From aaa83a0f016ec32fdf6f2a6c5ec0c8c4e75312fb Mon Sep 17 00:00:00 2001 From: petruki <31597636+petruki@users.noreply.github.com> Date: Sun, 13 Apr 2025 15:22:45 -0700 Subject: [PATCH 1/2] Fixes default rate limit to accept unlimited rate --- src/middleware/limiter.js | 11 ++++++- .../unit-test/limiter/app-limiter-set.test.js | 29 +++++++++++++++++++ .../limiter/app-limiter-unlimited.test.js | 22 ++++++++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 tests/unit-test/limiter/app-limiter-set.test.js create mode 100644 tests/unit-test/limiter/app-limiter-unlimited.test.js diff --git a/src/middleware/limiter.js b/src/middleware/limiter.js index b94e4b89..b8753591 100644 --- a/src/middleware/limiter.js +++ b/src/middleware/limiter.js @@ -5,11 +5,20 @@ const ERROR_MESSAGE = { error: 'API request per minute quota exceeded' }; +const getMaxRate = (rate_limit) => { + if (rate_limit === 0) { + return parseInt(DEFAULT_RATE_LIMIT); + } + + return rate_limit; +}; + export const DEFAULT_RATE_LIMIT = 1000; export const defaultLimiter = rateLimit({ windowMs: DEFAULT_WINDOWMS, - limit: parseInt(process.env.MAX_REQUEST_PER_MINUTE || DEFAULT_RATE_LIMIT), + limit: getMaxRate(parseInt(process.env.MAX_REQUEST_PER_MINUTE)), + skip: (request) => request.rate_limit === 0, standardHeaders: 'draft-7', legacyHeaders: false, message: ERROR_MESSAGE, diff --git a/tests/unit-test/limiter/app-limiter-set.test.js b/tests/unit-test/limiter/app-limiter-set.test.js new file mode 100644 index 00000000..56852635 --- /dev/null +++ b/tests/unit-test/limiter/app-limiter-set.test.js @@ -0,0 +1,29 @@ +import mongoose from 'mongoose'; +import request from 'supertest'; + +let app = null; + +afterAll(async () => { + await new Promise(resolve => setTimeout(resolve, 1000)); + await mongoose.disconnect(); +}); + +beforeAll(async () => { + process.env.MAX_REQUEST_PER_MINUTE = 1; + app = (await import('../../../src/app')).default; +}); + +describe('When maximum request per minute is postive', () => { + test('LIMITER_SUITE - Should return 429 - Too many requests', async () => { + await request(app) + .get('/check') + .expect(200); + + const req = await request(app) + .get('/check') + .expect(429); + + expect(req.statusCode).toBe(429); + expect(req.body.error).toEqual('API request per minute quota exceeded'); + }); +}); \ No newline at end of file diff --git a/tests/unit-test/limiter/app-limiter-unlimited.test.js b/tests/unit-test/limiter/app-limiter-unlimited.test.js new file mode 100644 index 00000000..85c1c5c9 --- /dev/null +++ b/tests/unit-test/limiter/app-limiter-unlimited.test.js @@ -0,0 +1,22 @@ +import mongoose from 'mongoose'; +import request from 'supertest'; + +let app = null; + +afterAll(async () => { + await new Promise(resolve => setTimeout(resolve, 1000)); + await mongoose.disconnect(); +}); + +beforeAll(async () => { + process.env.MAX_REQUEST_PER_MINUTE = 0; + app = (await import('../../../src/app')).default; +}); + +describe('When maximum request per minute is zero (unlimited)', () => { + test('LIMITER_SUITE - Should return 200 - OK', async () => { + await request(app) + .get('/check') + .expect(200); + }); +}); \ No newline at end of file From 9f550ea9427bd74bbfedd8a34d717c9ab8e751f1 Mon Sep 17 00:00:00 2001 From: Roger Floriano <31597636+petruki@users.noreply.github.com> Date: Sun, 13 Apr 2025 15:29:13 -0700 Subject: [PATCH 2/2] Update tests/unit-test/limiter/app-limiter-set.test.js Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- tests/unit-test/limiter/app-limiter-set.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/unit-test/limiter/app-limiter-set.test.js b/tests/unit-test/limiter/app-limiter-set.test.js index 56852635..e3667dc9 100644 --- a/tests/unit-test/limiter/app-limiter-set.test.js +++ b/tests/unit-test/limiter/app-limiter-set.test.js @@ -13,7 +13,7 @@ beforeAll(async () => { app = (await import('../../../src/app')).default; }); -describe('When maximum request per minute is postive', () => { +describe('When maximum request per minute is positive', () => { test('LIMITER_SUITE - Should return 429 - Too many requests', async () => { await request(app) .get('/check')