From 860b4ff5b2269af524559f72e416bdab18d9c609 Mon Sep 17 00:00:00 2001 From: Amir Rajabi Date: Tue, 6 Jan 2026 14:40:06 +0330 Subject: [PATCH] Update RateLimitConfig.kt --- .../opex/api/app/config/RateLimitConfig.kt | 35 +++++++++++++------ 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/api/api-app/src/main/kotlin/co/nilin/opex/api/app/config/RateLimitConfig.kt b/api/api-app/src/main/kotlin/co/nilin/opex/api/app/config/RateLimitConfig.kt index f56888aef..fa67d5e65 100644 --- a/api/api-app/src/main/kotlin/co/nilin/opex/api/app/config/RateLimitConfig.kt +++ b/api/api-app/src/main/kotlin/co/nilin/opex/api/app/config/RateLimitConfig.kt @@ -1,8 +1,9 @@ package co.nilin.opex.api.app.config import co.nilin.opex.api.app.service.RateLimitCoordinatorService -import co.nilin.opex.api.core.inout.RateLimitEndpoint import co.nilin.opex.api.core.spi.RateLimitConfigService +import co.nilin.opex.common.OpexError +import org.slf4j.LoggerFactory import org.springframework.http.HttpStatus import org.springframework.security.core.context.ReactiveSecurityContextHolder import org.springframework.stereotype.Component @@ -18,6 +19,7 @@ class RateLimitConfig( private val coordinator: RateLimitCoordinatorService ) : WebFilter { + private val logger = LoggerFactory.getLogger(RateLimitConfig::class.java) private val parser = PathPatternParser() override fun filter(exchange: ServerWebExchange, chain: WebFilterChain): Mono { @@ -36,14 +38,18 @@ class RateLimitConfig( return chain.filter(exchange) } - return applyRateLimitIfAuthenticated(exchange, chain, endpoint) + return applyRateLimitIfAuthenticated( + exchange, + chain, + endpoint.groupId + ) } private fun applyRateLimitIfAuthenticated( exchange: ServerWebExchange, chain: WebFilterChain, - endpoint: RateLimitEndpoint + groupId: Long ): Mono { return ReactiveSecurityContextHolder.getContext() @@ -51,7 +57,9 @@ class RateLimitConfig( .filter { it.isAuthenticated } .flatMap { auth -> if (auth != null && !auth.name.isNullOrBlank()) - applyRateLimit(auth.name, exchange, chain, endpoint) + applyRateLimit( + auth.name, exchange, chain, groupId + ) else chain.filter(exchange) } @@ -63,23 +71,29 @@ class RateLimitConfig( identity: String, exchange: ServerWebExchange, chain: WebFilterChain, - endpoint: RateLimitEndpoint + groupId: Long ): Mono { - val group = rateLimitConfig.getGroup(endpoint.groupId) + val group = rateLimitConfig.getGroup(groupId) ?: return chain.filter(exchange) val result = coordinator.check( identity = identity, - groupId = endpoint.groupId, + groupId = groupId, maxRequests = group.requestCount, windowSeconds = group.requestWindowSeconds, - apiPath = endpoint.url, - apiMethod = endpoint.method + apiPath = exchange.request.uri.path, + apiMethod = exchange.request.method.name() ) return if (result.blocked) { - tooManyRequests(exchange, identity, endpoint.url, endpoint.method, result.retryAfterSeconds) + tooManyRequests( + exchange, + identity, + exchange.request.uri.path, + exchange.request.method.name(), + result.retryAfterSeconds + ) } else { chain.filter(exchange) } @@ -93,6 +107,7 @@ class RateLimitConfig( method: String, retryAfterSeconds: Int ): Mono { + logger.info("Rate limit exceeded ($identity) -- $method:$url") exchange.response.statusCode = HttpStatus.TOO_MANY_REQUESTS return exchange.response.writeWith( Mono.just(