Closed kishore03109 closed 7 months ago
This stack of pull requests is managed by Graphite. Learn more about stacking.
Join @kishore03109 and the rest of your teammates on Graphite
⚠️ The sha of the head commit of this PR conflicts with #1252. Mergify cannot evaluate rules on this PR. ⚠️
Problem
Our rate limiter is implemented wrongly. Couple of problems exist:
tokenExpiry
totokenExpiryInMs
This is not entirely true from reading the Cloudflare's documentation.
This PR uses the recommended approach of using the
CF-Connecting-IP
that cloudflare provides to assert the ip of the client instead.Moving forward, we never trust the proxy. When using Cloudflare in production env, we should use the
CF-Connecting-IP
instead to verify the cilent ip instead. We continue to usereq.ip
for dev environmentsI have verified that the
cf-incoming-ip
exists in staging env by logging itCloses GTA-24-011 WP3.
Breaking Changes
Tests