package security

import (
	"time"

	"golang.org/x/time/rate"
)

const (
	_  = iota
	KB = 1 << (10 * iota)
	MB
	GB
)

const (
	// Download Throttling
	DefaultDownloadLimit = rate.Limit(5 * MB) // 5MB/s
	DefaultDownloadBurst = 2 * MB             // 2MB

	SpeedDownloaderLimit = rate.Limit(1 * MB) // 1MB/s
	SpeedDownloaderBurst = 512 * KB           // 512KB

	HeavyDownloaderThreshold = 1 * GB               // 1GB
	HeavyDownloaderLimit     = rate.Limit(256 * KB) // 256KB/s

	// Rate Limiting
	GlobalRateLimit  = 2000
	GlobalRateWindow = 1 * time.Minute
	APIRateLimit     = 500
	APIRateWindow    = 1 * time.Minute
)

var ForbiddenPatterns = []string{
	".git", ".env", ".aws", ".config", ".ssh",
	"wp-admin", "wp-login", "phpinfo", ".php",
	"etc/passwd", "cgi-bin", "shell", "cmd",
	".sql", ".bak", ".old", ".zip", ".rar",
}

var BotUserAgents = []string{
	"bot", "crawl", "spider", "slurp", "googlebot", "bingbot", "yandexbot",
	"ahrefsbot", "baiduspider", "duckduckbot", "facebookexternalhit",
	"twitterbot", "rogerbot", "linkedinbot", "embedly", "quora link preview",
	"showyoubot", "outbrain", "pinterest", "slackbot", "vkShare", "W3C_Validator",
}

var SpeedDownloaders = []string{
	"aria2", "wget", "curl", "axel", "transmission", "libcurl",
}