From 41dcf5240c1ef1d9fea1c875094b4e65ec74076d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Arturo=20Cabral=20Mej=C3=ADa?=
 <me@ricardocabral.io>
Date: Fri, 10 Feb 2023 14:14:55 -0500
Subject: [PATCH] chore: don't rate limit all endpoints (#191)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Ricardo Arturo Cabral Mejía <me@ricardocabral.io>
---
 src/factories/web-app-factory.ts | 2 --
 src/routes/index.ts              | 5 +++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/factories/web-app-factory.ts b/src/factories/web-app-factory.ts
index eb7e1de..d25aee9 100644
--- a/src/factories/web-app-factory.ts
+++ b/src/factories/web-app-factory.ts
@@ -3,7 +3,6 @@ import helmet from 'helmet'
 
 import { createLogger } from './logger-factory'
 import { createSettings } from './settings-factory'
-import { rateLimiterMiddleware } from '../handlers/request-handlers/rate-limiter-middleware'
 import router from '../routes'
 
 const debug = createLogger('web-app-factory')
@@ -12,7 +11,6 @@ export const createWebApp = () => {
   const app = express()
   app
     .disable('x-powered-by')
-    .use(rateLimiterMiddleware)
     .use((req, res, next) => {
       const settings = createSettings()
 
diff --git a/src/routes/index.ts b/src/routes/index.ts
index f7d2a61..2c1e963 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -4,6 +4,7 @@ import callbacksRouter from './callbacks'
 import { getHealthRequestHandler } from '../handlers/request-handlers/get-health-request-handler'
 import { getTermsRequestHandler } from '../handlers/request-handlers/get-terms-request-handler'
 import invoiceRouter from './invoices'
+import { rateLimiterMiddleware } from '../handlers/request-handlers/rate-limiter-middleware'
 import { rootRequestHandler } from '../handlers/request-handlers/root-request-handler'
 
 const router = express.Router()
@@ -12,7 +13,7 @@ router.get('/', rootRequestHandler)
 router.get('/healthz', getHealthRequestHandler)
 router.get('/terms', getTermsRequestHandler)
 
-router.use('/invoices', invoiceRouter)
-router.use('/callbacks', callbacksRouter)
+router.use('/invoices', rateLimiterMiddleware, invoiceRouter)
+router.use('/callbacks', rateLimiterMiddleware, callbacksRouter)
 
 export default router