Rate limit on registration

2025-01-19 22:06:41 +01:00
parent 3f7205d73e
commit 27da845b11
2 changed files with 91 additions and 7 deletions
--- a/db/db.go
+++ b/db/db.go
@ -5,6 +5,8 @@ import (
 	"database/sql"
 	"encoding/hex"
 	"errors"
+	"fmt"
+	"sync"
 	"time"

 	_ "github.com/mattn/go-sqlite3"
@ -17,6 +19,64 @@ var (
 	ErrInvalidCredentials = errors.New("invalid username or password")
 )

+const (
+	maxRegistrationsPerIP = 3              // Maximum registrations allowed per IP
+	registrationWindow    = 24 * time.Hour // Time window for rate limiting
+)
+
+type registrationAttempt struct {
+	count    int
+	firstTry time.Time
+}
+
+var (
+	registrationAttempts = make(map[string]*registrationAttempt)
+	rateLimitMutex       sync.RWMutex
+)
+
+func CleanupOldAttempts() {
+	rateLimitMutex.Lock()
+	defer rateLimitMutex.Unlock()
+
+	now := time.Now()
+	for ip, attempt := range registrationAttempts {
+		if now.Sub(attempt.firstTry) > registrationWindow {
+			delete(registrationAttempts, ip)
+		}
+	}
+}
+
+func CheckRegistrationLimit(ip string) error {
+	rateLimitMutex.Lock()
+	defer rateLimitMutex.Unlock()
+
+	now := time.Now()
+	attempt, exists := registrationAttempts[ip]
+
+	if !exists {
+		registrationAttempts[ip] = &registrationAttempt{
+			count:    1,
+			firstTry: now,
+		}
+		return nil
+	}
+
+	// Reset if window has passed
+	if now.Sub(attempt.firstTry) > registrationWindow {
+		attempt.count = 1
+		attempt.firstTry = now
+		return nil
+	}
+
+	if attempt.count >= maxRegistrationsPerIP {
+		return fmt.Errorf("registration limit reached for this IP. Please try again in %v",
+			registrationWindow-now.Sub(attempt.firstTry))
+	}
+
+	attempt.count++
+	return nil
+}
+
 func InitDB(dbPath string) error {
 	var err error
 	db, err = sql.Open("sqlite3", dbPath)