From a0a4b0dd1db240f862cc35e2c0d1cf84ef5bd453 Mon Sep 17 00:00:00 2001
From: bietiaop <1527109126@qq.com>
Date: Sun, 2 Feb 2025 14:47:34 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E9=A2=91=E7=8E=87=E9=99=90=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 package.json                 |  1 +
 src/webui/src/router/File.ts | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index fbde38b1..5f5b9ad5 100644
--- a/package.json
+++ b/package.json
@@ -58,6 +58,7 @@
     "@ffmpeg.wasm/main": "^0.13.1",
     "@homebridge/node-pty-prebuilt-multiarch": "^0.12.0-beta.5",
     "express": "^5.0.0",
+    "express-rate-limit": "^7.5.0",
     "piscina": "^4.7.0",
     "qrcode-terminal": "^0.12.0",
     "silk-wasm": "^3.6.1",
diff --git a/src/webui/src/router/File.ts b/src/webui/src/router/File.ts
index fb906f03..c282d229 100644
--- a/src/webui/src/router/File.ts
+++ b/src/webui/src/router/File.ts
@@ -1,4 +1,5 @@
 import { Router } from 'express';
+import rateLimit from 'express-rate-limit';
 import {
     ListFilesHandler,
     CreateDirHandler,
@@ -14,13 +15,20 @@ import {
 
 const router = Router();
 
+const apiLimiter = rateLimit({
+    windowMs: 1 * 60 * 1000, // 1分钟内
+    max: 60, // 最大60个请求
+});
+
+router.use(apiLimiter);
+
 router.get('/list', ListFilesHandler);
 router.post('/mkdir', CreateDirHandler);
 router.post('/delete', DeleteHandler);
 router.get('/read', ReadFileHandler);
 router.post('/write', WriteFileHandler);
 router.post('/create', CreateFileHandler);
-router.post('/batchDelete', BatchDeleteHandler); // 添加这一行
+router.post('/batchDelete', BatchDeleteHandler);
 router.post('/rename', RenameHandler);
 router.post('/move', MoveHandler);
 router.post('/batchMove', BatchMoveHandler);