Added baseline for ratelimits

2025-07-19 11:02:58 +00:00 · 2017-01-12 20:06:35 -05:00 · 2017-01-12 20:06:35 -05:00 · b39367c4b4
commit b39367c4b4
parent fc8b2459b1
4 changed files with 46 additions and 4 deletions
--- a/src/app.js
+++ b/src/app.js
@ -37,7 +37,7 @@ function generateNewRoom(req, res, id) {
  return res.redirect(`/${id}`);
 }

-app.get('/', (req, res) => generateNewRoom(req, res, 'lobby'));
+app.get('/', (req, res) => generateNewRoom(req, res, shortid.generate()));

 app.get('/:roomId', (req, res) => {
  const stripName = (name) => {
--- a/src/js/app.js
+++ b/src/js/app.js
@ -49,6 +49,12 @@ export default class App {
      this._chat.inputMessage.focus();
    });

+    this._socket.on('rated', () => {
+      this._chat.log('You are sending messages to fast, please slow down. Your last message was ignored.', {
+        error: true,
+      });
+    });
+
    // Whenever the server emits 'login', log the login message
    this._socket.on('user joined', (data) => {
      this._darkwire.connected = true;
--- a/src/room.js
+++ b/src/room.js
@ -8,6 +8,8 @@ class Room {
    this._id = id;
    this.numUsers = 0;
    this.users = [];
+    // Should probably abstract this to a new class
+    this.rateLimitQueue = [];

    EventEmitter.call(this);

@ -18,9 +20,19 @@ class Room {

      // when the client emits 'new message', this listens and executes
      socket.on('new message', (data) => {
+        const { username } = socket;
+        const isRateLimited = this.isRateLimited(username);
+
+        if (isRateLimited) {
+          return thisIO.emit('rated', {
+            username,
+            id: socket.user.id,
+          });
+        }
+
        // we tell the client to execute 'new message'
        socket.broadcast.emit('new message', {
-          username: socket.username,
+          username,
          id: socket.user.id,
          message: data.message,
          messageType: data.messageType,
@ -116,6 +128,32 @@ class Room {
    });
  }

+  isRateLimited(username) {
+    if (this.rateLimitQueue.indexOf(username) > -1) {
+      return true;
+    }
+
+    this.triggerRateLimitOn(username);
+    return false;
+  }
+
+  triggerRateLimitOn(username) {
+    this.addToRateQueue(username);
+    setTimeout(() => {
+      this.removeFromRateQueue(username);
+    }, 120);
+  }
+
+  addToRateQueue(username) {
+    this.rateLimitQueue.push(username);
+    return this;
+  }
+
+  removeFromRateQueue(username) {
+    this.rateLimitQueue = _.without(this.rateLimitQueue, username);
+    return this;
+  }
+
  sanitizeUsername(str) {
    return str.replace(/[^A-Za-z0-9]/g, '-');
  }
--- a/src/views/index.mustache
+++ b/src/views/index.mustache
@ -78,8 +78,6 @@
          <div class="modal-body">
            {{>partials/ip}}

-            <p>Public lobby: <a href="/lobby">/lobby</a></p>
-
            <p class="bold">WARNING: Darkwire does not mask IP addresses nor can verify the integrity of parties recieving messages. Proceed with caution and always confirm recipients before starting a chat session.</p>
            <p>Please also note that <strong>ALL CHATROOMS</strong> are public. Anyone can guess your room URL. If you need a more-private room, we recommend using a randomly generated room (+New Room button) and stay away from dictionary words.</p>