Closed ubinatus closed 5 months ago
We intentionally soft cap this due to the nature of the critical path. All users are warned in the application and via email when the go over, and subsequently reminded if they continue. We can disable workspaces as needed.
Hi James! Thanks for the explanation. Understood, right. Makes sense not to hard cap API keys as it indeed represents a critical path for the user. Was just pointing this issue out just in case, since I saw that the enabled
workspace property was not being set in the codebase.
Yeah, saw the QUOTA
being used in a banner but missed seeing how else those workspaces were notified when this usage limit was reached.
Preliminary Checks
Reproduction / Replay Link (Optional)
No response
Issue Summary
Current workspaces under the Free plan are capable of use unlimited resources by just interacting with the Unkey API. There is no hard-cap that toggles the workspace
enabled
to false.In the internal billing package, the
QUOTA
variable it's currently for the dashboard to display a banner when the user exceeded their monthly usage, but it still will let them create more resources.https://github.com/unkeyed/unkey/blob/093875915d0838ad0742bc05b05af1bf10c48818/internal/billing/src/quota.ts#L8-L12
Steps to Reproduce
Expected behavior
Maybe there should be a hard-cap to avoid freerides from workspaces that don't have a paid plan.
A solution could be setting a workflow with a cron trigger so that in a specific interval that retrieves the free plan with exceeded usage and disables the workspaces.
By disabling the workspace the Unkey API will already prevent those exceeded usages, as it throws whenever a
workspace.enabled
is false. https://github.com/unkeyed/unkey/blob/093875915d0838ad0742bc05b05af1bf10c48818/apps/api/src/pkg/keys/service.ts#L266-L268Other information
No response
Screenshots
No response
Version info