Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add rate limiter #733

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

Vickysomtee
Copy link

Describe your changes

This PR adds rate limiters to all developers endpoints

Issue ticket number and link

#725

Motivation and Context

See issue - #725

How Has This Been Tested?

Testing locally with Postman

Screenshots (if appropriate):

Screenshot 2023-08-13 at 12 59 42

Copy link
Collaborator

@ijemmao ijemmao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a great start! can you also add unit tests that test this functionality? specifically:

  • a test for checking to see if rateLimiting works as expected for router v1
  • a test for checking to see if rateLimiting works as expected for router v2

src/routers/router.ts Outdated Show resolved Hide resolved
src/routers/routerV2.ts Outdated Show resolved Hide resolved
Copy link
Collaborator

@ijemmao ijemmao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looking really solid! just a few questions

src/routers/router.ts Outdated Show resolved Hide resolved
import rateLimit from 'express-rate-limit';
import { Express } from '../types';

export const rateLimiter: Express.MiddleWare = rateLimit({
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a possible way we can allow specific IP addresses to not get stopped by the rate limiter? For instance, Nkọwa okwu uses the Igbo API and shouldn't be rate limited the same where an individual user should be rate limited

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. I think this is posssible. We can have the IP addresses in a whitelist file. In the middleware, we read the file to get these addresses then call the next function if the incoming request IP is same as any of the whitelisted IP address.

Does this make sense?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, that makes a lot of sense - do you know of any guides/tutorials/articles that walk through this process specifically for rate limiting node js / express apps?

i believe you can get a shortlist of valid GCP server IP addresses that we can whitelist since we are deploying this project on GCP

import rateLimit from 'express-rate-limit';
import { Express } from '../types';

export const rateLimiter: Express.MiddleWare = rateLimit({
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, that makes a lot of sense - do you know of any guides/tutorials/articles that walk through this process specifically for rate limiting node js / express apps?

i believe you can get a shortlist of valid GCP server IP addresses that we can whitelist since we are deploying this project on GCP

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants