btcpayserver/btcpayserver-plugin-builder
btcpayserver/btcpayserver-plugin-builder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ft/plugin_Stats
btcpayserver-plugin-builder/PluginBuilder/Controllers/Logic/AdminSettingsCache.cs
rollforsats c65b6ab1cc feat: add IP-based rate limiting (429) on public plugin endpoints 
Add fixed-window rate limiter to public plugin endpoints using ASP.NET
  Core's built-in RateLimiter middleware, keyed by client IP. Rate limit
  settings (permit limit, window seconds) are stored in the database and
  cached via AdminSettingsCache, with sensible defaults of 30 req/60s.
2026-03-07 17:45:31 -06:00

63 lines
2.3 KiB
C#
Raw Permalink Blame History

using Npgsql;
using PluginBuilder.Util.Extensions;
namespace PluginBuilder.Controllers.Logic;
public class AdminSettingsCache
{
public bool IsEmailVerificationRequiredForPublish { get; private set; }
public bool IsEmailVerificationRequiredForLogin { get; private set; }
public bool IsGithubVerificationRequired { get; private set; }
public bool IsNostrVerificationRequired { get; private set; }
public string[] NostrRelays { get; private set; } = Array.Empty<string>();
public int RateLimitPermitLimit { get; private set; } = 30;
public int RateLimitWindowSeconds { get; private set; } = 60;
public async Task RefreshIsVerifiedEmailRequiredForPublish(NpgsqlConnection conn)
{
IsEmailVerificationRequiredForPublish = await conn.GetVerifiedEmailForPluginPublishSetting();
}
public async Task RefreshIsVerifiedEmailRequiredForLogin(NpgsqlConnection conn)
{
IsEmailVerificationRequiredForLogin = await conn.GetVerifiedEmailForLoginSetting();
}
public async Task RefreshAllVerifiedEmailSettings(NpgsqlConnection conn)
{
await RefreshIsVerifiedEmailRequiredForPublish(conn);
await RefreshIsVerifiedEmailRequiredForLogin(conn);
}
public async Task RefreshAllAdminSettings(NpgsqlConnection conn)
{
await RefreshIsVerifiedEmailRequiredForPublish(conn);
await RefreshIsVerifiedEmailRequiredForLogin(conn);
await RefreshIsVerifiedGithubRequired(conn);
await RefreshNostrVerified(conn);
await RefreshNostrRelays(conn);
await RefreshRateLimitSettings(conn);
}
public async Task RefreshIsVerifiedGithubRequired(NpgsqlConnection conn)
{
IsGithubVerificationRequired = await conn.GetVerifiedGithubSetting();
}
public async Task RefreshNostrVerified(NpgsqlConnection conn)
{
IsNostrVerificationRequired = await conn.GetVerifiedNostrSetting();
}
public async Task RefreshNostrRelays(NpgsqlConnection conn)
{
NostrRelays = await conn.GetNostrRelaysSetting();
}
public async Task RefreshRateLimitSettings(NpgsqlConnection conn)
{
RateLimitPermitLimit = await conn.GetRateLimitPermitLimitSetting();
RateLimitWindowSeconds = await conn.GetRateLimitWindowSecondsSetting();
}
}
Reference in New Issue View Git Blame Copy Permalink