mrpiglr/AeThex-OS
1
0
Fork 0
mirror of https://github.com/AeThex-Corporation/AeThex-OS.git synced 2026-04-25 09:27:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow all users to access the AI chatbot with rate limiting

Browse source 
Remove authentication requirement for the chat API endpoint and implement IP-based rate limiting for unauthenticated users and user-ID-based rate limiting for authenticated users.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 279f1558-c0e3-40e4-8217-be7e9f4c6eca
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: baef9c90-1ad1-43d5-b97c-28a2c13b46dd
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/b984cb14-1d19-4944-922b-bc79e821ed35/279f1558-c0e3-40e4-8217-be7e9f4c6eca/EL5FxMZ
Replit-Helium-Checkpoint-Created: true
This commit is contained in:
sirpiglr 2025-12-16 00:15:45 +00:00
parent 7547344fcb
commit d3948360c4
1 changed files with 9 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
server/routes.ts
View file

@ -297,32 +297,31 @@ export async function registerRoutes(
} }
}); });
// ========== CHATBOT API (Auth + Rate limited) ========== // ========== CHATBOT API (Rate limited) ==========
const chatRateLimits = new Map<string, { count: number; resetTime: number }>(); const chatRateLimits = new Map<string, { count: number; resetTime: number }>();
app.post("/api/chat", requireAuth, async (req, res) => { app.post("/api/chat", async (req, res) => {
try { try {
const userId = req.session?.userId; const userId = req.session?.userId;
if (!userId) { const clientIP = req.ip || req.socket.remoteAddress || 'unknown';
return res.status(401).json({ error: "Authentication required" }); const rateLimitKey = userId ? `user:${userId}` : `ip:${clientIP}`;
} const maxRequests = userId ? 30 : 10;
const userKey = String(userId);
const now = Date.now(); const now = Date.now();
const rateLimit = chatRateLimits.get(userKey); const rateLimit = chatRateLimits.get(rateLimitKey);
if (rateLimit) { if (rateLimit) {
if (now < rateLimit.resetTime) { if (now < rateLimit.resetTime) {
if (rateLimit.count >= 30) { if (rateLimit.count >= maxRequests) {
return res.status(429).json({ error: "Rate limit exceeded. Please wait before sending more messages." }); return res.status(429).json({ error: "Rate limit exceeded. Please wait before sending more messages." });
} }
rateLimit.count++; rateLimit.count++;
} else { } else {
chatRateLimits.set(userKey, { count: 1, resetTime: now + 60000 }); chatRateLimits.set(rateLimitKey, { count: 1, resetTime: now + 60000 });
} }
} else { } else {
chatRateLimits.set(userKey, { count: 1, resetTime: now + 60000 }); chatRateLimits.set(rateLimitKey, { count: 1, resetTime: now + 60000 });
} }
const { message, history } = req.body; const { message, history } = req.body;