2FAS/2fas-server
1
0
Fork 0
mirror of https://github.com/twofas/2fas-server.git synced 2024-12-12 12:09:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
d50c2a71ef
2fas-server/internal/common/security/middleware.go
in-void 15442b77ea update module name
2023-01-30 19:59:42 +01:00

36 lines
824 B
Go
Raw Blame History

package security
import (
"context"
"fmt"
"github.com/gin-gonic/gin"
"github.com/twofas/2fas-server/internal/common/logging"
"github.com/twofas/2fas-server/internal/common/rate_limit"
"time"
)
var apiBandwidthAbuseThreshold = 100
func IPAbuseAuditMiddleware(rateLimiter rate_limit.RateLimiter) gin.HandlerFunc {
return func(c *gin.Context) {
clientIp := c.ClientIP()
key := fmt.Sprintf("security.api.ip_bandwidth_audit.%s", clientIp)
rate := rate_limit.Rate{
TimeUnit: time.Minute,
Limit: apiBandwidthAbuseThreshold,
}
limitReached := rateLimiter.Test(context.Background(), key, rate)
if limitReached {
logging.WithFields(logging.Fields{
"type": "security",
"uri": c.Request.URL.String(),
"ip": c.ClientIP(),
}).Warning("API potentially abused by Client IP")
}
}
}
Reference in New Issue View Git Blame Copy Permalink