Implement Redis rate limiting middleware for spam endpoints (FRE-4507)

- Add ioredis dependency to API package - Create Redis connection utility (apps/api/src/config/redis.ts) - Create Redis-backed spam rate limit middleware with per-minute and daily limits - Create spam classification routes (SMS, number reputation, call analysis, feedback) - Register middleware and routes in API server - Add 7 passing tests for rate limit enforcement - Update vitest config with required env vars Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-29 20:54:39 -04:00
parent 7928465a58
commit 3aead0d7bb
9 changed files with 1207 additions and 8 deletions
--- a/apps/api/src/config/redis.ts
+++ b/apps/api/src/config/redis.ts
@@ -0,0 +1,18 @@
+import { Redis } from 'ioredis';
+
+const redisHost = process.env.REDIS_HOST || 'localhost';
+const redisPort = parseInt(process.env.REDIS_PORT || '6379', 10);
+
+export const redis = new Redis({
+  host: redisHost,
+  port: redisPort,
+  retryStrategy: (times: number) => Math.min(times * 50, 2000),
+  lazyConnect: true,
+});
+
+export async function getRedisConnection(): Promise<Redis> {
+  if (redis.status === 'wait' || redis.status === 'connecting') {
+    await redis.connect();
+  }
+  return redis;
+}