Anonymous: Add configurable device limit #10
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Anonymous: Add device limiter * break auth if limit reached * fix typo * refactored const to make it clearer with expiration * anon device limit for config --------- Co-authored-by: Eric Leijonmarck <[email protected]>
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
Author
Greptile OverviewConfidence Score: 1/5
Important Files ChangedFile Analysis
Sequence DiagramsequenceDiagram
participant Client
participant Anonymous as Anonymous Client
participant AnonDeviceService
participant AnonDBStore
participant Database
Client->>Anonymous: Authenticate(ctx, request)
Anonymous->>Anonymous: Get org by name
Anonymous->>AnonDeviceService: TagDevice(ctx, httpReq, AnonDeviceUI)
AnonDeviceService->>AnonDeviceService: Extract device info from request
AnonDeviceService->>AnonDeviceService: Check local cache
alt Device in cache
AnonDeviceService-->>Anonymous: Return early (nil)
else Device not in cache
AnonDeviceService->>AnonDeviceService: Add to local cache
AnonDeviceService->>AnonDBStore: CreateOrUpdateDevice(ctx, device)
alt Device limit enabled (> 0)
AnonDBStore->>Database: CountDevices (30 days window)
Database-->>AnonDBStore: count
alt count >= deviceLimit
AnonDBStore->>Database: UPDATE device WHERE device_id = ? AND updated_at BETWEEN ? AND ?
Database-->>AnonDBStore: rows affected
alt rows affected = 0
AnonDBStore-->>AnonDeviceService: ErrDeviceLimitReached
AnonDeviceService-->>Anonymous: ErrDeviceLimitReached
Anonymous-->>Client: Return error
end
else count < deviceLimit
AnonDBStore->>Database: INSERT ... ON CONFLICT UPDATE
Database-->>AnonDBStore: Success
end
else No limit
AnonDBStore->>Database: INSERT ... ON CONFLICT UPDATE
Database-->>AnonDBStore: Success
end
AnonDeviceService-->>Anonymous: nil
end
Anonymous->>Anonymous: Create Identity with org info
Anonymous-->>Client: Return Identity
|
Comment on lines
+109
to
+117
| if s.deviceLimit > 0 { | ||
| count, err := s.CountDevices(ctx, time.Now().UTC().Add(-anonymousDeviceExpiration), time.Now().UTC().Add(time.Minute)) | ||
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| if count >= s.deviceLimit { | ||
| return s.updateDevice(ctx, device) | ||
| } |
There was a problem hiding this comment.
logic: Race condition: concurrent requests can bypass limit. Between CountDevices and updateDevice, multiple goroutines can see count < limit and all proceed. Use database-level locking or atomic operations.
Suggested change
| if s.deviceLimit > 0 { | |
| count, err := s.CountDevices(ctx, time.Now().UTC().Add(-anonymousDeviceExpiration), time.Now().UTC().Add(time.Minute)) | |
| if err != nil { | |
| return err | |
| } | |
| if count >= s.deviceLimit { | |
| return s.updateDevice(ctx, device) | |
| } | |
| // if device limit is reached, only update devices | |
| if s.deviceLimit > 0 { | |
| // Try update first - if it succeeds, device exists | |
| err := s.updateDevice(ctx, device) | |
| if err == nil { | |
| return nil | |
| } | |
| if !errors.Is(err, ErrDeviceLimitReached) { | |
| return err | |
| } | |
| // Device doesn't exist - check limit with lock or use constraint | |
| count, err := s.CountDevices(ctx, time.Now().UTC().Add(-anonymousDeviceExpiration), time.Now().UTC().Add(time.Minute)) | |
| if err != nil { | |
| return err | |
| } | |
| if count >= s.deviceLimit { | |
| return ErrDeviceLimitReached | |
| } | |
| } |
Prompt To Fix With AI
This is a comment left during a code review.
Path: pkg/services/anonymous/anonimpl/anonstore/database.go
Line: 109:117
Comment:
**logic:** Race condition: concurrent requests can bypass limit. Between `CountDevices` and `updateDevice`, multiple goroutines can see count < limit and all proceed. Use database-level locking or atomic operations.
```suggestion
// if device limit is reached, only update devices
if s.deviceLimit > 0 {
// Try update first - if it succeeds, device exists
err := s.updateDevice(ctx, device)
if err == nil {
return nil
}
if !errors.Is(err, ErrDeviceLimitReached) {
return err
}
// Device doesn't exist - check limit with lock or use constraint
count, err := s.CountDevices(ctx, time.Now().UTC().Add(-anonymousDeviceExpiration), time.Now().UTC().Add(time.Minute))
if err != nil {
return err
}
if count >= s.deviceLimit {
return ErrDeviceLimitReached
}
}
```
How can I resolve this? If you propose a fix, please make it concise.
Comment on lines
+73
to
+81
| func (s *AnonDBStore) updateDevice(ctx context.Context, device *Device) error { | ||
| const query = `UPDATE anon_device SET | ||
| client_ip = ?, | ||
| user_agent = ?, | ||
| updated_at = ? | ||
| WHERE device_id = ? AND updated_at BETWEEN ? AND ?` | ||
|
|
||
| args := []interface{}{device.ClientIP, device.UserAgent, device.UpdatedAt.UTC(), device.DeviceID, | ||
| device.UpdatedAt.UTC().Add(-anonymousDeviceExpiration), device.UpdatedAt.UTC().Add(time.Minute), |
There was a problem hiding this comment.
logic: Flawed logic: updateDevice uses time-based condition that will fail for most update attempts. When device.UpdatedAt is "now" and you check updated_at BETWEEN (now - 30 days) AND (now + 1 min), it only works if DB already has a recent entry. New devices or old devices won't match.
The WHERE clause should only check device_id:
Suggested change
| func (s *AnonDBStore) updateDevice(ctx context.Context, device *Device) error { | |
| const query = `UPDATE anon_device SET | |
| client_ip = ?, | |
| user_agent = ?, | |
| updated_at = ? | |
| WHERE device_id = ? AND updated_at BETWEEN ? AND ?` | |
| args := []interface{}{device.ClientIP, device.UserAgent, device.UpdatedAt.UTC(), device.DeviceID, | |
| device.UpdatedAt.UTC().Add(-anonymousDeviceExpiration), device.UpdatedAt.UTC().Add(time.Minute), | |
| const query = `UPDATE anon_device SET | |
| client_ip = ?, | |
| user_agent = ?, | |
| updated_at = ? | |
| WHERE device_id = ?` | |
| args := []interface{}{device.ClientIP, device.UserAgent, device.UpdatedAt.UTC(), device.DeviceID} |
Prompt To Fix With AI
This is a comment left during a code review.
Path: pkg/services/anonymous/anonimpl/anonstore/database.go
Line: 73:81
Comment:
**logic:** Flawed logic: `updateDevice` uses time-based condition that will fail for most update attempts. When `device.UpdatedAt` is "now" and you check `updated_at BETWEEN (now - 30 days) AND (now + 1 min)`, it only works if DB already has a recent entry. New devices or old devices won't match.
The WHERE clause should only check `device_id`:
```suggestion
const query = `UPDATE anon_device SET
client_ip = ?,
user_agent = ?,
updated_at = ?
WHERE device_id = ?`
args := []interface{}{device.ClientIP, device.UserAgent, device.UpdatedAt.UTC(), device.DeviceID}
```
How can I resolve this? If you propose a fix, please make it concise.
Comment on lines
+44
to
+50
| if err := a.anonDeviceService.TagDevice(ctx, httpReqCopy, anonymous.AnonDeviceUI); err != nil { | ||
| if errors.Is(err, anonstore.ErrDeviceLimitReached) { | ||
| return nil, err | ||
| } | ||
| }() | ||
|
|
||
| a.log.Warn("Failed to tag anonymous session", "error", err) | ||
| } |
There was a problem hiding this comment.
style: Changed from async to blocking call without timeout. If TagDevice is slow (DB contention during high traffic), authentication hangs. The old code had a 2-minute timeout.
Prompt To Fix With AI
This is a comment left during a code review.
Path: pkg/services/anonymous/anonimpl/client.go
Line: 44:50
Comment:
**style:** Changed from async to blocking call without timeout. If `TagDevice` is slow (DB contention during high traffic), authentication hangs. The old code had a 2-minute timeout.
How can I resolve this? If you propose a fix, please make it concise.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Test 1
Replicated from ai-code-review-evaluation/grafana-greptile#1