From 8d549abaa9334328b86ce742d1f794372723630f Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sat, 22 Jul 2023 13:27:58 -0400
Subject: [PATCH] Add rate limiting to unfurl endpoint

---
 server/routes/api/urls/urls.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/server/routes/api/urls/urls.ts b/server/routes/api/urls/urls.ts
index 58ebeaddc..077c3502a 100644
--- a/server/routes/api/urls/urls.ts
+++ b/server/routes/api/urls/urls.ts
@@ -3,17 +3,20 @@ import parseDocumentSlug from "@shared/utils/parseDocumentSlug";
 import parseMentionUrl from "@shared/utils/parseMentionUrl";
 import { NotFoundError } from "@server/errors";
 import auth from "@server/middlewares/authentication";
+import { rateLimiter } from "@server/middlewares/rateLimiter";
 import validate from "@server/middlewares/validate";
 import { Document, User } from "@server/models";
 import { authorize } from "@server/policies";
 import { presentDocument, presentMention } from "@server/presenters/unfurls";
 import { APIContext } from "@server/types";
+import { RateLimiterStrategy } from "@server/utils/RateLimiter";
 import * as T from "./schema";
 
 const router = new Router();
 
 router.post(
   "urls.unfurl",
+  rateLimiter(RateLimiterStrategy.OneThousandPerHour),
   auth(),
   validate(T.UrlsUnfurlSchema),
   async (ctx: APIContext<T.UrlsUnfurlReq>) => {