-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[UI - Serveur] Ajoute des workers pour la classification #377
Conversation
export const jobs = () => { | ||
const router = express.Router(); | ||
|
||
router.post("/api/jobs/:jobId/stop", verifyUser, isAdmin, (req, res, next) => { |
Check failure
Code scanning / CodeQL
Missing rate limiting High
authorization
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 21 days ago
To fix the problem, we should introduce rate limiting to the Express application using the express-rate-limit
package. This will help prevent denial-of-service attacks by limiting the number of requests a client can make within a specified time window.
- Install the
express-rate-limit
package. - Import the
express-rate-limit
package in theserver/src/routes/jobs.routes.ts
file. - Set up a rate limiter with appropriate configuration (e.g., maximum of 100 requests per 15 minutes).
- Apply the rate limiter to the routes defined in the
jobs
function.
-
Copy modified line R2 -
Copy modified lines R13-R19
@@ -1,2 +1,3 @@ | ||
import express from "express"; | ||
import rateLimit from "express-rate-limit"; | ||
|
||
@@ -11,2 +12,9 @@ | ||
|
||
const limiter = rateLimit({ | ||
windowMs: 15 * 60 * 1000, // 15 minutes | ||
max: 100, // limit each IP to 100 requests per windowMs | ||
}); | ||
|
||
router.use(limiter); | ||
|
||
router.post("/api/jobs/:jobId/stop", verifyUser, isAdmin, (req, res, next) => { |
stopJob(req, res, next); | ||
}); | ||
|
||
router.post("/api/jobs/start", verifyUser, isAdmin, validator(startJobSchema), (req, res, next) => { |
Check failure
Code scanning / CodeQL
Missing rate limiting High
authorization
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 21 days ago
To fix the problem, we will introduce rate limiting middleware using the express-rate-limit
package. This middleware will limit the number of requests that can be made to the endpoints within a specified time window. We will configure the rate limiter to allow a maximum of 100 requests per 15 minutes for each IP address. This will help protect the application from denial-of-service attacks.
We will need to:
- Install the
express-rate-limit
package. - Import the
express-rate-limit
package in theserver/src/routes/jobs.routes.ts
file. - Configure the rate limiter and apply it to the router.
-
Copy modified line R2 -
Copy modified lines R12-R18
@@ -1,3 +1,3 @@ | ||
import express from "express"; | ||
|
||
import rateLimit from "express-rate-limit"; | ||
import { getAllJobs, getJob, startJob, stopJob } from "../controllers/jobs.controller"; | ||
@@ -11,2 +11,9 @@ | ||
|
||
const limiter = rateLimit({ | ||
windowMs: 15 * 60 * 1000, // 15 minutes | ||
max: 100, // limit each IP to 100 requests per windowMs | ||
}); | ||
|
||
router.use(limiter); | ||
|
||
router.post("/api/jobs/:jobId/stop", verifyUser, isAdmin, (req, res, next) => { |
startJob(req, res, next); | ||
}); | ||
|
||
router.get("/api/jobs", verifyUser, isAdmin, (req, res, next) => { |
Check failure
Code scanning / CodeQL
Missing rate limiting High
authorization
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 21 days ago
To fix the problem, we need to introduce rate limiting to the routes handling job operations. The best way to do this is by using the express-rate-limit
package, which allows us to easily set up and apply rate limiting middleware to our routes. We will configure a rate limiter to allow a maximum of 100 requests per 15 minutes and apply it to all the routes in the jobs
router.
-
Copy modified line R2 -
Copy modified lines R12-R18
@@ -1,3 +1,3 @@ | ||
import express from "express"; | ||
|
||
import rateLimit from "express-rate-limit"; | ||
import { getAllJobs, getJob, startJob, stopJob } from "../controllers/jobs.controller"; | ||
@@ -11,2 +11,9 @@ | ||
|
||
const limiter = rateLimit({ | ||
windowMs: 15 * 60 * 1000, // 15 minutes | ||
max: 100, // max 100 requests per windowMs | ||
}); | ||
|
||
router.use(limiter); | ||
|
||
router.post("/api/jobs/:jobId/stop", verifyUser, isAdmin, (req, res, next) => { |
getAllJobs(req, res, next); | ||
}); | ||
|
||
router.get("/api/jobs/:jobId", verifyUser, isAdmin, (req, res, next) => { |
Check failure
Code scanning / CodeQL
Missing rate limiting High
authorization
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 21 days ago
To fix the problem, we need to introduce rate limiting to the routes defined in the jobs
function. The best way to do this is by using the express-rate-limit
package, which allows us to easily set up rate limiting middleware. We will configure a rate limiter to allow a maximum of 100 requests per 15 minutes and apply it to all the routes in the jobs
function.
We need to:
- Install the
express-rate-limit
package. - Import the
express-rate-limit
package in the file. - Set up the rate limiter with the desired configuration.
- Apply the rate limiter to the router.
-
Copy modified line R2 -
Copy modified lines R12-R20
@@ -1,3 +1,3 @@ | ||
import express from "express"; | ||
|
||
import RateLimit from "express-rate-limit"; | ||
import { getAllJobs, getJob, startJob, stopJob } from "../controllers/jobs.controller"; | ||
@@ -11,2 +11,11 @@ | ||
|
||
// set up rate limiter: maximum of 100 requests per 15 minutes | ||
const limiter = RateLimit({ | ||
windowMs: 15 * 60 * 1000, // 15 minutes | ||
max: 100, // max 100 requests per windowMs | ||
}); | ||
|
||
// apply rate limiter to all requests | ||
router.use(limiter); | ||
|
||
router.post("/api/jobs/:jobId/stop", verifyUser, isAdmin, (req, res, next) => { |
🎉 This PR is included in version 0.18.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Cette PR permet de déclencher des jobs de classification depuis l'UI.