From 53e7e856c1e3ba0dccac1d9d664f363cfeb84dea Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 20 Jun 2024 16:20:18 -0500
Subject: [PATCH] streamingController: bail early if limited

---
 src/controllers/api/streaming.ts | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/controllers/api/streaming.ts b/src/controllers/api/streaming.ts
index b653ab2c..e3ead8c0 100644
--- a/src/controllers/api/streaming.ts
+++ b/src/controllers/api/streaming.ts
@@ -57,12 +57,19 @@ const streamingController: AppController = async (c) => {
     return c.json({ error: 'Invalid access token' }, 401);
   }
 
+  const ip = c.req.header('x-real-ip');
+  if (ip) {
+    const count = limiter.get(ip) ?? 0;
+    if (count > LIMITER_LIMIT) {
+      return c.json({ error: 'Rate limit exceeded' }, 429);
+    }
+  }
+
   const { socket, response } = Deno.upgradeWebSocket(c.req.raw, { protocol: token, idleTimeout: 30 });
 
   const store = await Storages.db();
   const pubsub = await Storages.pubsub();
 
-  const ip = c.req.header('x-real-ip');
   const policy = pubkey ? new MuteListPolicy(pubkey, await Storages.admin()) : undefined;
 
   function send(name: string, payload: object) {
@@ -139,6 +146,7 @@ const streamingController: AppController = async (c) => {
 
     if (typeof e.data !== 'string') {
       socket.close(1003, 'Invalid message');
+      return;
     }
   };