From 9e6fc2a243b617fe26fe8b31a57df3af746541f0 Mon Sep 17 00:00:00 2001 From: mkelvers Date: Wed, 6 May 2026 23:20:24 +0200 Subject: [PATCH] feat: integrate new rate limiter into server --- cmd/server/main.go | 9 +++++++++ internal/server/routes.go | 20 +++++++++----------- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/cmd/server/main.go b/cmd/server/main.go index d74d31a..8040d73 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -35,6 +35,14 @@ func main() { jikanClient := jikan.NewClient(queries) + authLimiter := server.NewAuthLimiter() + go func() { + for { + time.Sleep(time.Minute) + authLimiter.Cleanup(time.Now()) + } + }() + ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM) defer stop() @@ -45,6 +53,7 @@ func main() { SQLDB: dbConn, JikanClient: jikanClient, AuthService: auth.NewService(queries), + AuthLimiter: authLimiter, PlaybackProxySecret: playbackSecret(), } diff --git a/internal/server/routes.go b/internal/server/routes.go index bf83fb3..8092e0d 100644 --- a/internal/server/routes.go +++ b/internal/server/routes.go @@ -22,6 +22,7 @@ type Config struct { SQLDB *sql.DB JikanClient *jikan.Client AuthService *auth.Service + AuthLimiter *pkgmiddleware.Limiter PlaybackProxySecret string } @@ -42,6 +43,13 @@ func withMimeTypes(next http.Handler) http.Handler { }) } +func NewAuthLimiter() *pkgmiddleware.Limiter { + return pkgmiddleware.NewLimiter(pkgmiddleware.Config{ + MaxAttempts: 5, + Window: time.Minute, + }) +} + func NewRouter(cfg Config) http.Handler { mux := http.NewServeMux() @@ -115,22 +123,12 @@ func NewRouter(cfg Config) http.Handler { mux.HandleFunc("/api/watch/episode/", playbackHandler.HandleEpisodeData) mux.HandleFunc("/api/watch/thumbnails/", playbackHandler.HandleEpisodeThumbnails) - authLimiter := pkgmiddleware.NewLimiter(pkgmiddleware.Config{ - MaxAttempts: 5, - Window: time.Minute, - }) - go func() { - for range time.Tick(time.Minute) { - authLimiter.Cleanup(time.Now()) - } - }() - // Auth Endpoints mux.HandleFunc("/login", func(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodGet { authHandler.HandleLoginPage(w, r) } else { - authLimiter.AuthMiddleware(pkgmiddleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogin))).ServeHTTP(w, r) + cfg.AuthLimiter.AuthMiddleware(pkgmiddleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogin))).ServeHTTP(w, r) } }) mux.HandleFunc("/logout", authHandler.HandleLogout)