chore: Rate limiter audit (#3965)

* chore: Rate limiter audit api/users * Make requests required * api/collections * Remove checkRateLimit on FileOperation (now done at route level through rate limiter) * auth rate limit * Add metric logging when rate limit exceeded * Refactor to shared configs * test
2022-08-14 16:04:04 +01:00
parent 9338328a82
commit a326e0ee88
14 changed files with 367 additions and 282 deletions
--- a/app/utils/ApiClient.ts
+++ b/app/utils/ApiClient.ts
@@ -12,6 +12,7 @@ import {
  NetworkError,
  NotFoundError,
  OfflineError,
+  RateLimitExceededError,
  RequestError,
  ServiceUnavailableError,
  UpdateRequiredError,
@@ -181,6 +182,12 @@ class ApiClient {
      throw new ServiceUnavailableError(error.message);
    }

+    if (response.status === 429) {
+      throw new RateLimitExceededError(
+        `Too many requests, try again in a minute.`
+      );
+    }
+
    throw new RequestError(`Error ${response.status}: ${error.message}`);
  };