From b58e7dac882203b1d36df159e0e339e772e6a045 Mon Sep 17 00:00:00 2001
From: Overtorment <overtorment@gmail.com>
Date: Fri, 27 Mar 2020 20:09:50 +0000
Subject: [PATCH] stricted rate limiting for /getuserinvoices

---
 controllers/api.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controllers/api.js b/controllers/api.js
index dff5bdb..24a3d39 100644
--- a/controllers/api.js
+++ b/controllers/api.js
@@ -329,7 +329,7 @@ router.get('/gettxs', async function(req, res) {
   }
 });
 
-router.get('/getuserinvoices', async function(req, res) {
+router.get('/getuserinvoices', postLimiter, async function(req, res) {
   logger.log('/getuserinvoices', [req.id]);
   let u = new User(redis, bitcoinclient, lightning);
   if (!(await u.loadByAuthorization(req.headers.authorization))) {