search

Kyoso-Team / kyoso

A web application that takes osu! tournaments beyonds spreadsheets.
http://kyoso.sh
GNU Affero General Public License v3.0
2 stars 1 forks source link

Implemented rate limit middleware #28

Closed ArtemOsuskyi closed 6 months ago

ArtemOsuskyi commented 6 months ago

Resolves #24

This PR introduces tRPC rate limit middleware that can be attached to any procedure via .use()

const ratelimit = new Ratelimit({
  redis: new Redis({
    url: getEnv().UPSTASH_REDIS_REST_URL,
    token: getEnv().UPSTASH_REDIS_REST_TOKEN
  }),
  limiter: Ratelimit.slidingWindow(1, '10 s')
});

Limitations are set in Ratelimit.slidingWindow arguments, where (1, '10 s') stands for "1 request per 10 seconds".

Video demonstration:

https://github.com/Kyoso-Team/kyoso/assets/96246908/d1bbf674-dbfa-4e35-9499-369f36a0a0d7

Note: Upstash doesn't allow to rate limit any other Redis instances than provided by Upstash themselves, so you'll have to provide your own Upstash Redis credentials. Alternatively we can create a shared development instance and use it instead

ArtemOsuskyi commented 6 months ago

Sure thing! Should API routes be limited to 10 requests/second as well?

L-Mario564 commented 6 months ago

Sure thing! Should API routes be limited to 10 requests/second as well?

Yep, that should work for those as well.

ArtemOsuskyi commented 6 months ago

Done!