From a286a92eded0e13d53139c23e6d455e952eddd4c Mon Sep 17 00:00:00 2001
From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
Date: Mon, 25 Dec 2023 15:15:46 +0000
Subject: [PATCH] cleanups

---
 .../config/security/InitialSecuritySetup.java    |  3 ++-
 .../config/security/LoginAttemptService.java     |  5 +----
 .../config/security/SecurityConfiguration.java   |  2 +-
 .../api/pipeline/UserServiceInterface.java       |  1 -
 .../api/pipeline/UserServiceNoOpImpl.java        | 16 ----------------
 5 files changed, 4 insertions(+), 23 deletions(-)
 delete mode 100644 src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java

diff --git a/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java b/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java
index f7b3586f1..5d100dd8b 100644
--- a/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java
+++ b/src/main/java/stirling/software/SPDF/config/security/InitialSecuritySetup.java
@@ -37,7 +37,8 @@ public class InitialSecuritySetup {
 			    initialPassword = "stirling";
 				userService.saveUser(initialUsername, initialPassword, Role.ADMIN.getRoleId(), true);
 			}
-			
+		}
+		if(!userService.usernameExists(Role.INTERNAL_API_USER.getRoleId())) {
 			userService.saveUser(Role.INTERNAL_API_USER.getRoleId(), UUID.randomUUID().toString(), Role.INTERNAL_API_USER.getRoleId());
 			userService.addApiKeyToUser(Role.INTERNAL_API_USER.getRoleId());
 		}
diff --git a/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java b/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
index 08c48131f..2c86c65f2 100644
--- a/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
@@ -9,17 +9,15 @@ import stirling.software.SPDF.model.AttemptCounter;
 @Service
 public class LoginAttemptService {
 
-    private final int MAX_ATTEMPTS = 2;
+    private final int MAX_ATTEMPTS = 10;
     private final long ATTEMPT_INCREMENT_TIME = TimeUnit.MINUTES.toMillis(1);
     private final ConcurrentHashMap<String, AttemptCounter> attemptsCache = new ConcurrentHashMap<>();
 
     public void loginSucceeded(String key) {
-    	System.out.println("here3 reset ");
         attemptsCache.remove(key);
     }
 
     public boolean loginAttemptCheck(String key) {
-        System.out.println("here");
         attemptsCache.compute(key, (k, attemptCounter) -> {
             if (attemptCounter == null || attemptCounter.shouldReset(ATTEMPT_INCREMENT_TIME)) {
                 return new AttemptCounter();
@@ -28,7 +26,6 @@ public class LoginAttemptService {
                 return attemptCounter;
             }
         });
-        System.out.println("here2 = " + attemptsCache.get(key).getAttemptCount());
         return attemptsCache.get(key).getAttemptCount() >= MAX_ATTEMPTS;
     }
 
diff --git a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
index dca9eaefb..1f84e7837 100644
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@@ -96,7 +96,7 @@ public class SecurityConfiguration {
     
     @Bean
     public IPRateLimitingFilter rateLimitingFilter() {
-        int maxRequestsPerIp = 10000; // Example limit
+        int maxRequestsPerIp = 1000000; // Example limit TODO add config level
         return new IPRateLimitingFilter(maxRequestsPerIp, maxRequestsPerIp);
     }
 
diff --git a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java
index 1e66aa082..f1203be82 100644
--- a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java
@@ -1,5 +1,4 @@
 package stirling.software.SPDF.controller.api.pipeline;
 public interface UserServiceInterface {
-    // Define methods that you need
     String getApiKeyForUser(String username);
 }
diff --git a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java
deleted file mode 100644
index 82900b6ca..000000000
--- a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package stirling.software.SPDF.controller.api.pipeline;
-
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.context.annotation.Profile;
-import org.springframework.stereotype.Service;
-
-@Service
-@ConditionalOnProperty(name = "DOCKER_ENABLE_SECURITY", havingValue = "false")
-public class UserServiceNoOpImpl implements UserServiceInterface {
-    // Implement the methods with no-op
-    @Override
-    public String getApiKeyForUser(String username) {
-        // No-op implementation
-        return "";
-    }
-}