Throttler not working as expected

[mukunda-]

Is there an existing issue for this?

• I have searched the existing issues

Current behavior

When running the latest throttler (6.x), multiple requests are not blocked as expected.

Minimum reproduction code

https://github.com/mukunda-/nestjs-throttler-test

Steps to reproduce

1. checkout
2. npm i
3. npm run test

Expected behavior

The throttler should not allow more requests until the existing blocks expire fully.

Package version

6.0.0

NestJS version

10.3.10

Node.js version

20.15.1

In which operating systems have you tested?

• macOS
• Windows
• Linux

Other

[jmcdo29]

I think I found the issue here. Kinda surprised our test suite didn't catch it already, but we're using a Math.floor calculation on the time difference to see if we should allow further requests, and in this case it was returning a low enough number that it became 0 which meant that the reset was called and the request was allowed through.

Changing to Math.ceil seems to fix this, but I want to update the test suite to reflect this case as well.

[jmcdo29]

So, interestingly, it seems this error might be related to how supertest works. I'm still looking into it for the moment, but when I brought the test suite into the @nestjs/throttler suite and used the current http utility (a custom solution I'll be swapping out for pactum later), I couldn't get the 201 on subsequent requests. Not sure why supertest makes it act differently, but I'll keep looking

[jmcdo29]

Found the reason it wasn't failing in our test suite, there was a default blockDuration set at a different level with where I added the test. Explicitly set it and got the same result, and changing floor to ceil does indeed fix it and logically make sense. I'll have a fix out for this soon

[mukunda-]

Thanks for the quick fix. I tested it in my project and it looks good from my end. My main reason for upgrading to 6.x was the sliding window behavior which I think is a lot better than the previous behavior. 👍