Skip to content

[Security] /api/project-tutor has no rate limit — one signed-in user can drain groq quota #3162

Description

@vedant7007

Description

going through the project-tutor route i noticed it checks auth but has zero rate limiting on the groq call, unlike other AI endpoints in the repo.

The Problem

src/app/api/project-tutor/route.ts:57-59 only does getServerSession and 401s if missing. no upstash / memory limiter, no cache check, no daily cap. every POST triggers callGroq(prompt) at line 7-28 which hits https://api.groq.com/openai/v1/chat/completions with max_tokens: 1024.

concrete abuse: any logged-in devtrack user can loop POSTs with different repoUrl values and pump thousands of groq requests. action=analyze, action=questions, and action=chat each call groq. the repoUrl also has no length cap on line 62, so long junk URLs still pass through the regex on line 66 as long as they contain github.com/x/y.

compare to /api/ai-insights (src/app/api/ai-insights/route.ts:18-26, 119-145) and /api/personality (src/app/api/personality/route.ts:20-29, 138-164) which both use upstashRateLimitFixedWindow with a memory fallback and cache results in ai_insights.

Proposed Fix

  • add the same upstash fixed-window limiter used in ai-insights, keyed as project-tutor:${user.id}, something like 10 requests / hour
  • cap repoUrl length (200 chars) before regex matching
  • cap question length for the chat action (say 500 chars) so the prompt cannot be inflated
  • optionally cache analyze and questions results per owner/repo for a few hours since repo metadata rarely changes

I would like to work on this under GSSoC 26. please assign!

for labels i think gssoc + level2 + type:security fits here.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions