disables per-user IP limit by default

This commit is contained in:
nai-degen 2023-05-14 14:42:56 -05:00
parent 9ff7381f31
commit 3f46d132f7
2 changed files with 10 additions and 4 deletions

View File

@ -49,7 +49,11 @@ type Config = {
firebaseRtdbUrl?: string; firebaseRtdbUrl?: string;
/** Base64-encoded Firebase service account key if using the Firebase RTDB store. */ /** Base64-encoded Firebase service account key if using the Firebase RTDB store. */
firebaseKey?: string; firebaseKey?: string;
/** Maximum number of IPs per user, after which their token is disabled. */ /**
* Maximum number of IPs per user, after which their token is disabled.
* Users with the manually-assigned `special` role are exempt from this limit.
* By default, this is 0, meaning that users are not IP-limited.
*/
maxIpsPerUser: number; maxIpsPerUser: number;
/** Per-IP limit for requests per minute to OpenAI's completions endpoint. */ /** Per-IP limit for requests per minute to OpenAI's completions endpoint. */
modelRateLimit: number; modelRateLimit: number;
@ -102,7 +106,7 @@ export const config: Config = {
adminKey: getEnvWithDefault("ADMIN_KEY", ""), adminKey: getEnvWithDefault("ADMIN_KEY", ""),
gatekeeper: getEnvWithDefault("GATEKEEPER", "none"), gatekeeper: getEnvWithDefault("GATEKEEPER", "none"),
gatekeeperStore: getEnvWithDefault("GATEKEEPER_STORE", "memory"), gatekeeperStore: getEnvWithDefault("GATEKEEPER_STORE", "memory"),
maxIpsPerUser: getEnvWithDefault("MAX_IPS_PER_USER", 20), maxIpsPerUser: getEnvWithDefault("MAX_IPS_PER_USER", 0),
firebaseRtdbUrl: getEnvWithDefault("FIREBASE_RTDB_URL", undefined), firebaseRtdbUrl: getEnvWithDefault("FIREBASE_RTDB_URL", undefined),
firebaseKey: getEnvWithDefault("FIREBASE_KEY", undefined), firebaseKey: getEnvWithDefault("FIREBASE_KEY", undefined),
modelRateLimit: getEnvWithDefault("MODEL_RATE_LIMIT", 4), modelRateLimit: getEnvWithDefault("MODEL_RATE_LIMIT", 4),

View File

@ -136,7 +136,9 @@ export function authenticate(token: string, ip: string) {
if (!user.ip.includes(ip)) user.ip.push(ip); if (!user.ip.includes(ip)) user.ip.push(ip);
// If too many IPs are associated with the user, disable the account. // If too many IPs are associated with the user, disable the account.
if (user.ip.length > MAX_IPS_PER_USER && user.type !== "special") { const ipLimit =
user.type === "special" || !MAX_IPS_PER_USER ? Infinity : MAX_IPS_PER_USER;
if (user.ip.length > ipLimit) {
disableUser(token, "Too many IP addresses associated with this token."); disableUser(token, "Too many IP addresses associated with this token.");
return; return;
} }