Add Rate Limit

Author: BretRen

cmd/web/main.go

@@ -15,11 +15,9 @@ import (
 	"github.com/stripe/stripe-go/v84"
 )
 
-// TODO: 防止 /checkout/success 被滥用
 // TODO: 创建订阅集合迁移文件
 // TODO: 创建用户集合迁移文件
 // TODO: 用.env初始化SMTP和设置
-// TODO: 添加限速
 // TODO: 发送各种邮件
 
 const version string = "v1.0.0-alpha"
@@ -42,6 +40,8 @@ func main() {
 	// 版本
 	app.Logger().Info("Pdnode Website API " + version)
 
+	// 初始化
+
 	// loosely check if it was executed using "go run"
 	isGoRun := strings.HasPrefix(os.Args[0], os.TempDir())
 
@@ -53,6 +53,10 @@ func main() {
 
 	app.OnServe().BindFunc(func(se *core.ServeEvent) error {
 
+		settings := app.Settings()
+
+		config.InitRateLimitRule(settings)
+
 		se.Router.GET("/{path...}", apis.Static(os.DirFS("./web/build"), true))
 
 		// 调用订阅模块，把 app, se 和 cfg 传进去

config/rate_limits.go

@@ -0,0 +1,39 @@
+package config
+
+import "github.com/pocketbase/pocketbase/core"
+
+func InitRateLimitRule(settings *core.Settings) {
+	settings.RateLimits.Enabled = true
+	settings.RateLimits.Rules = []core.RateLimitRule{
+		{
+			Label:       "*:auth",
+			MaxRequests: 2,
+			Duration:    3,
+			Audience:    "",
+		},
+		{
+			Label:       "/api/",
+			MaxRequests: 300,
+			Duration:    10,
+			Audience:    "",
+		},
+		{
+			Label:       "/api/webhook/stripe",
+			MaxRequests: 500,
+			Duration:    5,
+			Audience:    "",
+		},
+		{
+			Label:       "/api/checkout/subscription",
+			MaxRequests: 5,
+			Duration:    10,
+			Audience:    "@auth",
+		},
+		{
+			Label:       "/api/checkout/subscription",
+			MaxRequests: 2,
+			Duration:    10,
+			Audience:    "@guest",
+		},
+	}
+}