Merge pull request #2852 from gobitfly/NOBIDS/do-not-ratelimit-apidocs

(NOBIDS) do not ratelimit api-docs and internal api per default
gobitfly · Mar 13, 2024 · ff7e000 · ff7e000
2 parents d745f50 + 597df05
commit ff7e000
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/cmd/misc/main.go b/cmd/misc/main.go
@@ -415,6 +415,15 @@ func disableUserPerEmail() error {
 	if opts.Email == "" {
 		return errors.New("no email specified")
 	}
+
+	if utils.Config.Frontend.SessionSecret == "" {
+		return fmt.Errorf("session secret is empty, please provide a secure random string")
+	}
+
+	logrus.Infof("initializing session store: %v", utils.Config.RedisSessionStoreEndpoint)
+
+	utils.InitSessionStore(utils.Config.Frontend.SessionSecret)
+
 	user := struct {
 		ID    uint64 `db:"id"`
 		Email string `db:"email"`

diff --git a/ratelimit/ratelimit.go b/ratelimit/ratelimit.go
@@ -183,7 +183,7 @@ func (r *responseWriterDelegator) Status() int {
 }
 
 var DefaultRequestFilter = func(req *http.Request) bool {
-	if req.URL == nil || !strings.HasPrefix(req.URL.Path, "/api") {
+	if req.URL == nil || !strings.HasPrefix(req.URL.Path, "/api") || strings.HasPrefix(req.URL.Path, "/api/i/") || strings.HasPrefix(req.URL.Path, "/api/v1/docs/") || strings.HasPrefix(req.URL.Path, "/api/v2/docs/") {
 		return false
 	}
 	return true