request rate limiter

rfresh2 · rfresh2 · commit b4d0d2b81d61 · 2025-05-02T21:19:25.000-07:00
diff --git a/src/main/java/dev/zenith/web/WebAPIConfig.java b/src/main/java/dev/zenith/web/WebAPIConfig.java
@@ -6,4 +6,6 @@ public class WebAPIConfig {
     public boolean enabled = true;
     public int port = 8080;
     public String authToken = UUID.randomUUID().toString();
+    public boolean rateLimiter = true;
+    public int rateLimitRequestsPerMinute = 30;
 }
diff --git a/src/main/java/dev/zenith/web/WebServer.java b/src/main/java/dev/zenith/web/WebServer.java
@@ -8,9 +8,11 @@
 import dev.zenith.web.model.CommandRequest;
 import dev.zenith.web.model.CommandResponse;
 import io.javalin.Javalin;
+import io.javalin.http.util.NaiveRateLimit;
 import org.eclipse.jetty.util.thread.ExecutorThreadPool;
 
 import java.util.List;
+import java.util.concurrent.TimeUnit;
 
 import static dev.zenith.web.WebApiPlugin.LOG;
 import static dev.zenith.web.WebApiPlugin.PLUGIN_CONFIG;
@@ -66,6 +68,9 @@ private Javalin createServer() {
                 LOG.warn("Denied request from {}: {}", ctx.ip(), reason);
             })
             .post("/command", ctx -> {
+                if (PLUGIN_CONFIG.rateLimiter) {
+                    NaiveRateLimit.requestPerTimeUnit(ctx, PLUGIN_CONFIG.rateLimitRequestsPerMinute, TimeUnit.MINUTES);
+                }
                 var req = ctx.bodyAsClass(CommandRequest.class);
                 var command = req.command();
                 var context = CommandContext.create(command, WebAPICommandSource.INSTANCE);

Original file line number	Diff line number	Diff line change
`@@ -6,4 +6,6 @@ public class WebAPIConfig {`
`6`	`6`	`public boolean enabled = true;`
`7`	`7`	`public int port = 8080;`
`8`	`8`	`public String authToken = UUID.randomUUID().toString();`
	`9`	`+ public boolean rateLimiter = true;`
	`10`	`+ public int rateLimitRequestsPerMinute = 30;`
`9`	`11`	`}`