CartoDB-SQL-API/test/acceptance/rate-limit.js
2018-03-02 13:18:19 +01:00

170 lines
5.5 KiB
JavaScript

require('../helper');
const qs = require('querystring');
const assert = require('../support/assert');
const redis = require('redis');
const UserLimits = require('../../app/services/user_limits');
const rateLimitMiddleware = require('../../app/middlewares/rate-limit');
const { RATE_LIMIT_ENDPOINTS_GROUPS } = rateLimitMiddleware;
const server = require('../../app/server')();
let redisClient;
let keysToDelete = [];
const user = 'vizzuality';
var request = {
url: '/api/v1/sql?' + qs.stringify({
q: 'SELECT * FROM untitle_table_4'
}),
headers: {
host: 'vizzuality.cartodb.com'
},
method: 'GET'
};
function setLimit(count, period, burst) {
redisClient.SELECT(8, err => {
if (err) {
return;
}
const key = UserLimits.getRateLimitsStoreKey(user, RATE_LIMIT_ENDPOINTS_GROUPS.QUERY);
redisClient.rpush(key, burst);
redisClient.rpush(key, count);
redisClient.rpush(key, period);
keysToDelete.push(key);
});
}
describe('rate limit', function() {
before(function() {
global.settings.ratelimits.rateLimitsEnabled = true;
global.settings.ratelimits.endpoints.query = true;
redisClient = redis.createClient(global.settings.redis_port);
const count = 1;
const period = 1;
const burst = 1;
setLimit(count, period, burst);
});
after(function() {
global.settings.ratelimits.rateLimitsEnabled = false;
global.settings.ratelimits.endpoints.query = false;
keysToDelete.forEach( key => {
redisClient.del(key);
});
});
it("1 req/sec: 2 req/seg should be limited", function(done) {
assert.response(
server,
request,
{ status: 200 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '1');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '-1');
}
);
setTimeout(
function() {
assert.response(
server,
request,
{ status: 200 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '0');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '-1');
}
);
},
250
);
setTimeout(
function() {
assert.response(
server,
request,
{ status: 429 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '0');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '0');
}
);
},
500
);
setTimeout(
function() {
assert.response(
server,
request,
{ status: 429 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '0');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '0');
}
);
},
750
);
setTimeout(
function() {
assert.response(
server,
request,
{ status: 429 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '0');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '0');
}
);
},
950
);
setTimeout(
function() {
assert.response(
server,
request,
{ status: 200 },
function(err, res) {
assert.ifError(err);
assert.equal(res.headers['x-rate-limit-limit'], '2');
assert.equal(res.headers['x-rate-limit-remaining'], '0');
assert.equal(res.headers['x-rate-limit-reset'], '1');
assert.equal(res.headers['x-rate-limit-retry-after'], '-1');
setTimeout(done, 1000);
}
);
},
1050
);
});
});