Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rate limit changes should be reflected on the API Client #178

Open
valendesigns opened this issue Mar 14, 2019 · 0 comments

Comments

@valendesigns
Copy link
Member

commented Mar 14, 2019

Issue Overview

Currently the rate limit is incrementing on the Audit Client instead of the API Client for proxied requests. Meaning that the PHPCS & Lighthouse Servers use an Audit Client to proxy the request on behalf of the API Client. Those servers make POST requests to the API to write data on behalf of the wporg user and should be exempt of all rate limiting.

Steps to Reproduce

You would login to the WP admin and check the rate limit values on the user profile page, then run an audit and check that the used API requests goes up for the wporg user (or any other user for that matter) instead of the audit-server user.

Expected Behavior

The used requests for the wporg user go up when requesting an audit, and the audit-server is exempt from rate limiting.

Current Behavior

When requesting an audit the audit-server used requests go up and the rate limit for the wporg user stay the same, unless a POST request was used to request the audit and in that case both users get 1 request added to the totals instead of 2 to the wporg user and zero to the audit-server.

Possible Solutions

Inside the rate limit class check for the Audit Client role and if we're doing a proxied request for the API Client. The request would increment the user the request was proxied for. However, if the request_client was not set then it could only mean the request was made directly and we should increment the limit or completely remove rate limiting from the audit client role. Up for discussion on this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.