Skip to content

Commit

Permalink
fix: lower anonymous limit to 250
Browse files Browse the repository at this point in the history
  • Loading branch information
@MartinKolarik
MartinKolarik committed Jan 15, 2025
1 parent 26e2cd6 commit 5305232
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 23 deletions.
2 changes: 1 addition & 1 deletion config/default.cjs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ module.exports = {
resultTTL: 7 * 24 * 60 * 60, // 7 days
rateLimit: {
post: {
anonymousLimit: 10000,
anonymousLimit: 250,
authenticatedLimit: 500,
reset: 3600,
},
Expand Down
3 changes: 0 additions & 3 deletions config/test.cjs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,6 @@ module.exports = {
measurement: {
maxInProgressTests: 2,
rateLimit: {
post: {
anonymousLimit: 100000,
},
getPerMeasurement: {
limit: 1000,
},
Expand Down
8 changes: 4 additions & 4 deletions test/e2e/cases/limits.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ describe('/limits endpoint', () => {
measurements: {
create: {
type: 'ip',
limit: 100000,
remaining: 100000,
limit: 250,
remaining: 250,
reset: 0,
},
},
Expand All @@ -46,8 +46,8 @@ describe('/limits endpoint', () => {

expect(response.body.rateLimit.measurements.create).to.deep.include({
type: 'ip',
limit: 100000,
remaining: 99999,
limit: 250,
remaining: 249,
});
});
});
8 changes: 4 additions & 4 deletions test/tests/integration/limits.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,8 @@ describe('rate limiter', () => {
measurements: {
create: {
type: 'ip',
limit: 100000,
remaining: 100000,
limit: 250,
remaining: 250,
reset: 0,
},
},
Expand All @@ -82,8 +82,8 @@ describe('rate limiter', () => {
measurements: {
create: {
type: 'ip',
limit: 100000,
remaining: 99999,
limit: 250,
remaining: 249,
reset: 3600,
},
},
Expand Down
6 changes: 3 additions & 3 deletions test/tests/integration/middleware/authenticate.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ describe('authenticate', () => {
});

expect(response.status).to.equal(202);
expect(response.headers['x-ratelimit-limit']).to.equal('100000');
expect(response.headers['x-ratelimit-limit']).to.equal('250');
});

it('should ignore if invalid cookie was passed', async () => {
Expand All @@ -241,7 +241,7 @@ describe('authenticate', () => {
});

expect(response.status).to.equal(202);
expect(response.headers['x-ratelimit-limit']).to.equal('100000');
expect(response.headers['x-ratelimit-limit']).to.equal('250');
});

it('should ignore if cookie signed with a different key was passed', async () => {
Expand All @@ -257,7 +257,7 @@ describe('authenticate', () => {
});

expect(response.status).to.equal(202);
expect(response.headers['x-ratelimit-limit']).to.equal('100000');
expect(response.headers['x-ratelimit-limit']).to.equal('250');
});
});
});
16 changes: 8 additions & 8 deletions test/tests/integration/ratelimit.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,9 +122,9 @@ describe('rate limiter', () => {
target: 'jsdelivr.com',
}).expect(202) as Response;

expect(response.headers['x-ratelimit-limit']).to.equal('100000');
expect(response.headers['x-ratelimit-limit']).to.equal('250');
expect(response.headers['x-ratelimit-consumed']).to.equal('1');
expect(response.headers['x-ratelimit-remaining']).to.equal('99999');
expect(response.headers['x-ratelimit-remaining']).to.equal('249');
expect(response.headers['x-ratelimit-reset']).to.equal('3600');
expect(response.headers['x-request-cost']).to.equal('1');

Expand All @@ -133,9 +133,9 @@ describe('rate limiter', () => {
target: 'jsdelivr.com',
}).expect(202) as Response;

expect(response2.headers['x-ratelimit-limit']).to.equal('100000');
expect(response2.headers['x-ratelimit-limit']).to.equal('250');
expect(response.headers['x-ratelimit-consumed']).to.equal('1');
expect(response2.headers['x-ratelimit-remaining']).to.equal('99998');
expect(response2.headers['x-ratelimit-remaining']).to.equal('248');
expect(response2.headers['x-ratelimit-reset']).to.equal('3600');
expect(response.headers['x-request-cost']).to.equal('1');
});
Expand Down Expand Up @@ -190,11 +190,11 @@ describe('rate limiter', () => {
target: 'jsdelivr.com',
}).expect(202) as Response;

expect(response.headers['x-ratelimit-remaining']).to.equal('99999');
expect(response.headers['x-ratelimit-remaining']).to.equal('249');
});

it('should fail (limit reached)', async () => {
await anonymousPostRateLimiter.set(clientIpv6, 100000, 0);
await anonymousPostRateLimiter.set(clientIpv6, 250, 0);

const response = await requestAgent.post('/v1/measurements').send({
type: 'ping',
Expand All @@ -205,7 +205,7 @@ describe('rate limiter', () => {
});

it('should consume all points successfully or none at all (cost > remaining > 0)', async () => {
await anonymousPostRateLimiter.set(clientIpv6, 99999, 0); // 1 remaining
await anonymousPostRateLimiter.set(clientIpv6, 249, 0); // 1 remaining

const response = await requestAgent.post('/v1/measurements').send({
type: 'ping',
Expand Down Expand Up @@ -293,7 +293,7 @@ describe('rate limiter', () => {
}).expect(202) as Response;

const rateLimiterRes = await anonymousPostRateLimiter.get(`1CJTN06QAyM2JYA3r2FwaSytXEWg1r50xNlUyC1G98w=`);
expect(rateLimiterRes?.remainingPoints).to.equal(99999);
expect(rateLimiterRes?.remainingPoints).to.equal(249);
});
});

Expand Down

0 comments on commit 5305232

Please sign in to comment.