Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Public API IP rate limiting #4764

Merged
merged 7 commits into from
Mar 3, 2022
Merged

Public API IP rate limiting #4764

merged 7 commits into from
Mar 3, 2022

Conversation

mike12345567
Copy link
Collaborator

Description

Adding public API rate limiting, with env variable option, defaults to 120 requests per minute. The environment variable API_RATE_LIMITING can be set to any number to set the limit of requests per minute. For now this is entirely limited to the public API.

This is achieved with the use of koa2-ratelimit - this allows rate limiting per IP and use of a Redis store for managing the limits across a cluster of services.

@mike12345567 mike12345567 self-assigned this Mar 2, 2022
shogunpurple
shogunpurple approved these changes Mar 2, 2022
View reviewed changes
Copy link
Member

@shogunpurple shogunpurple left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Really nice that we can just plug this library into existing redis infra. Saw that koa2-ratelimit supports other backends too - seems like a nice library 👌

Rory-Powell
Rory-Powell reviewed Mar 3, 2022
View reviewed changes
packages/server/package.json Show resolved Hide resolved
packages/server/src/api/routes/public/index.ts Outdated Show resolved Hide resolved
packages/server/src/api/routes/public/index.ts Outdated Show resolved Hide resolved
packages/server/src/environment.js Outdated Show resolved Hide resolved
@codecov-commenter
Copy link

codecov-commenter commented Mar 3, 2022
edited
Loading

Codecov Report

Merging #4764 (86f649c) into develop (4906dc6) will increase coverage by 1.59%.
The diff coverage is 70.00%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #4764      +/-   ##
===========================================
+ Coverage    67.91%   69.51%   +1.59%     
===========================================
  Files          144      145       +1     
  Lines         4922     4979      +57     
  Branches       761      765       +4     
===========================================
+ Hits          3343     3461     +118     
+ Misses        1105     1066      -39     
+ Partials       474      452      -22
Impacted Files Coverage Δ
packages/server/src/api/controllers/application.js 77.61% <ø> (+0.49%) ⬆️
packages/server/src/automations/steps/queryRows.js 95.65% <ø> (ø)
packages/server/src/utilities/workerRequests.js 46.42% <30.76%> (-3.58%) ⬇️
packages/server/src/db/utils.js 73.45% <33.33%> (-1.10%) ⬇️
...ackages/server/src/api/controllers/row/internal.js 82.05% <50.00%> (-0.34%) ⬇️
packages/server/src/threads/query.js 74.19% <50.00%> (-5.63%) ⬇️
packages/server/src/api/routes/utils/validators.js 97.14% <97.14%> (ø)
packages/server/src/api/controllers/table/index.js 71.42% <100.00%> (+0.51%) ⬆️
packages/server/src/api/controllers/webhook.js 91.52% <100.00%> (ø)
packages/server/src/api/index.js 93.54% <100.00%> (+0.44%) ⬆️
... and 14 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update fcdc10f...86f649c. Read the comment docs.

@mike12345567 mike12345567 merged commit 3bcd1fd into develop Mar 3, 2022
@mike12345567 mike12345567 deleted the feature/rate-limiting branch March 3, 2022 14:26
@github-actions github-actions bot locked and limited conversation to collaborators Mar 3, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@shogunpurple shogunpurple shogunpurple approved these changes

@Rory-Powell Rory-Powell Rory-Powell approved these changes

Assignees

@mike12345567 mike12345567

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mike12345567 @codecov-commenter @Rory-Powell @shogunpurple