Temichelle13 patch 1 add rate limiting (#14)

temichelle13 · Jun 15, 2024 · 1b41c54 · 1b41c54
2 parents 6adfdf8 + de37286
commit 1b41c54
Showing 2 changed files with 56 additions and 54 deletions.
diff --git a/.github/workflows/appmap.yml b/.github/workflows/appmap.yml
@@ -1,16 +1,12 @@
-            - name: Install and configure AppMap
-  # You may pin to the exact commit or the version.
-  # uses: getappmap/install-action@9eac587c6d5361ce9c3594b2cadcc0be474965ab
-  uses: getappmap/install-action@v1
-  with:
+            -name: Install and configure AppMap
+            # You may pin to the exact commit or the version.
+uses: getappmap/install-action@e9eac587c6d5361ce9c3594b2cadcc0be474965ab
+with:
     # Command working directory.
     directory: # optional
     # appmap.yml configuration contents.
-    appmap-config: npm
-    # Type of project to be configured. Valid values include bundler, yarn, npm, gradle, maven, 
-pip, pipenv, and poetry. Consult https://appmap.io/docs/add-appmap-to-a-project.html for
-more information.
-
+    appmap-config: # optional
+    # Type of project to be configured. Valid values include bundler, yarn, npm, gradle, maven, pip, pipenv, and poetry. Consult https://appmap.io/docs/add-appmap-to-a-project.html for more information. 
     project-type: # optional
     # Build file to be configured, in case of ambiguity. This is an advanced option.
 
@@ -20,8 +16,7 @@ more information.
     installer-name: # optional
     # URL to the AppMap tools. By default, the latest version will be downloaded and installed.
     tools-url: # optional
-    # The GitHub token to use with the GitHub API to enumerate AppMap Tools releases.
-Most commonly, you'll use `secrets.GITHUB_TOKEN`, which is automatically provided by GitHub.
+    # The GitHub token to use with the GitHub API to enumerate AppMap Tools releases. Most commonly, you'll use `secrets.GITHUB_TOKEN`, which is automatically provided by GitHub.
 
     github-token: # optional, default is ${{ github.token }}
     # Add the .appmap directory to .gitignore, if it's not already present.
@@ -36,14 +31,11 @@ Most commonly, you'll use `secrets.GITHUB_TOKEN`, which is automatically provide
     # Create a patch file of changes made by the installer.
 
     build-patch-file: # optional, default is true
-    # Path specification to use when creating the patch file. If the patch file includes files that you don't want
-to commit, you can use this option to exclude them.
+    # Path specification to use when creating the patch file. If the patch file includes files that you don't want to commit, you can use this option to exclude them.
 
     diff-path-spec: # optional, default is . ':(exclude,top)vendor' ':(exclude,top)node_modules'
-    # Expected value of the appmap_dir in appmap.yml. If this input is provided, the action will verify that the
-configured appmap_dir matches the expected value. If the value does not match, the action will fail.
+    # Expected value of the appmap_dir in appmap.yml. If this input is provided, the action will verify that the configured appmap_dir matches the expected value. If the value does not match, the action will fail.
 
     expected-appmap-dir: # optional
     # Enable verbose logging.
     verbose: # optional
-
diff --git a/routes/taskRoutes.js b/routes/taskRoutes.js
@@ -1,37 +1,47 @@
-
-const express = require('express');
-const router = express.Router();
-const Task = require('../models/task'); // Adjust the path as per your project structure
-const mongoose = require('mongoose');
-
-// GET all tasks with pagination
-router.get('/', async (req, res) => {
-    try {
-        const { page = 1, limit = 10 } = req.query;
-        const tasks = await Task.find()
-                                .limit(limit * 1)
-                                .skip((page - 1) * limit)
-                                .exec();
-        res.json(tasks);
-    } catch (error) {
-        res.status(500).json({ message: error.message });
-    }
-});
-
-// GET a single task by ID with validation
-router.get('/:id', async (req, res) => {
-    if (!mongoose.Types.ObjectId.isValid(req.params.id)) {
-        return res.status(400).send('Invalid Task ID');
-    }
-    try {
-        const task = await Task.findById(req.params.id);
-        if (!task) {
-            return res.status(404).send('Task not found');
-        }
-        res.json(task);
-    } catch (error) {
-        res.status(500).json({ message: error.message });
-    }
-});
-
-module.exports = router;
+const express = require("express");
+const router = express.Router();
+const Task = require("../models/task"); // Adjust the path as per your project structure
+const mongoose = require("mongoose");
+const rateLimit = require("express-rate-limit");
+
+// Define rate limit for all routes
+const limiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 100, // Limit each IP to 100 requests per windowMs
+  message: "Too many requests from this IP, please try again after 15 minutes",
+});
+
+// Apply the rate limit to all routes
+router.use(limiter);
+
+// GET all tasks with pagination
+router.get("/", async (req, res) => {
+  try {
+    const { page = 1, limit = 10 } = req.query;
+    const tasks = await Task.find()
+      .limit(limit * 1)
+      .skip((page - 1) * limit)
+      .exec();
+    res.json(tasks);
+  } catch (error) {
+    res.status(500).json({ message: error.message });
+  }
+});
+
+// GET a single task by ID with validation
+router.get("/:id", async (req, res) => {
+  if (!mongoose.Types.ObjectId.isValid(req.params.id)) {
+    return res.status(400).send("Invalid Task ID");
+  }
+  try {
+    const task = await Task.findById(req.params.id);
+    if (!task) {
+      return res.status(404).send("Task not found");
+    }
+    res.json(task);
+  } catch (error) {
+    res.status(500).json({ message: error.message });
+  }
+});
+
+module.exports = router;