From 218604aa56e6fe1250bbd52ef204c9c0b51e0b0e Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 23 Jan 2025 22:43:54 -0600
Subject: [PATCH] Move ratelimitMiddleware below metricsMiddleware, try adding
 a stricter ratelimit

---
 src/app.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/app.ts b/src/app.ts
index 9ef0f70b..393cd995 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -178,7 +178,6 @@ const publicFiles = serveStatic({ root: './public/' });
 const staticFiles = serveStatic({ root: './static/' });
 
 app.use('*', cacheControlMiddleware({ noStore: true }));
-app.use('*', rateLimitMiddleware(300, Time.minutes(5), false));
 
 app.use('/api/*', metricsMiddleware, paginationMiddleware, logger(debug));
 app.use('/.well-known/*', metricsMiddleware, logger(debug));
@@ -188,6 +187,12 @@ app.use('/oauth/*', metricsMiddleware, logger(debug));
 app.get('/api/v1/streaming', metricsMiddleware, streamingController);
 app.get('/relay', metricsMiddleware, relayController);
 
+app.use(
+  '*',
+  rateLimitMiddleware(30, Time.seconds(5), false),
+  rateLimitMiddleware(300, Time.minutes(5), false),
+);
+
 app.use(
   '*',
   cspMiddleware(),