Added panic mode protections to make the server more secure

2025-08-22 18:54:10 -04:00
parent 5067913c21
commit 5dfc710ae9
7 changed files with 430 additions and 247 deletions
--- a/internal/api/ratelimit.go
+++ b/internal/api/ratelimit.go
@@ -0,0 +1,78 @@
+package api
+
+import (
+	"net"
+	"net/http"
+	"sync"
+	"time"
+)
+
+type rateLimiter struct {
+	mu     sync.Mutex
+	bk     map[string]*bucket
+	rate   float64 // tokens per second
+	burst  float64
+	window time.Duration
+}
+
+type bucket struct {
+	tokens float64
+	last   time.Time
+}
+
+func newRateLimiter(rps float64, burst int, window time.Duration) *rateLimiter {
+	return &rateLimiter{
+		bk:     make(map[string]*bucket),
+		rate:   rps,
+		burst:  float64(burst),
+		window: window,
+	}
+}
+
+func (rl *rateLimiter) allow(key string) bool {
+	now := time.Now()
+	rl.mu.Lock()
+	defer rl.mu.Unlock()
+
+	b := rl.bk[key]
+	if b == nil {
+		b = &bucket{tokens: rl.burst, last: now}
+		rl.bk[key] = b
+	}
+	// refill
+	elapsed := now.Sub(b.last).Seconds()
+	b.tokens = min(rl.burst, b.tokens+elapsed*rl.rate)
+	b.last = now
+
+	if b.tokens < 1.0 {
+		return false
+	}
+	b.tokens -= 1.0
+
+	// occasional cleanup
+	for k, v := range rl.bk {
+		if now.Sub(v.last) > rl.window {
+			delete(rl.bk, k)
+		}
+	}
+	return true
+}
+
+func min(a, b float64) float64 {
+	if a < b {
+		return a
+	}
+	return b
+}
+
+func clientIP(r *http.Request) string {
+	// Prefer Cloudflare’s header if present; fall back to RemoteAddr.
+	if ip := r.Header.Get("CF-Connecting-IP"); ip != "" {
+		return ip
+	}
+	host, _, err := net.SplitHostPort(r.RemoteAddr)
+	if err != nil {
+		return r.RemoteAddr
+	}
+	return host
+}