notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Apply strict rate limiting to /api/v1/apps endpoint

Browse source
This commit is contained in:
Laura Hausmann 2024-01-29 04:12:03 +01:00
parent cec4abd841
commit 61e8d7f640
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Iceshrimp.Backend/Controllers/Mastodon/MastodonAuthController.cs
View file

@ -15,8 +15,8 @@ namespace Iceshrimp.Backend.Controllers.Mastodon;
[Produces("application/json")]
[Route("/api/v1")]
public class MastodonAuthController(DatabaseContext db) : Controller {
[AuthenticateOauth]
[HttpGet("verify_credentials")]
[AuthenticateOauth]
[Produces("application/json")]
[ProducesResponseType(StatusCodes.Status200OK, Type = typeof(MastodonAuth.VerifyCredentialsResponse))]
[ProducesResponseType(StatusCodes.Status401Unauthorized, Type = typeof(MastodonErrorResponse))]
@ -33,6 +33,7 @@ public class MastodonAuthController(DatabaseContext db) : Controller {
}
[HttpPost("apps")]
[EnableRateLimiting("strict")]
[Consumes("application/json", "application/x-www-form-urlencoded", "multipart/form-data")]
[Produces("application/json")]
[ProducesResponseType(StatusCodes.Status200OK, Type = typeof(MastodonAuth.RegisterAppResponse))]