fix: update rate limiter usage and remove obsolete cleanup

This commit is contained in:
2026-05-06 23:19:19 +02:00
parent 03d9f4bd0d
commit 18d1de9152
2 changed files with 12 additions and 3 deletions

View File

@@ -17,7 +17,6 @@ import (
"mal/internal/db"
"mal/internal/server"
"mal/internal/worker"
"mal/pkg/middleware"
)
func main() {
@@ -86,5 +85,4 @@ func gracefulShutdown(srv *http.Server, ctx context.Context) {
if err := srv.Shutdown(shutdownCtx); err != nil {
log.Printf("server shutdown failed: %v", err)
}
middleware.StopCleanup()
}

View File

@@ -5,6 +5,7 @@ import (
"net/http"
"path/filepath"
"strings"
"time"
"mal/api/anime"
"mal/api/auth"
@@ -114,12 +115,22 @@ func NewRouter(cfg Config) http.Handler {
mux.HandleFunc("/api/watch/episode/", playbackHandler.HandleEpisodeData)
mux.HandleFunc("/api/watch/thumbnails/", playbackHandler.HandleEpisodeThumbnails)
authLimiter := pkgmiddleware.NewLimiter(pkgmiddleware.Config{
MaxAttempts: 5,
Window: time.Minute,
})
go func() {
for range time.Tick(time.Minute) {
authLimiter.Cleanup(time.Now())
}
}()
// Auth Endpoints
mux.HandleFunc("/login", func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodGet {
authHandler.HandleLoginPage(w, r)
} else {
pkgmiddleware.RateLimitAuth(pkgmiddleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogin))).ServeHTTP(w, r)
authLimiter.AuthMiddleware(pkgmiddleware.VerifyOrigin(http.HandlerFunc(authHandler.HandleLogin))).ServeHTTP(w, r)
}
})
mux.HandleFunc("/logout", authHandler.HandleLogout)