From bb9f7cca47625d92a63d5d6d81029afeb0c129e6 Mon Sep 17 00:00:00 2001
From: lesion <lesion@autistici.org>
Date: Sat, 18 Feb 2023 00:04:28 +0100
Subject: [PATCH] minor

---
 pages/add/_edit.vue   | 13 +++++--------
 server/api/index.js   |  2 +-
 server/api/limiter.js | 13 ++++++++-----
 server/api/mail.js    |  2 +-
 4 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/pages/add/_edit.vue b/pages/add/_edit.vue
index b5162cf8..f0e08a19 100644
--- a/pages/add/_edit.vue
+++ b/pages/add/_edit.vue
@@ -74,7 +74,6 @@ import dayjs from 'dayjs'
 
 import { mdiFileImport, mdiFormatTitle, mdiTagMultiple, mdiCloseCircle } from '@mdi/js'
 
-import List from '@/components/List'
 import Editor from '@/components/Editor'
 import ImportDialog from '@/components/ImportDialog'
 import MediaInput from '@/components/MediaInput'
@@ -84,7 +83,6 @@ import DateInput from '@/components/DateInput'
 export default {
   name: 'NewEvent',
   components: {
-    List,
     Editor,
     ImportDialog,
     MediaInput,
@@ -125,8 +123,8 @@ export default {
 
       data.event.place.name = event.place.name
       data.event.place.address = event.place.address || ''
-      const from = dayjs.unix(event.start_datetime)
-      const due = event.end_datetime && dayjs.unix(event.end_datetime)
+      const from = dayjs.unix(event.start_datetime).tz()
+      const due = event.end_datetime && dayjs.unix(event.end_datetime).tz()
       data.date = {
         recurrent: event.recurrent,
         from: from.toDate(),
@@ -161,7 +159,6 @@ export default {
       },
       tags: [],
       page: { month, year },
-      fileList: [],
       id: null,
       date: { from: null, due: null, recurrent: null },
       edit: false,
@@ -240,12 +237,12 @@ export default {
       formData.append('description', this.event.description)
       formData.append('multidate', !!this.date.multidate)
       let [hour, minute] = this.date.fromHour.split(':')
-      formData.append('start_datetime', dayjs(this.date.from).hour(Number(hour)).minute(Number(minute)).second(0).unix())
+      formData.append('start_datetime', dayjs(this.date.from).hour(Number(hour)).minute(Number(minute)).second(0).tz().unix())
       if (this.date.dueHour) {
         [hour, minute] = this.date.dueHour.split(':')
-        formData.append('end_datetime', dayjs(this.date.due).hour(Number(hour)).minute(Number(minute)).second(0).unix())
+        formData.append('end_datetime', dayjs(this.date.due).hour(Number(hour)).minute(Number(minute)).second(0).tz().unix())
       } else if (!!this.date.multidate) {
-        formData.append('end_datetime', dayjs(this.date.due).hour(24).minute(0).second(0).unix())
+        formData.append('end_datetime', dayjs(this.date.due).hour(24).minute(0).second(0).tz().unix())
       }
 
       if (this.edit) {
diff --git a/server/api/index.js b/server/api/index.js
index 9fb8ca52..1ead4535 100644
--- a/server/api/index.js
+++ b/server/api/index.js
@@ -132,7 +132,7 @@ module.exports = () => {
      * @param {image} [image] - Image
      */
   
-    // allow anyone to add an event (anon event has to be confirmed, TODO: flood protection)
+    // allow anyone to add an event (anon event has to be confirmed, flood protection)
     api.post('/event', eventController.isAnonEventAllowed, SPAMProtectionApiRateLimiter, upload.single('image'), eventController.add)
   
     // api.get('/event/search', eventController.search)
diff --git a/server/api/limiter.js b/server/api/limiter.js
index 1f417402..67eddd5b 100644
--- a/server/api/limiter.js
+++ b/server/api/limiter.js
@@ -6,8 +6,8 @@ const next = (req, res, next) => next()
 const instanceApiRateLimiter = {
 
   DDOSProtectionApiRateLimiter: (process.env.NODE_ENV === 'test' ? next : rateLimit({
-    windowMs: 60 * 1000, // 5 minutes
-    max: 100, // Limit each IP to 100 requests per `window` (here, per 5 minutes)
+    windowMs: 60 * 1000, // 1 minutes
+    max: 100, // Limit each IP to 100 requests per `window`
     standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
     legacyHeaders: false, // Disable the `X-RateLimit-*` headers
     handler: (request, response, next, options) => {
@@ -15,10 +15,13 @@ const instanceApiRateLimiter = {
       return response.status(options.statusCode).send(options.message)    
     }
   })),
-  
+
+
+  /** This is a limiter used to avoid spam
+   * (used during the registration, pass recovery, posting events) */
   SPAMProtectionApiRateLimiter: (process.env.NODE_ENV === 'test' ? next : rateLimit({
-    windowMs: 5 * 60 * 1000, // 10 minutes
-    max: 3, // Limit each IP to 3 requests per `window` (here, per 15 minutes)
+    windowMs: 5 * 60 * 1000, // 5 minutes
+    max: 3, // Limit each IP to 3 requests per `window` (here, per 5 minutes)
     standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
     legacyHeaders: false, // Disable the `X-RateLimit-*` headers
     handler: (request, response, next, options) => {
diff --git a/server/api/mail.js b/server/api/mail.js
index 16867b65..5b546098 100644
--- a/server/api/mail.js
+++ b/server/api/mail.js
@@ -61,7 +61,7 @@ const mail = {
         ...locals,
         locale,
         config: { title: settings.title, baseurl: settings.baseurl, description: settings.description, admin_email: settings.admin_email },
-        datetime: datetime => moment.unix(datetime).locale(locale).format('ddd, D MMMM HH:mm')
+        datetime: datetime => moment.unix(datetime).tz().locale(locale).format('ddd, D MMMM HH:mm')
       }
     }
     return email.send(msg)