-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Route rate limits (sec #18) #2530
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## main #2530 +/- ##
===========================================
- Coverage 74.38% 39.85% -34.54%
===========================================
Files 224 495 +271
Lines 8855 17741 +8886
Branches 1822 4141 +2319
===========================================
+ Hits 6587 7070 +483
- Misses 2268 10671 +8403
Flags with carried forward coverage won't be shown. Click here to find out more.
|
Steve-Mcl
commented
Jul 26, 2023
Steve-Mcl
commented
Jul 26, 2023
hardillb
reviewed
Jul 26, 2023
Steve-Mcl
commented
Jul 27, 2023
Steve-Mcl
commented
Jul 27, 2023
Co-authored-by: Stephen McLaughlin <44235289+Steve-Mcl@users.noreply.github.com>
hardillb
approved these changes
Jul 27, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Implements the rate-limiting part of sec #18
Commits:
This PR is probably best reviewed by commit as they were made in logical order
Implementation detail
/forge/routes/rateLimits.js
getLimits
which returns the rate limit settings. It is directly exported for unit testing./config/index.js
rate_limits
toconfig
with default values by calling torateLimits.getLimits(...)
/forge/forge.js
@fastify/rate-limit
plugin - but only ifconfig.rate_limits.enabled
istrue
config: { rate_limits: app.config.rate_limits }
added to their route options.config: { rate_limits: false }
added to their route options.Endpoint Rate Limiting
Rate limiting will be disabled by default.
To enable rate limiting, set the config setting
rate_limits.enabled
totrue
.When enabled, the following config settings are available:
rate_limits.global
- (boolean, default:true
) - enable/disable rate limiting for all routesrate_limits.timeWindow
- (number, default:"1 minute"
) - time window in milliseconds forrate_limits.max
requestsrate_limits.max
- (number, default:1000
) - max number of requests perrate_limits.timeWindow
for a given routerate_limits.maxAnonymous
- (number, default: not set) - max number of requests perrate_limits.timeWindow
for a given route for anonymous usersSpecific routes
The following routes will be rate limited by default:
The following routes will never be rate limited:
When config setting
rate_limits.global
istrue
.When config setting
rate_limits.global
istrue
.package.json changes
Important notes
options.config.test?.fastifyRoutes
istrue
.Adds tests in
/test/unit/forge/routes/api/rateLimits/rateLimits_spec.js
NOTE: There are 3 sections of tests under " Rate Limiting Routes" for
global:true
andglobal:false
:global
setting)global
setting)global:true
, otherwise disabled.Test results (local execution)
Related Issue(s)
https://github.com/flowforge/security/issues/18
Checklist
flowforge.yml
?flowforge/helm
to update ConfigMap Templateflowforge/CloudProject
to update values for Staging/ProductionLabels
backport
labelarea:migration
label