case insensitive header for rate limits, fix rate limit default settings

Also disabled rate limit bypass right as it doesn't work...

src/api/middlewares/RateLimit.ts

@@ -48,7 +48,7 @@ export default function rateLimit(opts: {
 		// exempt user? if so, immediately short circuit
 		if (req.user_id) {
 			const rights = await getRights(req.user_id);
-			if (rights.has("BYPASS_RATE_LIMITS")) return;
+			if (rights.has("BYPASS_RATE_LIMITS")) return next();
 		}
 
 		const bucket_id = opts.bucket || req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, "");
@@ -121,6 +121,7 @@ export default function rateLimit(opts: {
 export async function initRateLimits(app: Router) {
 	const { routes, global, ip, error, disabled } = Config.get().limits.rate;
 	if (disabled) return;
+	console.log("Enabling rate limits...");
 	await listenEvent(EventRateLimit, (event) => {
 		Cache.set(event.channel_id as string, event.data);
 		event.acknowledge?.();

src/api/util/utility/ipAddress.ts

@@ -78,7 +78,11 @@ export function isProxy(data: typeof exampleData) {
 
 export function getIpAdress(req: Request): string {
 	// @ts-ignore
-	return req.headers[Config.get().security.forwadedFor] || req.socket.remoteAddress;
+	return (
+		req.headers[Config.get().security.forwadedFor as string] ||
+		req.headers[Config.get().security.forwadedFor?.toLowerCase() as string] ||
+		req.socket.remoteAddress
+	);
 }
 
 export function distanceBetweenLocations(loc1: any, loc2: any): number {

src/util/config/types/subconfigurations/limits/RateLimits.ts

@@ -14,5 +14,5 @@ export class RateLimits {
 		count: 10,
 		window: 5
 	};
-	routes: RouteRateLimit;
+	routes: RouteRateLimit = new RouteRateLimit();
 }

src/util/config/types/subconfigurations/limits/ratelimits/Route.ts

@@ -14,6 +14,6 @@ export class RouteRateLimit {
 		count: 10,
 		window: 5
 	};
-	auth: AuthRateLimit;
+	auth: AuthRateLimit = new AuthRateLimit();
 	// TODO: rate limit configuration for all routes
 }