summaryrefslogtreecommitdiff
path: root/internal/api
diff options
context:
space:
mode:
Diffstat (limited to 'internal/api')
-rw-r--r--internal/api/security/security.go14
1 files changed, 9 insertions, 5 deletions
diff --git a/internal/api/security/security.go b/internal/api/security/security.go
index f06862dd9..1dce111d3 100644
--- a/internal/api/security/security.go
+++ b/internal/api/security/security.go
@@ -23,6 +23,7 @@ import (
"time"
"github.com/superseriousbusiness/gotosocial/internal/api"
+ "github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/internal/router"
@@ -46,11 +47,14 @@ func New(db db.DB, server oauth.Server) api.ClientModule {
// Route attaches security middleware to the given router
func (m *Module) Route(s router.Router) error {
- s.AttachMiddleware(m.RateLimit(RateLimitOptions{
- // accept a maximum of 1000 requests in 5 minutes window
- Period: 5 * time.Minute,
- Limit: 1000,
- }))
+ // only enable rate limit middleware if configured
+ // advanced-rate-limit-requests is greater than 0
+ if rateLimitRequests := config.GetAdvancedRateLimitRequests(); rateLimitRequests > 0 {
+ s.AttachMiddleware(m.RateLimit(RateLimitOptions{
+ Period: 5 * time.Minute,
+ Limit: int64(rateLimitRequests),
+ }))
+ }
s.AttachMiddleware(m.SignatureCheck)
s.AttachMiddleware(m.FlocBlock)
s.AttachMiddleware(m.ExtraHeaders)
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-31 16:27:53 +0000