-
Notifications
You must be signed in to change notification settings - Fork 397
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: remove comments from middleware test
- Loading branch information
Chris Stockton
committed
Oct 11, 2024
1 parent
b73147a
commit 356e535
Showing
1 changed file
with
0 additions
and
182 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -185,56 +185,6 @@ func (ts *MiddlewareTestSuite) TestVerifyCaptchaInvalid() { | |
| } | ||
| } | ||
|
|
||
| /* | ||
| func (ts *MiddlewareTestSuite) TestLimitEmailOrPhoneSentHandler() { | ||
| // Set up rate limit config for this test | ||
| ts.Config.RateLimitEmailSent = 5 | ||
| ts.Config.RateLimitSmsSent = 5 | ||
| ts.Config.External.Phone.Enabled = true | ||
| cases := []struct { | ||
| desc string | ||
| expectedErrorMsg string | ||
| requestBody map[string]interface{} | ||
| }{ | ||
| { | ||
| desc: "Email rate limit exceeded", | ||
| expectedErrorMsg: "429: Email rate limit exceeded", | ||
| requestBody: map[string]interface{}{ | ||
| "email": "[email protected]", | ||
| }, | ||
| }, | ||
| { | ||
| desc: "SMS rate limit exceeded", | ||
| expectedErrorMsg: "429: SMS rate limit exceeded", | ||
| requestBody: map[string]interface{}{ | ||
| "phone": "+1233456789", | ||
| }, | ||
| }, | ||
| } | ||
| limiter := ts.API.limitEmailOrPhoneSentHandler(NewLimiterOptions(ts.Config)) | ||
| for _, c := range cases { | ||
| ts.Run(c.desc, func() { | ||
| var buffer bytes.Buffer | ||
| require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.requestBody)) | ||
| req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) | ||
| req.Header.Set("Content-Type", "application/json") | ||
| w := httptest.NewRecorder() | ||
| ctx, err := limiter(w, req) | ||
| require.NoError(ts.T(), err) | ||
| // check that shared limiter is set in the request context | ||
| sharedLimiter := getLimiter(ctx) | ||
| require.NotNil(ts.T(), sharedLimiter) | ||
| }) | ||
| } | ||
| } | ||
| */ | ||
|
|
||
| func (ts *MiddlewareTestSuite) TestIsValidExternalHost() { | ||
| cases := []struct { | ||
| desc string | ||
|
|
@@ -392,138 +342,6 @@ func (ts *MiddlewareTestSuite) TestLimitHandler() { | |
| require.Equal(ts.T(), http.StatusTooManyRequests, w.Code) | ||
| } | ||
|
|
||
| /* | ||
| func (ts *MiddlewareTestSuite) TestLimitHandlerWithSharedLimiter() { | ||
| // setup config for shared limiter and ip-based limiter to work | ||
| ts.Config.RateLimitHeader = "X-Rate-Limit" | ||
| ts.Config.External.Email.Enabled = true | ||
| ts.Config.External.Phone.Enabled = true | ||
| ts.Config.Mailer.Autoconfirm = false | ||
| ts.Config.Sms.Autoconfirm = false | ||
| ipBasedLimiter := func(max float64) *limiter.Limiter { | ||
| return tollbooth.NewLimiter(max, &limiter.ExpirableOptions{ | ||
| DefaultExpirationTTL: time.Hour, | ||
| }) | ||
| } | ||
| okHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | ||
| limiter := getLimiter(r.Context()) | ||
| if limiter != nil { | ||
| var requestBody struct { | ||
| Email string `json:"email"` | ||
| Phone string `json:"phone"` | ||
| } | ||
| err := retrieveRequestParams(r, &requestBody) | ||
| require.NoError(ts.T(), err) | ||
| if requestBody.Email != "" { | ||
| if err := tollbooth.LimitByKeys(limiter.EmailLimiter, []string{"email_functions"}); err != nil { | ||
| sendJSON(w, http.StatusTooManyRequests, HTTPError{ | ||
| HTTPStatus: http.StatusTooManyRequests, | ||
| ErrorCode: ErrorCodeOverEmailSendRateLimit, | ||
| Message: "Email rate limit exceeded", | ||
| }) | ||
| } | ||
| } | ||
| if requestBody.Phone != "" { | ||
| if err := tollbooth.LimitByKeys(limiter.EmailLimiter, []string{"phone_functions"}); err != nil { | ||
| sendJSON(w, http.StatusTooManyRequests, HTTPError{ | ||
| HTTPStatus: http.StatusTooManyRequests, | ||
| ErrorCode: ErrorCodeOverSMSSendRateLimit, | ||
| Message: "SMS rate limit exceeded", | ||
| }) | ||
| } | ||
| } | ||
| } | ||
| w.WriteHeader(http.StatusOK) | ||
| }) | ||
| cases := []struct { | ||
| desc string | ||
| sharedLimiterConfig *conf.GlobalConfiguration | ||
| ipBasedLimiterConfig float64 | ||
| body map[string]interface{} | ||
| expectedErrorCode string | ||
| }{ | ||
| { | ||
| desc: "Exceed ip-based rate limit before shared limiter", | ||
| sharedLimiterConfig: &conf.GlobalConfiguration{ | ||
| RateLimitEmailSent: 10, | ||
| RateLimitSmsSent: 10, | ||
| }, | ||
| ipBasedLimiterConfig: 1, | ||
| body: map[string]interface{}{ | ||
| "email": "[email protected]", | ||
| }, | ||
| expectedErrorCode: ErrorCodeOverRequestRateLimit, | ||
| }, | ||
| { | ||
| desc: "Exceed email shared limiter", | ||
| sharedLimiterConfig: &conf.GlobalConfiguration{ | ||
| RateLimitEmailSent: 1, | ||
| RateLimitSmsSent: 1, | ||
| }, | ||
| ipBasedLimiterConfig: 10, | ||
| body: map[string]interface{}{ | ||
| "email": "[email protected]", | ||
| }, | ||
| expectedErrorCode: ErrorCodeOverEmailSendRateLimit, | ||
| }, | ||
| { | ||
| desc: "Exceed sms shared limiter", | ||
| sharedLimiterConfig: &conf.GlobalConfiguration{ | ||
| RateLimitEmailSent: 1, | ||
| RateLimitSmsSent: 1, | ||
| }, | ||
| ipBasedLimiterConfig: 10, | ||
| body: map[string]interface{}{ | ||
| "phone": "123456789", | ||
| }, | ||
| expectedErrorCode: ErrorCodeOverSMSSendRateLimit, | ||
| }, | ||
| } | ||
| for _, c := range cases { | ||
| ts.Run(c.desc, func() { | ||
| ts.Config.RateLimitEmailSent = c.sharedLimiterConfig.RateLimitEmailSent | ||
| ts.Config.RateLimitSmsSent = c.sharedLimiterConfig.RateLimitSmsSent | ||
| lmt := ts.API.limitHandler(ipBasedLimiter(c.ipBasedLimiterConfig)) | ||
| sharedLimiter := ts.API.limitEmailOrPhoneSentHandler(NewLimiterOptions(ts.Config)) | ||
| // get the minimum amount to reach the threshold just before the rate limit is exceeded | ||
| threshold := min(c.sharedLimiterConfig.RateLimitEmailSent, c.sharedLimiterConfig.RateLimitSmsSent, c.ipBasedLimiterConfig) | ||
| for i := 0; i < int(threshold); i++ { | ||
| var buffer bytes.Buffer | ||
| require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.body)) | ||
| req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) | ||
| req.Header.Add(ts.Config.RateLimitHeader, "0.0.0.0") | ||
| w := httptest.NewRecorder() | ||
| lmt.handler(sharedLimiter.handler(okHandler)).ServeHTTP(w, req) | ||
| require.Equal(ts.T(), http.StatusOK, w.Code) | ||
| } | ||
| var buffer bytes.Buffer | ||
| require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.body)) | ||
| req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) | ||
| req.Header.Add(ts.Config.RateLimitHeader, "0.0.0.0") | ||
| // check if the rate limit is exceeded with the expected error code | ||
| w := httptest.NewRecorder() | ||
| lmt.handler(sharedLimiter.handler(okHandler)).ServeHTTP(w, req) | ||
| require.Equal(ts.T(), http.StatusTooManyRequests, w.Code) | ||
| var data map[string]interface{} | ||
| require.NoError(ts.T(), json.NewDecoder(w.Body).Decode(&data)) | ||
| require.Equal(ts.T(), c.expectedErrorCode, data["error_code"]) | ||
| }) | ||
| } | ||
| } | ||
| */ | ||
|
|
||
| func (ts *MiddlewareTestSuite) TestIsValidAuthorizedEmail() { | ||
| ts.API.config.External.Email.AuthorizedAddresses = []string{"[email protected]"} | ||
|
|
||
|
|
||