From ef8d2edcc01454777a2cc4460dcfbea9c62f5c80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nuno=20G=C3=B3is?= Date: Thu, 15 Feb 2024 10:25:32 +0000 Subject: [PATCH] chore: rate limit calling inc webhooks (#6248) https://linear.app/unleash/issue/2-1942/rate-limit-incoming-webhooks-call-endpoint Adds a configurable rate limit to calling incoming webhooks. We're setting a 1RPS limit for now, but I'm open to suggestions. --- src/lib/__snapshots__/create-config.test.ts.snap | 1 + src/lib/create-config.ts | 5 +++++ src/lib/types/option.ts | 1 + 3 files changed, 7 insertions(+) diff --git a/src/lib/__snapshots__/create-config.test.ts.snap b/src/lib/__snapshots__/create-config.test.ts.snap index ca10ebbb8b..f6be6e39c4 100644 --- a/src/lib/__snapshots__/create-config.test.ts.snap +++ b/src/lib/__snapshots__/create-config.test.ts.snap @@ -173,6 +173,7 @@ exports[`should create default config 1`] = ` "prometheusApi": undefined, "publicFolder": undefined, "rateLimiting": { + "callIncomingWebhookMaxPerSecond": 1, "createUserMaxPerMinute": 20, "simpleLoginMaxPerMinute": 10, }, diff --git a/src/lib/create-config.ts b/src/lib/create-config.ts index 8ee28b38df..b8711e0509 100644 --- a/src/lib/create-config.ts +++ b/src/lib/create-config.ts @@ -142,10 +142,15 @@ function loadRateLimitingConfig(options: IUnleashOptions): IRateLimiting { process.env.SIMPLE_LOGIN_LIMIT_PER_MINUTE, 10, ); + const callIncomingWebhookMaxPerSecond = parseEnvVarNumber( + process.env.INCOMING_WEBHOOK_RATE_LIMIT_PER_SECOND, + 1, + ); const defaultRateLimitOptions: IRateLimiting = { createUserMaxPerMinute, simpleLoginMaxPerMinute, + callIncomingWebhookMaxPerSecond, }; return mergeAll([defaultRateLimitOptions, options.rateLimiting || {}]); } diff --git a/src/lib/types/option.ts b/src/lib/types/option.ts index 7491505d4e..cb91475c27 100644 --- a/src/lib/types/option.ts +++ b/src/lib/types/option.ts @@ -206,6 +206,7 @@ export interface IMetricsRateLimiting { export interface IRateLimiting { createUserMaxPerMinute: number; simpleLoginMaxPerMinute: number; + callIncomingWebhookMaxPerSecond: number; } export interface IUnleashConfig {