rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-06-05 21:59:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enable CSRF for public endpoints. Split users module. Add rate limiter.

Browse Source
This commit is contained in:
Cohee
2024-04-09 21:58:16 +03:00
parent 497f38111f
commit 411a8ef8a7
12 changed files with 596 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/express-common.js
View File

@@ -1,7 +1,28 @@
const express = require('express');
const ipaddr = require('ipaddr.js');
// Instantiate parser middleware here with application-level size limits
const jsonParser = express.json({ limit: '200mb' });
const urlencodedParser = express.urlencoded({ extended: true, limit: '200mb' });
module.exports = { jsonParser, urlencodedParser };
/**
* Gets the IP address of the client from the request object.
* @param {import('express'.Request)} req Request object
* @returns {string} IP address of the client
*/
function getIpFromRequest(req) {
let clientIp = req.connection.remoteAddress;
let ip = ipaddr.parse(clientIp);
// Check if the IP address is IPv4-mapped IPv6 address
if (ip.kind() === 'ipv6' && ip instanceof ipaddr.IPv6 && ip.isIPv4MappedAddress()) {
const ipv4 = ip.toIPv4Address().toString();
clientIp = ipv4;
} else {
clientIp = ip;
clientIp = clientIp.toString();
}
return clientIp;
}
module.exports = { jsonParser, urlencodedParser, getIpFromRequest };