From 53052321f27a8600403677f9f8693204f80f377f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Kol=C3=A1rik?= Date: Wed, 15 Jan 2025 15:29:22 +0100 Subject: [PATCH] fix: lower anonymous limit to 250 --- config/default.cjs | 2 +- config/test.cjs | 3 --- test/e2e/cases/limits.test.ts | 8 ++++---- test/tests/integration/limits.test.ts | 8 ++++---- .../integration/middleware/authenticate.test.ts | 6 +++--- test/tests/integration/ratelimit.test.ts | 16 ++++++++-------- 6 files changed, 20 insertions(+), 23 deletions(-) diff --git a/config/default.cjs b/config/default.cjs index 0a2221d1..1ee47ee1 100644 --- a/config/default.cjs +++ b/config/default.cjs @@ -85,7 +85,7 @@ module.exports = { resultTTL: 7 * 24 * 60 * 60, // 7 days rateLimit: { post: { - anonymousLimit: 10000, + anonymousLimit: 250, authenticatedLimit: 500, reset: 3600, }, diff --git a/config/test.cjs b/config/test.cjs index b61e2ea1..940becb8 100644 --- a/config/test.cjs +++ b/config/test.cjs @@ -44,9 +44,6 @@ module.exports = { measurement: { maxInProgressTests: 2, rateLimit: { - post: { - anonymousLimit: 100000, - }, getPerMeasurement: { limit: 1000, }, diff --git a/test/e2e/cases/limits.test.ts b/test/e2e/cases/limits.test.ts index afe54962..488dec2c 100644 --- a/test/e2e/cases/limits.test.ts +++ b/test/e2e/cases/limits.test.ts @@ -22,8 +22,8 @@ describe('/limits endpoint', () => { measurements: { create: { type: 'ip', - limit: 100000, - remaining: 100000, + limit: 250, + remaining: 250, reset: 0, }, }, @@ -46,8 +46,8 @@ describe('/limits endpoint', () => { expect(response.body.rateLimit.measurements.create).to.deep.include({ type: 'ip', - limit: 100000, - remaining: 99999, + limit: 250, + remaining: 249, }); }); }); diff --git a/test/tests/integration/limits.test.ts b/test/tests/integration/limits.test.ts index 80f7face..07c492b0 100644 --- a/test/tests/integration/limits.test.ts +++ b/test/tests/integration/limits.test.ts @@ -61,8 +61,8 @@ describe('rate limiter', () => { measurements: { create: { type: 'ip', - limit: 100000, - remaining: 100000, + limit: 250, + remaining: 250, reset: 0, }, }, @@ -82,8 +82,8 @@ describe('rate limiter', () => { measurements: { create: { type: 'ip', - limit: 100000, - remaining: 99999, + limit: 250, + remaining: 249, reset: 3600, }, }, diff --git a/test/tests/integration/middleware/authenticate.test.ts b/test/tests/integration/middleware/authenticate.test.ts index b3473e47..20a7ed3e 100644 --- a/test/tests/integration/middleware/authenticate.test.ts +++ b/test/tests/integration/middleware/authenticate.test.ts @@ -225,7 +225,7 @@ describe('authenticate', () => { }); expect(response.status).to.equal(202); - expect(response.headers['x-ratelimit-limit']).to.equal('100000'); + expect(response.headers['x-ratelimit-limit']).to.equal('250'); }); it('should ignore if invalid cookie was passed', async () => { @@ -241,7 +241,7 @@ describe('authenticate', () => { }); expect(response.status).to.equal(202); - expect(response.headers['x-ratelimit-limit']).to.equal('100000'); + expect(response.headers['x-ratelimit-limit']).to.equal('250'); }); it('should ignore if cookie signed with a different key was passed', async () => { @@ -257,7 +257,7 @@ describe('authenticate', () => { }); expect(response.status).to.equal(202); - expect(response.headers['x-ratelimit-limit']).to.equal('100000'); + expect(response.headers['x-ratelimit-limit']).to.equal('250'); }); }); }); diff --git a/test/tests/integration/ratelimit.test.ts b/test/tests/integration/ratelimit.test.ts index daea4d09..2e565085 100644 --- a/test/tests/integration/ratelimit.test.ts +++ b/test/tests/integration/ratelimit.test.ts @@ -122,9 +122,9 @@ describe('rate limiter', () => { target: 'jsdelivr.com', }).expect(202) as Response; - expect(response.headers['x-ratelimit-limit']).to.equal('100000'); + expect(response.headers['x-ratelimit-limit']).to.equal('250'); expect(response.headers['x-ratelimit-consumed']).to.equal('1'); - expect(response.headers['x-ratelimit-remaining']).to.equal('99999'); + expect(response.headers['x-ratelimit-remaining']).to.equal('249'); expect(response.headers['x-ratelimit-reset']).to.equal('3600'); expect(response.headers['x-request-cost']).to.equal('1'); @@ -133,9 +133,9 @@ describe('rate limiter', () => { target: 'jsdelivr.com', }).expect(202) as Response; - expect(response2.headers['x-ratelimit-limit']).to.equal('100000'); + expect(response2.headers['x-ratelimit-limit']).to.equal('250'); expect(response.headers['x-ratelimit-consumed']).to.equal('1'); - expect(response2.headers['x-ratelimit-remaining']).to.equal('99998'); + expect(response2.headers['x-ratelimit-remaining']).to.equal('248'); expect(response2.headers['x-ratelimit-reset']).to.equal('3600'); expect(response.headers['x-request-cost']).to.equal('1'); }); @@ -190,11 +190,11 @@ describe('rate limiter', () => { target: 'jsdelivr.com', }).expect(202) as Response; - expect(response.headers['x-ratelimit-remaining']).to.equal('99999'); + expect(response.headers['x-ratelimit-remaining']).to.equal('249'); }); it('should fail (limit reached)', async () => { - await anonymousPostRateLimiter.set(clientIpv6, 100000, 0); + await anonymousPostRateLimiter.set(clientIpv6, 250, 0); const response = await requestAgent.post('/v1/measurements').send({ type: 'ping', @@ -205,7 +205,7 @@ describe('rate limiter', () => { }); it('should consume all points successfully or none at all (cost > remaining > 0)', async () => { - await anonymousPostRateLimiter.set(clientIpv6, 99999, 0); // 1 remaining + await anonymousPostRateLimiter.set(clientIpv6, 249, 0); // 1 remaining const response = await requestAgent.post('/v1/measurements').send({ type: 'ping', @@ -293,7 +293,7 @@ describe('rate limiter', () => { }).expect(202) as Response; const rateLimiterRes = await anonymousPostRateLimiter.get(`1CJTN06QAyM2JYA3r2FwaSytXEWg1r50xNlUyC1G98w=`); - expect(rateLimiterRes?.remainingPoints).to.equal(99999); + expect(rateLimiterRes?.remainingPoints).to.equal(249); }); });