mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
[chore] shuffle middleware to split rate limitting into client/s2s/fileserver, share gzip middleware globally (#1290)
Signed-off-by: kim <grufwub@gmail.com> Signed-off-by: kim <grufwub@gmail.com>
This commit is contained in:
kim
GitHub
@@ -22,6 +22,7 @@ import (
|
||||
"context"
|
||||
"net/url"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/activitypub/emoji"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/activitypub/users"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
@@ -37,20 +38,20 @@ type ActivityPub struct {
|
||||
isURIBlocked func(context.Context, *url.URL) (bool, db.Error)
|
||||
}
|
||||
|
||||
func (a *ActivityPub) Route(r router.Router) {
|
||||
func (a *ActivityPub) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
// create groupings for the 'emoji' and 'users' prefixes
|
||||
emojiGroup := r.AttachGroup("emoji")
|
||||
usersGroup := r.AttachGroup("users")
|
||||
|
||||
// instantiate + attach shared, non-global middlewares to both of these groups
|
||||
var (
|
||||
rateLimitMiddleware = middleware.RateLimit() // nolint:contextcheck
|
||||
signatureCheckMiddleware = middleware.SignatureCheck(a.isURIBlocked)
|
||||
gzipMiddleware = middleware.Gzip()
|
||||
cacheControlMiddleware = middleware.CacheControl("no-store")
|
||||
)
|
||||
emojiGroup.Use(rateLimitMiddleware, signatureCheckMiddleware, gzipMiddleware, cacheControlMiddleware)
|
||||
usersGroup.Use(rateLimitMiddleware, signatureCheckMiddleware, gzipMiddleware, cacheControlMiddleware)
|
||||
emojiGroup.Use(m...)
|
||||
usersGroup.Use(m...)
|
||||
emojiGroup.Use(signatureCheckMiddleware, cacheControlMiddleware)
|
||||
usersGroup.Use(signatureCheckMiddleware, cacheControlMiddleware)
|
||||
|
||||
a.emoji.Route(emojiGroup.Handle)
|
||||
a.users.Route(usersGroup.Handle)
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/auth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
@@ -36,20 +37,20 @@ type Auth struct {
|
||||
}
|
||||
|
||||
// Route attaches 'auth' and 'oauth' groups to the given router.
|
||||
func (a *Auth) Route(r router.Router) {
|
||||
func (a *Auth) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
// create groupings for the 'auth' and 'oauth' prefixes
|
||||
authGroup := r.AttachGroup("auth")
|
||||
oauthGroup := r.AttachGroup("oauth")
|
||||
|
||||
// instantiate + attach shared, non-global middlewares to both of these groups
|
||||
var (
|
||||
rateLimitMiddleware = middleware.RateLimit() // nolint:contextcheck
|
||||
gzipMiddleware = middleware.Gzip()
|
||||
cacheControlMiddleware = middleware.CacheControl("private", "max-age=120")
|
||||
sessionMiddleware = middleware.Session(a.sessionName, a.routerSession.Auth, a.routerSession.Crypt)
|
||||
)
|
||||
authGroup.Use(rateLimitMiddleware, gzipMiddleware, cacheControlMiddleware, sessionMiddleware)
|
||||
oauthGroup.Use(rateLimitMiddleware, gzipMiddleware, cacheControlMiddleware, sessionMiddleware)
|
||||
authGroup.Use(m...)
|
||||
oauthGroup.Use(m...)
|
||||
authGroup.Use(cacheControlMiddleware, sessionMiddleware)
|
||||
oauthGroup.Use(cacheControlMiddleware, sessionMiddleware)
|
||||
|
||||
a.auth.RouteAuth(authGroup.Handle)
|
||||
a.auth.RouteOauth(oauthGroup.Handle)
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/accounts"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/admin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/apps"
|
||||
@@ -67,15 +68,14 @@ type Client struct {
|
||||
user *user.Module // api/v1/user
|
||||
}
|
||||
|
||||
func (c *Client) Route(r router.Router) {
|
||||
func (c *Client) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
// create a new group on the top level client 'api' prefix
|
||||
apiGroup := r.AttachGroup("api")
|
||||
|
||||
// attach non-global middlewares appropriate to the client api
|
||||
apiGroup.Use(m...)
|
||||
apiGroup.Use(
|
||||
middleware.TokenCheck(c.db, c.processor.OAuthValidateBearerToken),
|
||||
middleware.RateLimit(),
|
||||
middleware.Gzip(),
|
||||
middleware.CacheControl("no-store"), // never cache api responses
|
||||
)
|
||||
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/fileserver"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/middleware"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||
@@ -29,12 +30,12 @@ type Fileserver struct {
|
||||
fileserver *fileserver.Module
|
||||
}
|
||||
|
||||
func (f *Fileserver) Route(r router.Router) {
|
||||
func (f *Fileserver) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
fileserverGroup := r.AttachGroup("fileserver")
|
||||
|
||||
// attach middlewares appropriate for this group
|
||||
fileserverGroup.Use(m...)
|
||||
fileserverGroup.Use(
|
||||
middleware.RateLimit(),
|
||||
// Since we'll never host different files at the same
|
||||
// URL (bc the ULIDs are generated per piece of media),
|
||||
// it's sensible and safe to use a long cache here, so
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/nodeinfo"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/middleware"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||
@@ -29,15 +30,15 @@ type NodeInfo struct {
|
||||
nodeInfo *nodeinfo.Module
|
||||
}
|
||||
|
||||
func (w *NodeInfo) Route(r router.Router) {
|
||||
func (w *NodeInfo) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
// group nodeinfo endpoints together
|
||||
nodeInfoGroup := r.AttachGroup("nodeinfo")
|
||||
|
||||
// attach middlewares appropriate for this group
|
||||
nodeInfoGroup.Use(m...)
|
||||
nodeInfoGroup.Use(
|
||||
middleware.Gzip(),
|
||||
middleware.RateLimit(),
|
||||
middleware.CacheControl("public", "max-age=120"), // allow cache for 2 minutes
|
||||
// allow cache for 2 minutes
|
||||
middleware.CacheControl("public", "max-age=120"),
|
||||
)
|
||||
|
||||
w.nodeInfo.Route(nodeInfoGroup.Handle)
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/wellknown/nodeinfo"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/wellknown/webfinger"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/middleware"
|
||||
@@ -31,14 +32,13 @@ type WellKnown struct {
|
||||
webfinger *webfinger.Module
|
||||
}
|
||||
|
||||
func (w *WellKnown) Route(r router.Router) {
|
||||
func (w *WellKnown) Route(r router.Router, m ...gin.HandlerFunc) {
|
||||
// group .well-known endpoints together
|
||||
wellKnownGroup := r.AttachGroup(".well-known")
|
||||
|
||||
// attach middlewares appropriate for this group
|
||||
wellKnownGroup.Use(m...)
|
||||
wellKnownGroup.Use(
|
||||
middleware.Gzip(),
|
||||
middleware.RateLimit(),
|
||||
// allow .well-known responses to be cached for 2 minutes
|
||||
middleware.CacheControl("public", "max-age=120"),
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user