refactor: ignore rate limit for plus users and optimize querying (#2976)

Follow up on this: dailydotdev/daily#1236, I decided to ignore rate limit for Plus users. I feel confident that they're not here for spam

Author: idoshamun

__tests__/posts.ts

@@ -89,6 +89,7 @@ import { generateUUID } from '../src/ids';
 import { GQLResponse } from 'mercurius-integration-testing';
 import type { GQLPostSmartTitle } from '../src/schema/posts';
 import { SubscriptionCycles } from '../src/paddle';
+import { remoteConfig } from '../src/remoteConfig';
 import {
   ContentPreferenceStatus,
   ContentPreferenceType,
@@ -2576,6 +2577,17 @@ describe('mutation sharePost', () => {
 
   describe('rate limiting', () => {
     const redisKey = `${rateLimiterName}:1:createPost`;
+
+    beforeEach(() => {
+      // Set the post rate limit to 1 for testing
+      remoteConfig.vars.postRateLimit = 1;
+    });
+
+    afterEach(() => {
+      // Reset to default
+      remoteConfig.vars.postRateLimit = undefined;
+    });
+
     it('store rate limiting state in redis', async () => {
       loggedUser = '1';
 
@@ -2611,6 +2623,28 @@ describe('mutation sharePost', () => {
       expect(await getRedisObjectExpiry(redisKey)).toBeGreaterThanOrEqual(20);
     });
 
+    it('should bypass rate limit for Plus members', async () => {
+      loggedUser = '1';
+
+      // Set user as Plus member
+      await con.getRepository(User).update(
+        { id: '1' },
+        {
+          subscriptionFlags: { cycle: SubscriptionCycles.Yearly },
+          reputation: 1,
+        },
+      );
+
+      // Create multiple posts without hitting rate limit
+      for (let i = 0; i < 3; i++) {
+        await deleteKeysByPattern(`${rateLimiterName}:*`);
+        const res = await client.mutate(MUTATION, {
+          variables: variables,
+        });
+        expect(res.errors).toBeFalsy();
+      }
+    });
+
     describe('high rate squads', () => {
       beforeEach(async () => {
         await con.getRepository(SquadSource).save({

__tests__/setup.ts

@@ -51,6 +51,7 @@ jest.mock('../src/remoteConfig', () => ({
       de: 'German',
       'zh-Hans': 'ChineseSimplified',
     },
+    postRateLimit: 2,
   },
 }));
 

src/common/rateLimit.ts

@@ -3,6 +3,7 @@ import { Comment, Post, User } from '../entity';
 import { remoteConfig } from '../remoteConfig';
 import { subDays } from 'date-fns';
 import { GraphQLError } from 'graphql/index';
+import { isPlusMember } from '../paddle';
 
 export class RateLimitError extends GraphQLError {
   extensions = {};
@@ -32,12 +33,17 @@ const ensureReputationBasedRateLimit = async (
   errorMessage: string,
 ): Promise<void> => {
   const [user, countValue] = await Promise.all([
-    con
-      .getRepository(User)
-      .findOneOrFail({ select: ['id', 'reputation'], where: { id: userId } }),
+    con.getRepository(User).findOneOrFail({
+      select: ['id', 'reputation', 'subscriptionFlags'],
+      where: { id: userId },
+    }),
     count,
   ]);
 
+  if (isPlusMember(user.subscriptionFlags?.cycle)) {
+    return;
+  }
+
   if (
     remoteConfig.vars?.rateLimitReputationThreshold &&
     user.reputation > remoteConfig.vars.rateLimitReputationThreshold