Issue 594 (#1727)

* chore: api rate limit increase Signed-off-by: Miles Zhang <[email protected]> * chore: configure dynamic cors Signed-off-by: Miles Zhang <[email protected]> --------- Signed-off-by: Miles Zhang <[email protected]>
nervosnetwork · Apr 2, 2024 · a13942d · a13942d
1 parent af45b85
commit a13942d
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 13 deletions.
diff --git a/.env.example b/.env.example
@@ -120,4 +120,7 @@ AUTH_ACCESS_EXPIRE=1296000
 SECRET_KEY_BASE=""
 
 # -------------------------------- Bitcoin segment --------------------------------
-BITCOIN_NODE_URL=""
+BITCOIN_NODE_URL=""
+
+# Dynamic CORS configuration
+PARTNER_DOMAINS="/localhost:\d*/"
diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb
@@ -17,14 +17,10 @@
 
 Rails.application.config.middleware.insert_before 0, Rack::Cors do
   allow do
-    origins "https://explorer.nervos.org",
-            "https://explorer-testnet.nervos.org",
-            "https://aggron.explorer.nervos.org",
-            "https://pudge.explorer.nervos.org",
-            "https://staging.explorer.nervos.org",
-            /\Ahttps:\/\/ckb-explorer-.*-magickbase.vercel.app\z/,
-            "http://localhost:3000",
-            (ENV["STAGING_DOMAIN"]).to_s
-    resource "*", headers: :any, methods: [:get, :post, :put, :head, :options]
+    origins ["https://explorer.nervos.org",
+             "https://pudge.explorer.nervos.org",
+             /\Ahttps:\/\/ckb-explorer-.*-magickbase.vercel.app\z/] +
+      ENV["PARTNER_DOMAINS"].to_s.split(",").map(&:strip).map { |x| x.start_with?("/") ? Regexp.new(x[1..-2]) : x }
+    resource "*", headers: :any, methods: %i[get post put head options]
   end
 end
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
@@ -23,8 +23,8 @@ class Rack::Attack
   # Throttle all requests by IP (60rpm)
   #
   # Key: "rack::attack:#{Time.now.to_i/:period}:req/ip:#{req.ip}"
-  throttle("req/ip", limit: 1500, period: 5.minutes) do |req|
-    req.env['HTTP_CF_CONNECTING_IP'] || req.ip # unless req.path.start_with?('/assets')
+  throttle("req/ip", limit: 3000, period: 5.minutes) do |req|
+    req.env["HTTP_CF_CONNECTING_IP"] || req.ip # unless req.path.start_with?('/assets')
   end
 
   ### Custom Throttle Response ###
@@ -49,7 +49,7 @@ class Rack::Attack
       headers = {
         "RateLimit-Limit" => match_data[:limit].to_s,
         "RateLimit-Remaining" => "0",
-        "RateLimit-Reset" => (now + (match_data[:period] - now % match_data[:period])).to_s
+        "RateLimit-Reset" => (now + (match_data[:period] - now % match_data[:period])).to_s,
       }
 
       [429, headers, ["Throttled\n"]]