Rate Limit Revamp (#41)

* WIP * cleanup error handling * avoid error in unexpected redis * remove switch in fetch usage * avoid option with nil counter * use local counter * Use httprate.WithRequestLimit * allow clients to inject project id * mismatch error * small refactor * verify project from jwa * withProjectID unexported * more godoc and refactor * refactor tests * more test refactor * more testing * name test * test ensurepermission * pass function to inject RL * spend zero credits * rename type * simplify FetchUserPermission * add logging to permissions * check permission for jwt * return err again * project not found errors * session middleware * ACL * latest webrpc template * use transport * improve ACL * rate limiter handles services too * rename anonymous to public * rate limit directly in middleware * rename method * headers with quotas * PR review suggestions * Test Headers * Test session * fix session middleware * separate file * rename some files * use quota, ok format * fix godoc
0xsequence · Jul 3, 2024 · aa2b30d · aa2b30d
1 parent 45666ac
commit aa2b30d
Show file tree

Hide file tree

Showing 30 changed files with 2,419 additions and 2,447 deletions.
diff --git a/cache.go b/cache.go
@@ -29,8 +29,8 @@ type UsageCache interface {
 }
 
 type PermissionCache interface {
-	GetUserPermission(ctx context.Context, projectID uint64, userID string) (*proto.UserPermission, *proto.ResourceAccess, error)
-	SetUserPermission(ctx context.Context, projectID uint64, userID string, userPerm *proto.UserPermission, resourceAccess *proto.ResourceAccess) error
+	GetUserPermission(ctx context.Context, projectID uint64, userID string) (proto.UserPermission, *proto.ResourceAccess, error)
+	SetUserPermission(ctx context.Context, projectID uint64, userID string, userPerm proto.UserPermission, resourceAccess *proto.ResourceAccess) error
 	DeleteUserPermission(ctx context.Context, projectID uint64, userID string) error
 }
 
@@ -165,33 +165,33 @@ func (s *RedisCache) SpendComputeUnits(ctx context.Context, redisKey string, amo
 	cacheKey := fmt.Sprintf("%s%s", redisKeyPrefix, redisKey)
 	value, err := s.client.IncrBy(ctx, cacheKey, amount).Result()
 	if err != nil {
-		return 0, err
+		return v, err
 	}
 	return value, nil
 }
 
 type cacheUserPermission struct {
-	UserPermission *proto.UserPermission `json:"userPerm"`
+	UserPermission proto.UserPermission  `json:"userPerm"`
 	ResourceAccess *proto.ResourceAccess `json:"resourceAccess"`
 }
 
-func (s *RedisCache) GetUserPermission(ctx context.Context, projectID uint64, userID string) (*proto.UserPermission, *proto.ResourceAccess, error) {
+func (s *RedisCache) GetUserPermission(ctx context.Context, projectID uint64, userID string) (proto.UserPermission, *proto.ResourceAccess, error) {
 	cacheKey := fmt.Sprintf("%s%s", redisKeyPrefix, getUserPermKey(projectID, userID))
 	raw, err := s.client.Get(ctx, cacheKey).Bytes()
 	if err != nil {
 		if err == redis.Nil {
-			return nil, nil, nil // not found, without error
+			return proto.UserPermission_UNAUTHORIZED, nil, nil // not found, without error
 		}
-		return nil, nil, err
+		return proto.UserPermission_UNAUTHORIZED, nil, err
 	}
 	var v cacheUserPermission
 	if err := json.Unmarshal(raw, &v); err != nil {
-		return nil, nil, err
+		return proto.UserPermission_UNAUTHORIZED, nil, err
 	}
 	return v.UserPermission, v.ResourceAccess, nil
 }
 
-func (s *RedisCache) SetUserPermission(ctx context.Context, projectID uint64, userID string, userPerm *proto.UserPermission, resourceAccess *proto.ResourceAccess) error {
+func (s *RedisCache) SetUserPermission(ctx context.Context, projectID uint64, userID string, userPerm proto.UserPermission, resourceAccess *proto.ResourceAccess) error {
 	v := cacheUserPermission{
 		UserPermission: userPerm,
 		ResourceAccess: resourceAccess,