fix: temp boost watch subscriptions rate limit and JWT validity allow…

…ance (#287) * fix: temp boost watch subscriptions rate limit * fix: allow wider JWT validity
reown-com · Jan 17, 2024 · 7ce1e72 · 7ce1e72
1 parent 94c1002
commit 7ce1e72
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/src/auth.rs b/src/auth.rs
@@ -360,11 +360,11 @@ pub fn from_jwt<T: DeserializeOwned + GetSharedClaims>(jwt: &str) -> Result<T> {
 
     info!("iss: {}", claims.get_shared_claims().iss);
 
-    if claims.get_shared_claims().exp < Utc::now().timestamp().unsigned_abs() {
+    if claims.get_shared_claims().exp + 300 <= Utc::now().timestamp().unsigned_abs() {
         Err(AuthError::JwtExpired)?;
     }
 
-    if claims.get_shared_claims().iat > Utc::now().timestamp_millis().unsigned_abs() {
+    if Utc::now().timestamp_millis().unsigned_abs() < claims.get_shared_claims().iat - 300 {
         Err(AuthError::JwtNotYetValid)?;
     }
 

diff --git a/src/services/websocket_server/handlers/notify_watch_subscriptions.rs b/src/services/websocket_server/handlers/notify_watch_subscriptions.rs
@@ -202,9 +202,11 @@ pub async fn notify_watch_subscriptions_rate_limit(
             "notify-watch-subscriptions-{}",
             hex::encode(client_public_key.as_bytes())
         ),
-        100,
+        // 100,
+        1000,
         chrono::Duration::seconds(1),
-        1,
+        // 1,
+        100,
         clock,
     )
     .await
-Original file line number
+Diff line change
@@ Expand Up / @@ -202,9 +202,11 @@ pub async fn notify_watch_subscriptions_rate_limit( @@
                 "notify-watch-subscriptions-{}",
                 hex::encode(client_public_key.as_bytes())
             ),
-,
+            // 100,
+,
             chrono::Duration::seconds(1),
-,
+            // 1,
+,
             clock,
         )
         .await
@@ Expand Down @@