readFile(req.file.path);
@@ -119,13 +111,9 @@ router.post("/archive/upload", uploadLimiter, upload.single("file"), async (req,
});
router.get("/archive/status/:hash", async (req, res) => {
const { hash } = req.params;
if (!isValidHash(hash)) {
return res.status(400).json({ error: "Geçersiz hash formatı" });
}
const status = await getArchiveStatus(hash);
const status = await getArchiveStatus(req.params.hash);
if (!status) {
return res.json({ hash, status: "MISSING" });
return res.json({ hash: req.params.hash, status: "MISSING" });
}
return res.json(status);
});