Marbes/Luncher
6
2
Fork 0
Code Issues 22 Pull Requests Packages Projects Releases Wiki Activity

feat: uprava refresh menu hesel

Browse Source 
každý může udělat refresh, jen ne tak často, bypass mimo zdrojak
This commit is contained in:
Batmanisko
2026-03-05 21:50:17 +01:00
parent b6fdf1de98
commit 607bcd9bf5
2 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
server/src/routes/foodRoutes.ts
View File

@@ -191,13 +191,20 @@ router.post("/updateBuyer", async (req, res, next) => {
} catch (e: any) { next(e) }
});
// /api/food/refresh?type=week&heslo=docasnyheslo
// /api/food/refresh?type=week (přihlášený uživatel, nebo ?heslo=... pro bypass rate limitu)
export const refreshMetoda = async (req: Request, res: Response) => {
const { type, heslo } = req.query as { type?: string; heslo?: string };
if (heslo !== "docasnyheslo" && heslo !== "tohleheslopavelnesmizjistit123") {
return res.status(403).json({ error: "Neplatné heslo" });
const bypassPassword = process.env.REFRESH_BYPASS_PASSWORD;
const isBypass = !!bypassPassword && heslo === bypassPassword;
if (!isBypass) {
try {
getLogin(parseToken(req));
} catch {
return res.status(403).json({ error: "Přihlaste se prosím" });
}
}
if (!checkRateLimit("refresh") && heslo !== "tohleheslopavelnesmizjistit123") {
if (!checkRateLimit("refresh") && !isBypass) {
return res.status(429).json({ error: "Refresh už se zavolal, chvíli počkej :))" });
}
if (type !== "week" && type !== "day") {