linear[bot]
commented
5 months ago Closed CahidArda closed 5 months ago
linear[bot]
commented
5 months ago 
vercel[bot]
commented
5 months ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| ratelimit-with-vercel-kv | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | May 31, 2024 10:14am |
CahidArda
commented
5 months ago I think we can go ahead with this PR even though the tests are not passing because they are flaky. Here are two runs with two different tests failing even though the code didn't change between them: 1, 2.
I looked into recording network traffic like langchain does but that's only in python. I want to fix the tests but let's do it another time
Deny List
In redis, we keep sets of denied values. One set each for identifiers, ips, countries and user agents. Finally, there is a set of all blocked values. Upstash console is responsible for managing these sets. Ratelimit sdk is only interested in the set of all blocked values stored in key
<prefix>:denyList:all.Enabling deny list in the sdk:
Passing ip, user agent or country in
limit:all three fields are optional. One can pass none/some/all.
Inside limit, we check if any of the three fields or the identifier is in the deny list. If so, we return
{success: false, reason: "denyList", ...}Deny List Cache
When a value is found in the deny list at redis, we store the value for a minute in a local cache. If that value is passed to the
limitmethod in the next minute, we block the request withreason: "denyList"without making any requests to Redis.reasonfield inlimitresponseWe add a new field to the response of
limit, which can be either "timeout", "cacheBlock" or "denyList". In the case of "denyList", there is an additional field_deniedValuewhich denotes the value in deny list.Deny List Analytics
When a request is denied, we submit increment
{identifier: <deniedValue>, success:"denied"}by one.Previously:
limit. Now it can be one of the 4 parameters.Todo: