UNFR/proxy_tmdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Cache LRU sur entry endpoints (movie/tv/imdb/providers) + allowlist loopback du rate limit

Browse Source
This commit is contained in:
unfr
2026-05-10 01:14:33 +02:00
parent 8247544d1b
commit 92005a9cbe
4 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server.js
View File

@@ -4,7 +4,7 @@ import rateLimit from '@fastify/rate-limit';
import secureSession from '@fastify/secure-session';
import fastifyStatic from '@fastify/static';
import Fastify from 'fastify';
import { HOST, PORT, RATE_LIMIT_PER_SEC, ROOT, SESSION_SECRET } from './config.js';
import { HOST, PORT, RATE_LIMIT_ALLOWLIST, RATE_LIMIT_PER_SEC, ROOT, SESSION_SECRET } from './config.js';
import { startWatchers } from './lib/dataReload.js';
import { preloadMappings } from './lib/imdbMapping.js';
import { getRatings } from './lib/imdbRatings.js';
@@ -18,12 +18,15 @@ import searchRoutes from './routes/search.js';
const fastify = Fastify({ logger: true, trustProxy: true });
// Loopback always exempted (internal scripts on the same host). Extra IPs via
// RATE_LIMIT_ALLOWLIST env var. Public IPs still rate-limited at 50/s.
const RL_ALLOW = new Set(['127.0.0.1', '::1', '::ffff:127.0.0.1', ...RATE_LIMIT_ALLOWLIST]);
await fastify.register(rateLimit, {
max: RATE_LIMIT_PER_SEC,
timeWindow: '1 second',
// Skip rate limiting for /health and /metrics so monitoring is never throttled
skipOnError: true,
allowList: (req) => req.url === '/health' || req.url === '/metrics',
allowList: (req) => req.url === '/health' || req.url === '/metrics' || RL_ALLOW.has(req.ip),
});
await fastify.register(formbody);