From 129336c16820a788325cad640fadb0ab5fb24ec6 Mon Sep 17 00:00:00 2001
From: Philipp Schmid <schmidp@schmidp.com>
Date: Wed, 5 Apr 2023 11:04:59 +0200
Subject: [PATCH] introduce rate limit variables

---
 server/src/index.ts | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/server/src/index.ts b/server/src/index.ts
index 514c3987..992a7dcc 100644
--- a/server/src/index.ts
+++ b/server/src/index.ts
@@ -67,15 +67,16 @@ export default class ChatServer {
         this.app.use(express.json({ limit: '1mb' }));
         this.app.use(compression());
 
-        if (process.env.DISABLE_RATE_LIMIT !== 'true') {
-            const { default: rateLimit } = await import('express-rate-limit'); // esm
-            const limiter = rateLimit({
-                windowMs: 15 * 60 * 1000, // 15 minutes
-                max: 100, // limit each IP to 100 requests per windowMs
-            });
-
-            this.app.use(limiter);
-        }
+        
+        const rateLimitWindowMs = process.env.RATE_LIMIT_WINDOW_MS ? parseInt(process.env.RATE_LIMIT_WINDOW_MS, 10) : 15 * 60 * 1000; // 15 minutes
+        const rateLimitMax = process.env.RATE_LIMIT_MAX ? parseInt(process.env.RATE_LIMIT_MAX, 10) : 100; // limit each IP to 100 requests per windowMs
+
+        const { default: rateLimit } = await import('express-rate-limit'); // esm
+        const limiter = rateLimit({
+            windowMs: rateLimitWindowMs,
+            max: rateLimitMax,
+        });
+        this.app.use(limiter);
 
         this.app.get('/chatapi/health', (req, res) => new HealthRequestHandler(this, req, res));
         this.app.get('/chatapi/session', (req, res) => new SessionRequestHandler(this, req, res));