Add path.identifer

Trying to fix async/await issue
Merge branch 'fix/add-global-rate-limiting' of github.com:calcom/cal.com into fix/add-global-rate-limiting
2023-11-17 11:26:05 +00:00 · 2023-11-16 17:17:15 -03:00 · 2023-11-16 17:04:18 -03:00 · 2023-11-16 17:01:45 -03:00 · 2023-11-16 16:26:57 -03:00 · 2023-11-16 16:25:14 -03:00
4 changed files with 51 additions and 4 deletions
--- a/packages/lib/rateLimit.ts
+++ b/packages/lib/rateLimit.ts
@ -81,6 +81,12 @@ export function rateLimiter() {
      prefix: "ratelimit",
      limiter: Ratelimit.fixedWindow(20, "1d"),
    }),
+    trpc: new Ratelimit({
+      redis,
+      analytics: true,
+      prefix: "ratelimit",
+      limiter: Ratelimit.fixedWindow(500, "60s"),
+    }),
  };

  async function rateLimit({ rateLimitingType = "core", identifier }: RateLimitHelper) {
--- a/packages/trpc/server/middlewares/rateLimitMiddleware.ts
+++ b/packages/trpc/server/middlewares/rateLimitMiddleware.ts
@ -0,0 +1,24 @@
+import type { NextApiRequest } from "next/types";
+
+import { checkRateLimitAndThrowError } from "@calcom/lib/checkRateLimitAndThrowError";
+import getIP from "@calcom/lib/getIP";
+
+import { middleware } from "../trpc";
+
+const rateLimitMiddleware = middleware(async ({ ctx, next, path, meta }) => {
+  console.log(ctx, meta);
+  if (true) {
+    const userIp = ctx.req && getIP(ctx.req as NextApiRequest);
+
+    const identifier = userIp || ctx?.user?.id.toString();
+
+    await checkRateLimitAndThrowError({
+      rateLimitingType: "core",
+      identifier: `${path}.${identifier}`,
+    });
+  }
+
+  return next();
+});
+
+export default rateLimitMiddleware;
--- a/packages/trpc/server/procedures/authedProcedure.ts
+++ b/packages/trpc/server/procedures/authedProcedure.ts
@ -1,5 +1,6 @@
 import captureErrorsMiddleware from "../middlewares/captureErrorsMiddleware";
 import perfMiddleware from "../middlewares/perfMiddleware";
+import rateLimitMiddleware from "../middlewares/rateLimitMiddleware";
 import { isAdminMiddleware, isAuthed, isOrgAdminMiddleware } from "../middlewares/sessionMiddleware";
 import { procedure } from "../trpc";
 import publicProcedure from "./publicProcedure";
@ -24,10 +25,22 @@ const isRateLimitedByUserIdMiddleware = ({ intervalInMs, limit }: IRateLimitOpti
      return next({ ctx: { user: ctx.user, session: ctx.session } });
    });
 */
-const authedProcedure = procedure.use(captureErrorsMiddleware).use(perfMiddleware).use(isAuthed);
+const authedProcedure = procedure
+  .use(captureErrorsMiddleware)
+  .use(rateLimitMiddleware)
+  .use(perfMiddleware)
+  .use(isAuthed);
+
 /*export const authedRateLimitedProcedure = ({ intervalInMs, limit }: IRateLimitOptions) =>
 authedProcedure.use(isRateLimitedByUserIdMiddleware({ intervalInMs, limit }));*/
-export const authedAdminProcedure = publicProcedure.use(captureErrorsMiddleware).use(isAdminMiddleware);
-export const authedOrgAdminProcedure = publicProcedure.use(captureErrorsMiddleware).use(isOrgAdminMiddleware);
+export const authedAdminProcedure = publicProcedure
+  .use(captureErrorsMiddleware)
+  .use(rateLimitMiddleware)
+  .use(isAdminMiddleware);
+
+export const authedOrgAdminProcedure = publicProcedure
+  .use(captureErrorsMiddleware)
+  .use(rateLimitMiddleware)
+  .use(isOrgAdminMiddleware);

 export default authedProcedure;
--- a/packages/trpc/server/procedures/publicProcedure.ts
+++ b/packages/trpc/server/procedures/publicProcedure.ts
@ -1,7 +1,11 @@
 import captureErrorsMiddleware from "../middlewares/captureErrorsMiddleware";
 import perfMiddleware from "../middlewares/perfMiddleware";
+import rateLimitMiddleware from "../middlewares/rateLimitMiddleware";
 import { tRPCContext } from "../trpc";

-const publicProcedure = tRPCContext.procedure.use(captureErrorsMiddleware).use(perfMiddleware);
+const publicProcedure = tRPCContext.procedure
+  .use(captureErrorsMiddleware)
+  .use(rateLimitMiddleware)
+  .use(perfMiddleware);

 export default publicProcedure;
Author	SHA1	Message	Date
Sean Brydon	91075f8fb1	Add path.identifer	2023-11-17 11:26:05 +00:00
Keith Williams	6c5fdce9db	Trying to fix async/await issue	2023-11-16 17:17:15 -03:00
Keith Williams	167ac33604	Merge branch 'fix/add-global-rate-limiting' of github.com:calcom/cal.com into fix/add-global-rate-limiting	2023-11-16 17:04:18 -03:00
Keith Williams	32ea639019	Added trpc category	2023-11-16 17:01:45 -03:00
Keith Williams	64f9e26a8d	Update createNextApiHandler.ts	2023-11-16 16:26:57 -03:00
Keith Williams	6146544b97	Moved it to middleware	2023-11-16 16:25:14 -03:00
Keith Williams	2442a34b15	chore: Add global rate limiting to tRPC	2023-11-16 16:21:39 -03:00