feat: add rate limiter #733
Conversation
ijemmao
left a comment
ijemmao
left a comment
There was a problem hiding this comment.
this is a great start! can you also add unit tests that test this functionality? specifically:
- a test for checking to see if rateLimiting works as expected for router v1
- a test for checking to see if rateLimiting works as expected for router v2
ijemmao
left a comment
ijemmao
left a comment
There was a problem hiding this comment.
looking really solid! just a few questions
| import rateLimit from 'express-rate-limit'; | ||
| import { Express } from '../types'; | ||
|
|
||
| export const rateLimiter: Express.MiddleWare = rateLimit({ |
There was a problem hiding this comment.
Is there a possible way we can allow specific IP addresses to not get stopped by the rate limiter? For instance, Nkọwa okwu uses the Igbo API and shouldn't be rate limited the same where an individual user should be rate limited
There was a problem hiding this comment.
Yes. I think this is posssible. We can have the IP addresses in a whitelist file. In the middleware, we read the file to get these addresses then call the next function if the incoming request IP is same as any of the whitelisted IP address.
Does this make sense?
There was a problem hiding this comment.
yeah, that makes a lot of sense - do you know of any guides/tutorials/articles that walk through this process specifically for rate limiting node js / express apps?
i believe you can get a shortlist of valid GCP server IP addresses that we can whitelist since we are deploying this project on GCP
| import rateLimit from 'express-rate-limit'; | ||
| import { Express } from '../types'; | ||
|
|
||
| export const rateLimiter: Express.MiddleWare = rateLimit({ |
There was a problem hiding this comment.
yeah, that makes a lot of sense - do you know of any guides/tutorials/articles that walk through this process specifically for rate limiting node js / express apps?
i believe you can get a shortlist of valid GCP server IP addresses that we can whitelist since we are deploying this project on GCP
2 participants
Describe your changes
This PR adds rate limiters to all developers endpoints
Issue ticket number and link
#725
Motivation and Context
See issue - #725
How Has This Been Tested?
Testing locally with Postman
Screenshots (if appropriate):