Closed ArtemOsuskyi closed 6 months ago
Resolves #24
This PR introduces tRPC rate limit middleware that can be attached to any procedure via .use()
.use()
const ratelimit = new Ratelimit({ redis: new Redis({ url: getEnv().UPSTASH_REDIS_REST_URL, token: getEnv().UPSTASH_REDIS_REST_TOKEN }), limiter: Ratelimit.slidingWindow(1, '10 s') });
Limitations are set in Ratelimit.slidingWindow arguments, where (1, '10 s') stands for "1 request per 10 seconds".
Ratelimit.slidingWindow
Video demonstration:
https://github.com/Kyoso-Team/kyoso/assets/96246908/d1bbf674-dbfa-4e35-9499-369f36a0a0d7
Note: Upstash doesn't allow to rate limit any other Redis instances than provided by Upstash themselves, so you'll have to provide your own Upstash Redis credentials. Alternatively we can create a shared development instance and use it instead
Sure thing! Should API routes be limited to 10 requests/second as well?
Yep, that should work for those as well.
Done!
Resolves #24
This PR introduces tRPC rate limit middleware that can be attached to any procedure via
.use()
Limitations are set in
Ratelimit.slidingWindow
arguments, where (1, '10 s') stands for "1 request per 10 seconds".Video demonstration:
https://github.com/Kyoso-Team/kyoso/assets/96246908/d1bbf674-dbfa-4e35-9499-369f36a0a0d7
Note: Upstash doesn't allow to rate limit any other Redis instances than provided by Upstash themselves, so you'll have to provide your own Upstash Redis credentials. Alternatively we can create a shared development instance and use it instead